The war in Ukraine is on all fronts. The aggressor country is using all possible resources to block all spheres of Ukrainian life. This also applies to digital technologies and attacks on them: the cyber war has been going on since the first day of the invasion. Russians are constantly attacking digital infrastructure, with varying degrees of success.
In a war, the parties use all resources, but the legal side of the digital confrontation remains open. The European Software Engineering Association has conducted an interview with Maksym Kurochko, Managing Partner and Attorney at MK Legal Service, and his colleague Artem Ostapenko, Head of IT/TMT practice, to find out which services are most at risk of attack and whether it is legal.
First of all, it is worth noting that the targets and objects of attacks in other countries and in peacetime are different from what is happening in Ukraine. Usually, the purpose of an attack on a company may be to obtain a ransom by any means necessary. However, in times of war, attackers have a different goal: to paralyze all possible infrastructure and complicate the lives of citizens. Attacks are also an integral part of information warfare.
According to experts, the most common targets of cyberattacks are information and communication systems of critical infrastructure operators, administrators of state registries and databases, and companies that provide mass public services via the Internet. The most notable case of such an attack was the downfall of Kyivstar in December last year, but smaller attacks occur regularly.
Although hackers do not always openly claim responsibility for the attack, it is no secret that Russian special services are behind them. Through attacks, hackers are not only trying to paralyze critical infrastructure and block the operation of government resources, but also to obtain personal data of Ukrainians and use it for criminal purposes.
As for the legality of such attacks, each country’s legislation regulates hacking separately. However, there is no organization that controls violations at the international level, so it is difficult to bring Russian hackers to justice. However, it is worth mentioning that Ukrainian IT professionals attack enemy resources no less actively, so this confrontation continues on equal terms.
In the face of constant attacks, protection is needed. Against this backdrop, experts note that the capabilities of Ukrainian cybersecurity specialists have grown significantly, as have their technical capabilities. MK Legal Service is also making efforts in this area, having a number of successful cases.