Russian military hackers have been attacking the mobile devices of Ukrainian soldiers in an attempt to steal sensitive information from the battlefield that could help The Kremlin’s war against Ukrainethe United States and its allies warned Thursday.
The new advisory The United States and its “Five Eyes” allies (Australia, Canada, New Zealand and the United Kingdom) corroborate a report by Ukraine’s SBU security service that found that Russian hackers tried to infiltrate Android tablets that the military Ukrainian used for “planning and carrying out combat missions”.
The Russian hackers’ malicious code was designed to steal data sent from soldiers’ mobile devices to the Starlink satellite system made by billionaire Elon Musk’s company, according to the SBU. Starlink satellites have been crucial to communications on the Ukrainian battlefield. CNN previously reported.
The news shows how the fight to control sensitive military data in cyberspace has been a key front in Russia’s full-scale war against Ukraine.
It is unclear how successful the hacking effort was. Ukraine’s SBU security service claimed to have “blocked” some of the hacking attempts, but also admitted that the Russians had “captured” the tablets on the battlefield and planted malicious software on them.
“Mobile malware is particularly insidious because it can provide intelligence services with the physical location of their targets,” said John Hultquist, chief analyst at Google-owned security firm Mandiant. That ability, Hultquist told CNN, can be “extremely effective on the battlefield.”
The hacking campaign comes amid a Ukrainian counteroffensive It has been a slow and exhausting fight to push back the Russian forces. US officials have privately expressed concerns that Ukraine has been unable to make substantial progress in months of fighting.
The United States and its allies blamed the cyber activity on a notorious hacking unit within Russia’s military intelligence directorate known as Sandworm, which was allegedly responsible for cyberattacks that severed power in Ukraine in 2015 and 2016.
CNN has requested comment from the Russian Embassy in Washington, DC, on the allegations.
The hacking campaign “illustrates how Russia’s illegal war in Ukraine continues to play out in cyberspace,” said Paul Chichester, director of operations at the UK’s National Center for Cyber Security. said in a statement.
Pro-Ukrainian hackers have also tried to make their mark on the war. The Ukrainian government has encouraged a loose group of thousands of volunteer hackers to launch attacks against Russian assets in Ukraine and on Russian soil.
The Pentagon has not stood idly by. Cyber Command, the US military’s hacking unit, has carried out offensive cyber operations in support of Ukraine as it defends itself against Russia, said General Paul Nakasone, head of the command. said last year.
Russian intelligence services have hit Ukrainian infrastructure with cyberattacks since the start of Moscow’s large-scale invasion of Ukraine in February 2022, according to US officials and private experts. The range of cyberattacks has included data destruction attacks targeting Ukraine’s energy and transportation infrastructure, among others. While some attacks have forced Ukrainian businesses and government agencies into recovery mode, kyiv’s digital defenses have been resilient.
Some US analysts and officials have attributed the relatively limited impact of Russian hacking – at least in comparison with the enormous expectations of Russian cyber prowess – during the war to the same disorganization that has plagued Russian kinetic operations. But the true scope and impacts of Russian cyber operations in Ukraine are very difficult to pin down in the fog of war, where both sides have incentives to exaggerate their successes.