Often, untangling the digital threads of such cyberoperations can takes days or weeks, which is one of the appeals of their use in modern conflicts. Sophisticated cybertools have turned up in standoffs between Israel and Iran, and the United States blamed Russia for using hacking to influence the 2016 election in the United States to benefit Donald J. Trump.
Understand the Escalating Tensions Over Ukraine
Ukraine has long been viewed as a testing ground for Russian online operations, a sort of free-fire zone for cyberweaponry in a country already entangled in a real world shooting war with Russian-backed separatists in two eastern provinces. The U.S. government has traced some of the most drastic cyberattacks of the past decade to Russian actions in Ukraine.
Tactics seen first in Ukraine have later popped up elsewhere. A Russian military spyware strain called X-Agent or Sofacy that Ukrainian cyber experts say was used to hack Ukraine’s Central Election Commission during a 2014 presidential election, for example, was later found in the server of the Democratic National Committee in the United States after the electoral hacking attacks in 2016.
Other types of malware like BlackEnergy, Industroyer and KillDisk, intended to sabotage computers used to control industrial processes, shut down electrical substations in Ukraine in 2015 and 2016, causing blackouts, including in the capital, Kyiv.
The next year, a cyberattack targeting Ukrainian businesses and government agencies that spread, perhaps inadvertently, around the world in what Wired magazine later called “the most devastating cyberattack in history.” The malware, known as NotPetya, had targeted a type of Ukrainian tax preparation software but apparently spun out of control, according to experts.
The attack initially seemed narrowly focused on the conflict between Ukraine and Russia. It coincided with the assassination of a Ukrainian military intelligence officer in a car bombing in Kyiv and the start of an E.U. policy granting Ukrainians visa-free travel, an example of the type of integration with the West that Russia has opposed.
But NotPetya spread around the world, with devastating results, illustrating the risks of collateral damage from military cyberattacks for people and businesses whose lives are increasingly conducted online, even if they live far from conflict zones. Russian companies, too, suffered when the malware started to circulate in Russia.