Coordinated cyberattacks have targeted organizations, critical infrastructure, political figures, and even private citizens.
Unconfirmed or nondescript attacks were disregarded.
At the same time, Chinese threat actors increased their attacks against the United States.
However, Ukraine is not the only country experiencing a significant onslaught.
Since 2022,South Korea has followed behind Ukraine in the number of attacks received.
None of the attacks we found targeted all four sectors at once.
Most only affected one, while considerably fewer targeted two or three groups.
Incidents involving military institutions and personnel are the least common.Moreover, civil society attacks never coincided with military attacks.
Notable increases were seen in 2011, 2014, and 2018.
After a mild drop in 2019, espionage incidents have been consistently increasing.
Even then, Russia had already begun launching cyber warfare attacks against Ukraine that were largely espionage missions.
These included sabotages and data destruction involving Ukrainian banks and electric companies.
The attacks caused widespread power outages and temporary failures of financial systems.
Cyber warfare attacks between these two countrieshave been ongoing since 2014.
However,incidents drastically increased when Russia invaded Ukrainein 2022.
Hackers most prevalently used wipers malware designed to permanently corrupt or delete files in affected systems against Ukrainian assets.
They often targeted telecommunications companies, internet providers, and media and news agencies.
These attacks are believed to be bids to hinder communication and impede war efforts.
Analysts noted thatRussias 2022 wiper barrage against Ukraine set an all-time record for the most wiper malware codes deployed.
Cybersecurity company Fortinet found 16 wiper families deployed in Ukraine using a multitude of programming languages.
Russian threat actors often disguised them as ransomware despite having purely destructive intentions.
Notably, Russian hackers intercepted German military communications about aid distribution in Ukraine in 2024.
Meanwhile,Ukrainian threat actors have been stepping up their attacks.
Hackers have been launching an increasing number of cyber campaigns against Russia since late 2023.
The long-standing conflict means that cyber hostilities between the two nations also go back a long way.
Most ofthe 2010s saw North Korea launch few but consistent cyber campaigns mostly espionage operations.
Cyber hostilities started increasing in 2020, with both North and South Korea launching campaigns against one another.
The data breach allegedly affected citizens personal debt and marriage records.
Only 4.7 GB of data (over 5,100 documents) have reportedly been recovered and identified so far.
Likely in response to the barrage of attacks,Iran invested heavily in its cyber warfare capabilities.
From 2012 to 2015, Irans cyber security budget increased by 1,200%.
In the following years, the two countries traded blows in cyberspace.
Iran has also launched many attacks against the United States.
Israeli Prime Minister Benjamin Netanyahu alleged in 2019 that Iranian threat actors are consistently targeting Israeli networks and infrastructure.
In our study of notable incidents, Iran has launched double the number of attacks than Israel.
Months later, Israeli threat actors paralyzed Irans banking systems, including the Central Bank of Iran.
As such,some of the earliest cyber warfare attacks recorded happened between the United States and China.
In fact, one of the longest-active state-backed threat actors is Chinas PLA Unit 61398.
This campaign, dubbed Titan Rain, was the first Chinese cyber espionage operation revealed to the public.
According to the records, most of the major cyberattacks between the two countries have been dealt by China.
From 2008 to 2021, no notable cyber warfare attacks against China were attributed to the United States.
Hackers have also successfully stolen terabytes of data from United States organizations, defense contractors, and military institutions.
Some nations may lack the financial capacity to invest in cybersecurity.
Cyberattacks may even compromise vital civilian infrastructure, such as utility companies and telecommunications providers.
Additional measures such as using a data deletion service are also advisable.
just, comment on how to improve this article.
