Over the past few years, Russia-affiliated hackers have conducted attacks against critical American and European infrastructure networks and disrupted hospital operations across the US. The scope and boldness of these attacks have increased as Russia seeks to expand its war against Ukraine and its supporters on multiple fronts.
In recent years, Russia has not only focused on waging cyber war on Western states but has attempted to infiltrate the heart of the internet through open-source software. The heads of MI6 and the CIA made a joint statement highlighting that Russian intelligence has been conducting a “reckless campaign of sabotage throughout Europe.”
In January 2024, Russian hackers targeted a water facility in rural Texas, causing a water tower to overflow. Similar malicious activities were detected in other towns in north Texas. In March 2024, President Biden’s administration warned US governors about escalating cyberattacks on water and wastewater systems. Further cyberattacks occurred in Indiana and targeted healthcare provider Ascension in May.
Russia’s cyberattacks are not limited to the US. In March, Russian hackers mistakenly targeted a mill in France, believing it to be a hydroelectric dam. They also attacked Poland’s water infrastructure due to its strong support for Ukraine. Poland called out Russian state-sponsored hackers for targeting its government networks in May 2024.
The cybersecurity vulnerability of critical infrastructure, especially in small towns with limited resources, makes it an easy target for hackers. Healthcare organizations are prime targets, with attacks capable of disabling medical equipment and diverting ambulances.
In June 2024, Russian hackers were responsible for a ransomware attack on several major London hospitals, affecting blood transfusions and test results and leading to canceled operations and diverted emergency patients. Hundreds of operations and appointments continued to be canceled after the June 3, 2024, cyberattack on NHS provider Synnovis.
In the first week following the attack, doctors were forced to delay 800 planned operations and 700 outpatient appointments. They had to revert to using handwritten records due to the system disruptions. Additionally, one hospital even had to solicit blood donations from its clinical staff to manage the crisis caused by the hack.
As Russia faces challenges on the battlefield in Ukraine, its cyber activity will continue to evolve to support espionage and battlefield enablement. Countries leading aid efforts for Ukraine, such as the UK and the US, remain prime targets of Russian cyber aggression.
Anne Keast-Butler, director of the UK’s Intelligence, Cyber and Security Agency, has expressed concern about Russian intelligence collaborating with proxy groups to conduct cyberattacks.
Unit 29155 of Russia’s GRU military intelligence agency, previously blamed for coup attempts, assassinations and bombings, now also runs a hacking group called Cadet Blizzard, which targets Ukraine, the US and Europe.
The group has been linked to cyberattacks such as the WhisperGate malware, which hit Ukrainian organizations ahead of Russia’s 2022 invasion. According to Western intelligence, Unit 29155 is blurring the lines between physical and cyber warfare, using both traditional sabotage tactics and disruptive cyber operations.
Ukraine served as a testing ground for Russian cyber weapons through the initial invasion in 2014 and the 2022 full-scale invasion. Ukraine has significantly hardened its defenses with Western support.
However, Russia has learned from its initial mistakes, launching one of its most disruptive cyber-attacks in December 2023 on Ukraine’s largest telecom operator, Kyivstar, leaving millions without mobile and internet service for days.
Factory sabotage
Russia has also resorted to recruiting criminals to sabotage Western factories supplying arms to Ukraine. On March 21, 2024, a London warehouse containing aid shipments to Ukraine was destroyed in a fire.
Then, in mid-April, an American artillery shell factory, which supplies some of its products to Ukraine, also went up in flames. Just two days later, on April 17 an explosion occurred at the Welsh factory of BAE Systems, a British defense contractor that manufactures weapons for Ukraine.
Russia has also conducted electronic warfare against Western aviation in the Baltic region. This has led to incidents like GPS jamming, which caused Finnair to suspend flights from Finland to Tartu, Estonia. Russia has also made thousands of attempts to disrupt European rail networks as part of a broader campaign to destabilize the EU and sabotage critical infrastructure, according to the Czech Republic’s transport minister.
In April 2024, two German-Russian nationals were arrested in Germany on suspicion of plotting sabotage attacks, including targeting US military facilities. The suspects are believed to have been planning these attacks as part of a broader strategy to disrupt aid flows to Ukraine.
In July 2024, CNN reported that earlier this year US intelligence uncovered Russian government plans to assassinate the CEO of a prominent German arms manufacturer that has been producing artillery shells and military vehicles for Ukraine. The assassination plot was part of a broader Russian strategy to target defense industry executives across Europe who are supporting Ukraine’s war effort.
Ukrainian law enforcement agencies also dismantled a Russian-run network planning arson attacks in Ukraine and the EU, targeting shopping centers, gas stations, pharmacies, and markets in July 2024. The group, consisting of 19 people from various Ukrainian regions, was acting on Russian intelligence services’ instructions and aimed to sow social instability and undermine support for Ukraine.
The goal of Russia’s hybrid warfare is not only to punish the West for supporting Ukraine but also to divert Western resources and attention away from aiding Kyiv. Moscow’s strategy hinges on the belief that targeting critical infrastructure and intensifying attacks on Western nations, can strain their financial and operational capacities.
The Kremlin anticipates that if European citizens begin to feel the direct impact of the war on their daily lives, they will pressure their governments to push for a peace settlement – one that would favor Russia and allow Vladimir Putin to claim victory.
This piece is an excerpt from a report presented by the author at the UK Parliament on October 9, on behalf of the Henry Jackson Society, titled “Military Lessons for NATO from the Russia-Ukraine War: Preparing for the Wars of Tomorrow.”
Read the original report, which includes extensive footnotes to show the sourcing of facts and quotations. Asia Times is republishing this excerpt with permission.