SA could suffer cyber attack over Ukraine/Russia stance
Geneva-based NGO Cyber Peace Institute (CPI) says South Africa could become a target of cyber attacks due to its stance on the Ukraine/Russia conflict.
Delivering a keynote address via virtual link at ITWeb Security Summit 2023 this morning, CPI CEO Stéphane Duguin referred to recent allegations that SA provided weapons and ammunition to Russia.
He also referenced the possible ramifications of an imminent visit by Russian president Vladimir Putin in August as part of the BRICS leaders’ summit.
CPI monitors the harm to civilians and critical infrastructure, particularly in the context of the fallout from the ongoing Ukraine/Russian conflict.
Duguin said that based on the organisation’s research, there have been cyber attacks launched on public entities that adopt an official stance or take any action, such as sanctions, in the context of the Ukraine/Russia war.
The institute advocates for the preservation of rights and freedoms related to the use of technologies, both old and new. Its core objective is to help create and sustain cyber peace.
Duguin was asked if there was any likelihood that cyber wars could escalate to the extent that nuclear power stations are attacked.
“We consider the threat landscape and assess the risk…including to nuclear infrastructure. To date, in terms of cyber wars escalating and posing a different level of risk, we have not seen that as yet,” he responded.
Any critical infrastructure can be a target, he noted, citing the healthcare sector as an example, one that threat actors often go after.
According to the CPI’s quarterly analysis report, from January to March this year, 104 cyber incidents occurred in the Ukraine, 65 in the Russian Federation and 475 in other countries. Public administration, transportation and manufacturing are the most targeted sectors.
It also showed that 95% of incidents are DDOS attacks, with Poland, the US and Germany identified as the most targeted countries. It stated the emergence of Anonymous Sudan as a threat to organisations, having been linked to 25 DDOS attacks against organisations in five countries and eight sectors.
“The increase in incidents in other countries is highly likely associated with announcements of increased military support and supply of heavy weaponry,” says the CPI report.
Emma Raffray, chief research and analysis officer at CPI, told ITWeb that organisations in SA could feel the ripple effect of distant geopolitical and economic decisions taken far away from their own country – such as the Ukraine/Russian conflict – if they have resources, infrastructure or supply chain partners based in either of the waring countries.
“Although our data collection began with incidents impacting organisations in Ukraine following the February 2022 invasion, our research indicated a need to look beyond the borders of Ukraine as cyber attacks relating to the conflict were spilling over into other countries, including the Russian Federation and beyond. Our primary concern was to track how these attacks impact and harm people,” explains Raffray.
Participating in a panel discussion at the summit, Christopher MacRoberts, legal director at Clyde and Co, also warned that recent developments in SA’s geopolitical stance could amplify cyber risks.
“If we start taking sides in current events around the world, we may find ourselves subject to that fifth domain of cyber and cyber espionage.”