Cyber Attacks in Times of Conflict
The CyberPeace Institute has been documenting and analyzing data on the cyberattacks and operations in the context of the armed conflict between Ukraine and the Russian Federation since January 2022. In this 2-part video series, we provide observations based on our analysis of the data which can contribute to an understanding of the integral part that cyberattacks play in this conflict.
Episode 1: The Surge of Civilians
This first episode provides an overview of the complex range of different threat actors conducting cyberattacks in the context of the ongoing armed conflict. This includes state actors and non-state actors, such as Advanced Persistent Threats (APTs), hacktivist collectives, and criminal groups. The episode also focuses on the targeting of critical infrastructure, the obligation to protect the civilian population, as well as the legal and policy challenges such cyberattacks are posing.
Episode 2: The Cyber Harm Timeline
In this second episode, specific examples of cyberattacks are used to demonstrate the three main chronological phases of the conflict to date, the changes that have been evidenced in the means employed by cyber attackers and the harm to people and communities. In looking at the lessons learned, there is an overview of the types of cyberattacks - destructive, disruptive, data weaponization - and the use of cyber influence operations (disinformation). The episode also sheds light on the cyberattacks that have taken place beyond the borders of the two belligerent countries.
These explainer videos are also an important means to highlight the obligations to respect and ensure respect of international law. The CyberPeace Institute calls upon all actors to spare civilians and other protected persons, civilian objects, and infrastructure which ensures the delivery of essential services in line with International Humanitarian Law. This is an obligation of all parties to the armed conflict. Respecting this law is important to save lives and reduce suffering.