Inside Russia's attempts to hack Ukrainian military operations
By Jenna McLaughlinIn this photo illustration, the 502 Bad Gateway message is seen on the Ukrainian Defense Ministry webpage. SOPA Images/LightRocket via Getty Images hide caption
toggle caption SOPA Images/LightRocket via Getty Images SOPA Images/LightRocket via Getty ImagesKYIV, Ukraine — Ukrainian intelligence officials have to NPR about an attempt by Russian state hackers to penetrate Ukrainian military planning operations systems.
The hackers from Russian military intelligence captured Android tablet devices used by Ukrainian officers on the front lines in an attempt to spy, according to a report published by the Security Service of Ukraine's Cyber Security Situation Center.
"We saw that there were attempts to penetrate these systems," said Illia Vitiuk, the head of the Cybersecurity Department of Ukraine's Security Service, also known as the SBU. Vitiuk spoke to NPR in an exclusive interview in Kyiv on Wednesday.
The SBU attributed the cyber operation to Russian military intelligence organization GRU, or more specifically the hacking group known as SandWorm. Hackers from SandWorm have been extremely active both during and before the full-scale invasion launched in February 2022, targeting the Ukrainian energy sector, the global economy, and others.
According to the State Security Service report, the agency detected the Russian operation in its early stages, preventing full access to the military operations system.
This is not the first time that Russia has attempted to compromise the Delta system. In December, Russian hackers broke into Ukrainian military email accounts to deliver convincing phishing emails to Delta users. Ukraine's Computer Emergency Response Team about the operation. And last summer, Russian officers created a fake version of the Delta website in order to trick legitimate users into providing their credentials.
Starlinks are top priority targets for Russia. Therefore, while they may have gained some information about individual devices, perhaps "hundreds," in this operation, said Vitiuk, Russians likely combine that information with intelligence gathered from drones and human sources in order to target attacks.
Understanding what information may have been compromised allows Ukraine to relocate its troops and expose Russian tactics, Vitiuk told NPR.
Vitiuk explained that part of the goal in openly publishing information about the Russian operation is to expose their tactics to allow partners to defend against them.
a successful NATO review to determine its interoperability with Western systems like F-16 fighter jets. "This is a significant step because thanks to Delta, soldiers can view the battlefield in real-time, including the location of enemy forces," Ukraine's Minister of Digital Transformation Mykhailo Fedorov."We do believe the systems we're using now will be used by other countries ... so it's very important to start protecting them from now," Vitiuk concluded.