Russia’s relentless digital assaults on Ukraine may have caused less damage than many anticipated. But most of its hacking is focused on a different goal that gets less attention but has chilling potential consequences: data collection. Ukrainian agencies breached on the eve of the Feb. 24 invasion include the Ministry of Internal Affairs, which oversees the police, national guard and border patrol. A month earlier, a national database of automobile insurance policies was raided during a diversionary cyberattack that defaced Ukrainian websites. The hacks, paired with prewar data theft, likely armed Russia with extensive details on much of Ukraine’s population, cybersecurity and military intelligence analysts say. It’s information Russia can use to identify and locate Ukrainians most likely to resist an occupation, and potentially target them for internment or worse. “Fantastically useful information if you’re planning an occupation,” Jack Watling, a military analyst at the U.K. think tank Royal United Services Institute, said of the auto insurance data, “knowing exactly which car everyone drives and where they live and all that.” As the digital age evolves, information dominance is increasingly wielded for social control, as China has shown in its repression of the Uyghur minority. It was no surprise to Ukrainian officials that a prewar priority for Russia would be compiling information on the citizenry. “The idea was to kill or imprison these people at the early stages of occupation,” Victor Zhora, a senior Ukrainian cyber defense official, alleged. Aggressive data collection accelerated just ahead of the invasion, with hackers serving Russia’s military increasingly targeting individual Ukrainians, according to Zhora’s agency, the State Service for Special Communications and Information Protection. Serhii Demediuk, deputy secretary of Ukraine’s National Security and Defense Council, said via email that personal data continues to be a priority for Russian hackers as they attempt more government network breaches: “Cyberwarfare is really in the hot phase nowadays.” There is little doubt political targeting is a goal. Ukraine says Russian forces have killed and kidnapped local leaders where they grab territory. Demediuk was stingy with specifics but said Russian cyberattacks in mid-January and as the invasion commenced sought primarily to “destroy the information systems of government agencies and critical infrastructure” and included data theft. The Ukrainian government says the Jan. 14 auto insurance hack resulted in the pilfering of up to 80% of Ukrainian policies registered with the Motor Transport Bureau. Demediuk acknowledged that the Ministry of Internal Affairs was among government agencies breached Feb. 23. He said data was stolen but would not say from which agencies, only that it “has not led to significant consequences, especially when it comes to data on servicemen or volunteers.” Security researchers from ESET and other cybersecurity firms that work with Ukraine said the networks were compromised months earlier, allowing ample time for stealthy theft. The data collection by hacking is a work long in progress. A unit of Russia’s FSB intelligence agency that researchers have dubbed Armageddon has been doing it for years out of Crimea, which Russia seized in 2014. Ukraine says it sought to infect more than 1,500 Ukrainian government computer systems. Since October it has tried to breach and maintain access to government, military, judiciary and law enforcement agencies as well as nonprofits, with a primary goal of “exfiltrating sensitive information,” Microsoft said in a Feb. 4 […]

The post A Chilling Russian Cyber Aim In Ukraine: Digital Dossiers appeared first on The Yeshiva World.