Russian military hackers have recently been involved in a campaign targeting Ukrainian soldiers’ mobile devices, aiming to steal sensitive battlefield information that could aid the Kremlin’s war on Ukraine. This warning comes from the United States and its allies, including Australia, Canada, New Zealand, and the United Kingdom. The report corroborates a finding from Ukraine’s SBU security service, which discovered that Russian hackers were attempting to infiltrate the Android tablets used by the Ukrainian military for planning and carrying out combat missions.

The hackers employed malicious code designed to intercept data transmitted from soldiers’ mobile devices to the Starlink satellite system, owned by billionaire Elon Musk’s company. The Starlink satellites have played an essential role in facilitating battlefield communications for Ukraine, as previously reported by CNN. The fact that Russia is resorting to cyber espionage to gain an advantage in the conflict showcases the significance of controlling sensitive military data in cyberspace in today’s warfare.

While the extent of the hacking campaign’s success remains unclear, the SBU security service claimed to have blocked some of the attempts. However, they also admitted that the Russian hackers had captured tablets on the battlefield and planted malicious software on them. The use of mobile malware is particularly concerning as it allows intelligence services to obtain the physical locations of targets, making it highly effective in a combat situation.

This campaign occurs alongside Ukraine’s ongoing counteroffensive against Russian forces. Despite months of fighting, Ukraine has struggled to make significant breakthroughs, prompting concern among US officials. The cyber activity has been attributed to Sandworm, a notorious hacking unit within Russia’s military intelligence directorate. Sandworm was also responsible for previous cyberattacks that disrupted power in Ukraine in 2015 and 2016.

The Russian Embassy in Washington, DC, has been requested to comment on these allegations. Paul Chichester, the director of operations at the UK’s National Cyber Security Centre, stated that this hacking campaign exemplifies how Russia’s illegal war in Ukraine is increasingly playing out in the digital realm. However, it is worth noting that pro-Ukraine hackers have also attempted to retaliate by launching attacks on Russian assets both in Ukraine and on Russian soil.

In response to Russian aggression, the US military’s Cyber Command has conducted offensive cyber operations to support Ukraine’s defense against Russia. The head of the command, Gen. Paul Nakasone, confirmed this last year. Since the start of Moscow’s invasion of Ukraine in February 2022, Russian intelligence services have launched numerous cyberattacks targeting Ukrainian infrastructure, including energy and transportation systems. Although some attacks have caused temporary disruptions, Kyiv’s digital defenses have demonstrated resilience.

Despite the relatively limited impact of Russian cyberattacks during the war, compared to expectations driven by Russia’s reputation in this field, it is challenging to accurately assess the scope and impact of such operations in the midst of the fog of war. Both sides have incentives to exaggerate their successes, adding further complexity to the situation.

(Source: CNN)

