As Russia invades Ukraine, the cyber threats are subtle — for now
AYESHA RASCOE, HOST:
A violent, full-scale Russian invasion is underway in Ukraine. And while we haven't seen a massive, attention-grabbing cyberattack yet to accompany the explosives, the digital threat is present in more subtle ways. NPR cybersecurity correspondent Jenna McLaughlin joins us to talk about it. Hey there.
JENNA MCLAUGHLIN, BYLINE: Hey, Ayesha.
RASCOE: So, Jenna, things have gotten pretty dire on the ground across Ukraine. Our colleagues have been hearing explosives and air raid sirens. What's been happening in cyberspace?
MCLAUGHLIN: So, absolutely, the attention has been and should be on innocent civilians caught up in war. But cyberattacks and disinformation are definitely a part of Russia's overall strategy to stoke chaos and inspire fear. It's honestly been really hard to keep up to date. There's been so much happening. But recently, a couple of cybersecurity companies discovered that hackers have destroyed dozens of computers at a financial institution and other organizations and not just Ukraine but also Latvia and Lithuania. And that was called a wiper attack. In other words, it wipes the data and renders the computer inoperable.
Investigators have also uncovered dangerous fake websites that were clones of official Ukrainian government websites. There's been an increase in phishing attacks targeting Ukrainians, some communications outages and ongoing denial of service attacks that have taken down websites in Ukraine. And that's all on top of overt messaging from Russian officials about wanting to supposedly de-Nazifying Ukraine. It's not one big thing, but a lot of smaller things contribute to this real sense of terror.
RASCOE: And how are the Ukrainians responding to all this?
MCLAUGHLIN: So Ukrainians are fighting back. They're keeping websites and newspapers online, defending infrastructure. Plus, outside of official channels, Reuters first reported and NPR confirmed that a Ukrainian cybersecurity executive is actively recruiting hackers from around the world. He's bringing them together using Telegram and Google documents. A source said that they've already gathered 380 hacker volunteers from Pakistan to Ukraine. And they've been in touch with representatives from Anonymous, the notorious hacktivist collective. And they say that they took down the website for Russian state news outlet RT as well as energy giant Gazprom. Even Russian cybersecurity officials are feeling the heat and seem scared that they may get hit by worse cyberattacks.
RASCOE: Wow. So, I mean, what are you hearing from the Russians about this?
MCLAUGHLIN: So yesterday a Kremlin cybersecurity official posted an alert warning Russian organizations, including critical infrastructure, to be on the lookout for potential cyberattacks aimed at disrupting services, and some Russian sites were blocked from foreign traffic temporarily. This could be an indication that Russian officials are prepping for possible blowback and that they feel vulnerable to a Western response in cyberspace. A couple of groups of cybercriminals who use ransomware actually posted a message on the dark web today saying that they supported the Russian government and would get involved if hackers targeted the Kremlin, though some of them took those messages back soon after. It's getting really chaotic in cyberspace, and there's a huge potential for escalation.
RASCOE: So just really quickly, is there - we haven't seen anything like a power grid getting shut down. Could it still get worse? We only have about 30 seconds.
MCLAUGHLIN: Right. Look. We're still in the early stages here. Russia has shown the capability to shut off the power and target Ukrainian businesses in the past. But honestly, you know, there's still a lot that could happen, including beyond Ukraine's borders. I think cyber will remain a key battlefront in this war.
RASCOE: That's NPR cybersecurity correspondent Jenna McLaughlin. Thanks.
MCLAUGHLIN: Thank you.
(SOUNDBITE OF THE END OF THE OCEAN'S "WORTH EVERYTHING EVER WISHED FOR") Transcript provided by NPR, Copyright NPR.