Mar 10, 2022 15:30:00

It is clear that the United States was conducting a top secret mission for cyber defense of Ukraine before the invasion of Russia, and it has already saved the lives of 1 million people.

The full-scale invasion of Ukraine by Russia began at the end of February 2022, but before that, cyber attacks targeting Ukrainian government agencies have been detected many times, and the Ukrainian government has reported these. The black curtain of the attack was

publicly accused of being the Russian government. Ukraine has been under the threat of cyber attacks even before the full-scale invasion of Russia, but it has been revealed that the United States has been conducting a top secret mission since 2021 to protect it.

The secret US mission to bolster Ukraine's cyber defenses ahead of Russia's invasion | Ars Technica
https://arstechnica.com/information-technology/2022/03/the-secret-us-mission-to-bolster-ukraines-cyber-defences-ahead-of-russias-invasion/

The secret US mission to bolster Ukraine's cyber defenses ahead of Russia's invasion | Financial Times
https://www.ft.com/content/1fb2f592-4806-42fd-a6d5-735578651471?segmentid=acee4131-99c2-09d3-a635-873e61754ec6

Russian cyberattacks surprisingly limited in Ukraine, US officials say | Cybersecurity Dive
https://www.cybersecuritydive.com/news/ukraine-cyberattacks-limited/620101/

Russia began a full-scale invasion of Ukraine on February 24, 2022 local time, but long before that, a top secret American team was dispatched to Ukraine. Members of this top secret team included not only US Army cyber commanders, but also employees of American general companies. The purpose of the team is to protect the Ukrainian government's infrastructure from the cyberattacks it has received from the Russian government for several years.

Since Ukraine was hit by a cyberattack on the power grid in 2015, the US government has continued to help strengthen its cybersecurity.

1.4 million households lose power due to cyber attack on electric power company --GIGAZINE

by Matthias Ripp

However, the increase in the number of top secret teams in October and November 2021 seems to have been a distinctly different move, and technology media Ars Technica said, 'This was the preparation for the imminent war. It's clear. ' Ars Technica interviewed a person close to a top secret mission, who said, 'There was an urgent need to detect hidden malware that could have been planted by Russia. In parallel with the aggression on the ground. Because it could have been a catastrophic cyberattack. '

Some cybersecurity experts have pointed out that when Russia begins its invasion of Ukraine, it may launch a cyberattack to destroy its infrastructure. The reason why such cyberattacks have not been carried out at the time of writing is 'a tribute to the cybersecurity enhancements that top secret teams have made in Ukraine over the past few years,' Ars Technica wrote. In fact, Russian government official Victor Zora said, 'Cyber attacks by Russia have slowed as the Ukrainian government has implemented appropriate security protections to counter our network.'

The top secret team has succeeded in finding and removing malware called 'wiperware' that a threat actor supported by the Russian government has set up on the Ukrainian Railways. Wiperware is an attacker who simply enters a command to invalidate the entire infected network. In the first 10 days of the Russian invasion, about 1 million Ukrainian people have been evacuated from the conflict zone using the Ukrainian Railways. If the top secret team failed to remove the wiperware, the evacuation would have failed and 'may have had a catastrophic effect,' a source told Ars Technica.

Wiperware had infected computers on the Romanian border, according to people familiar with the matter, causing confusion among hundreds of thousands of Ukrainians seeking asylum from the country.

Since Russia's invasion of Ukraine began, Ukraine has been subjected to various cyber attacks, and at about the same time as the invasion began, Ukrainian government-related sites were attacked by DDoS. After detecting this attack, the top secret team has applied for a budget for security protection from the government, and the government funding will be approved in just a few hours. Within eight hours of the request of the top secret team, Fortinet's security software was installed on the Ukrainian government's server, successfully protecting the Ukrainian government's website from DDoS attacks.

DDoS attack on Ukrainian government site and new malware discovering data deletion on hundreds of Ukrainian machines-GIGAZINE

A European official who attended the NATO meeting said, 'Ukraine's cybersecurity has proved to be resilient,' after receiving a report from a top-secret US team. As for why Ukraine has succeeded in preventing Russia's cyberattacks, he said, 'just as Russia underestimates Ukraine on the battlefield, it underestimates the US top secret team in the field of cybersecurity. Because I am. '

In addition, officials have pointed out that Russia has been repeating poor acts in the field of cyber security, for example, a Russian commander dispatched to the front line said, 'In encrypted military mobile phones. Instead, they use a general mobile phone to piggyback on the Ukrainian network to communicate. ' It seems that the Ukrainian side is intercepting this communication, and there are voices from the people concerned that 'a lot of data can be obtained from the communication of the mobile phone regardless of whether the encryption application is used'. It is listed.

In addition, Ukraine seems to be blocking communication by shutting out the mobile phone used by the Russian army from the network at a military important timing. Therefore, it has been confirmed that Russian soldiers are collecting SIM cards by seizing mobile phones from Ukrainians and attacking mobile shops.