Ukraine says it’s targeted by ‘massive wave of hybrid warfare’

Ukrainian flag

The Security Service of Ukraine (SSU) today said the country is the target of an ongoing “wave of hybrid warfare,” aiming to instill anxiety and undermine Ukrainian society’s confidence in the state’s ability to defend its citizens.

“Ukraine is facing attempts to systemically sow panic, spread fake information and distort the real state of affairs. All this combined is nothing more than another massive wave of hybrid warfare,” the SSU said.

The SSU added that it had to counteract multiple such attempts linked to hostile intelligence agencies and bot farms targeting both social networks and mass media.

“The SSU is seeing such manifestations of hybrid warfare in social networks, some mass media, in the spread of narratives of the aggressor state by certain politicians, etc. The SSU is not just observing these, but also actively counteracting to them,” the Ukrainian Security Service added.

“This is reflected in the NSDC decisions, number of neutralized cyberattacks, dismantling of numerous bot farms, exposing agent networks of hostile intelligence services and preventing sabotage and terrorist attacks.”

For instance, last week, the Ukrainian government security agency dismantled two bot farms linked to Russian special services and controlling 18,000 social network accounts.

The two botnets were used to distribute fake news that would spread panic and send bomb threats designed to disrupt operations across the country.

On February 1st, the Ukrainian Computer Emergency Response Team also warned of attacks against Ukrainian authorities, coordinated by the Gamaredon hacking group (previously linked to Russia’s Federal Security Service (FSB) by the Ukrainian security (SSU) and secret (SBU) services).

One day later, the SSU said it blocked over 120 cyberattacks targeting the information systems of Ukrainian state institutions throughout January 2022.

Microsoft also said on February 4th that Gamaredon is the threat group behind a wave of spear-phishing emails targeting Ukrainian entities and organizations related to Ukrainian affairs since at least October 2021.

Redmond security and threat researchers added that Gamaredon’s ongoing cyber-espionage campaign is coordinated out of Crimea, confirming SSU’s assessment that these state-backed hackers are officers of the Crimean FSB known to have sided with the Russian occupation during the 2014 occupation.

However, as Microsoft pointed out, Gamaredon is not linked with the January cyberattacks that targeted Ukraine’s government agencies and corporate entities with destructive data-wiping malware disguised as ransomware.