- Ukraine says Russian hackers are targeting war crimes investigations
- Shift in focus will be highlighted in the upcoming official report
- Hackers also want to help Russians arrested in Ukraine
- The Russian authorities initially did not comment on the allegations
KYIV/LONDON, Sept 22 (Portal) – Russian spies are using hackers to attack computer systems at law enforcement agencies in Ukraine to identify and obtain evidence related to suspected Russian war crimes, the head of Ukraine’s cyber defense told Portal on Friday .
The hackers, working across all of Russia’s foreign, domestic and military intelligence services, have stepped up their digital intrusion campaigns against the Ukrainian Prosecutor General’s office and departments that document war crimes, said Yurii Shchyhol, head of the State Service for Special Communications and Information Protection of Ukraine (SSSCIP ), which takes care of cyber defense in the embattled country.
“There has been a change in direction from a focus on energy facilities to law enforcement agencies, which previously were not targeted as much,” Shchyhol said.
“This shift toward courts, prosecutors and law enforcement shows that hackers are gathering evidence of Russian war crimes in Ukraine” to pursue Ukraine’s investigations, he added.
The spying activity will be highlighted in an upcoming SSSCIP report to be released on Monday.
The report, a copy of which was reviewed by Portal, said hackers also attempted to collect information about Russian nationals arrested in Ukraine in order to “help these individuals evade prosecution and return them to Russia.”
“The groups we have identified as being involved in this activity belong to the Russian intelligence services GRU and FSB,” Shchyhol said.
The Russian Foreign Ministry and the Federal Security Service (FSB) did not immediately respond to written requests for comment from Portal. The Russian military intelligence service GRU could not be reached for comment.
Shchyhol declined to name exactly which units were affected by the hacking campaign, citing security concerns. The number of cybersecurity incidents documented by the SSSCIP increased by 123% in the first six months of this year compared to the second half of 2022, he added.
Russian hackers primarily targeted government agencies and tried to gain access to their email servers, Shchyhol said, without elaborating. Portal was unable to independently verify any of the hacks described by Shchyhol and the report.
On Tuesday, the Netherlands-based International Criminal Court (ICC) said it had detected “unusual activity” on its computer network late last week. It was still unclear on Friday who was behind the hack.
The court made headlines in March when it issued an arrest warrant for Russian President Vladimir Putin on suspicion of illegally deporting children from Ukraine. The Kremlin rejects the allegations and the court’s jurisdiction.
HYBRID WAR
Before Russia’s invasion of Ukraine in February 2022, Western intelligence agencies warned of possible cyberattacks that could spread elsewhere and cause “spillover” damage to global computer networks.
Although there has been little evidence of spillover, Russia has regularly used hacking attacks alongside its military operations.
An attempt by a Russian intelligence hacking group called “Sandworm” to launch a destructive cyberattack on the Ukrainian power grid was foiled in April 2022.
Shchyhol said his department had seen evidence that Russian hackers had accessed private security cameras in Ukraine to monitor the outcome of long-range missile and drone attacks.
“We have documented several attempts to gain access to video cameras near the facilities they attacked and to systems that provide information about the stability of the energy grid,” he said.
Russia attacked Ukraine’s energy infrastructure last year with a winter airstrike, causing widespread power outages for millions of people. Shchyhol said energy infrastructure has also been targeted by cyberattacks and he expects those attacks to happen again this winter.
“You must understand that cyberwar will not end even if Ukraine wins on the battlefield,” Shchyhol said.
Reporting by Tom Balmforth in Kiev and James Pearson in London; Editing by Mike Collett-White and Gareth Jones
Our standards: The Thomson Portal Trust Principles.
Acquire license rights, opens new tab