The Ukrainian government warned today that Russia is planning to carry out “massive cyberattacks” against power grids and other critical infrastructure in both Ukraine and allied countries.

The warning claims that the attacks will be similar to those that targeted Ukraine’s energy supplies in 2015 and 2016. Russia is trying to increase the effect of missile strikes on electricity supply facilities in Ukraine’s eastern and southern regions. According to the warning, the “occupying command is convinced that this will slow down the offensive operations of the Ukrainian Defence Forces.”

Ukraine also claims that Russia intends to increase the intensity of distributed denial-of-service attacks on the critical infrastructure of its closest allies, primarily Poland and the Baltic States.

A previous attack against Ukraine’s energy infrastructure, referenced in the warning, occurred in December 2015, crippling the country in the dead of winter. It was noted in the years after the attack that it was a wake-up call about the cybersecurity risk present in critical infrastructure, one ignored by many that ultimately led to the attack on Colonial Pipeline Co. in 2021.

Although there’s no independent verification of Ukraine’s claims of future massive cyberattacks, it’s believable and has been tried before by Russia after it invaded Ukraine in February.

Researchers from SET spol s.r.o and Microsoft Corp., in conjunction with Ukraine’s Governmental Computer Emergency Response Team, managed to stop an attack against a Ukrainian energy company in April. The attack involved the Russian Sandworm hacking group and used a new variation of the Industroyer malware used in the 2015 attack.

The other reason to believe that Russia may launch a new series of cyberattacks is its worsening strategic situation in Ukraine, with ground previously taken in the earlier days of the invasion recently lost to Ukrainian advances. Russia being forced onto its back feet in Ukraine, a country many thought it would initially conquer quickly, and Russia has since mobilized reservists to counter increasing battlefield losses.

Roger Grimes, data-driven defense evangelist at security awareness training company KnowBe4 Inc., told SiliconANGLE that the most common malware and hacker attacks involve social engineering.

“Ukraine and its allies should focus first and best on educating everyone to recognize the signs of social engineering attacks, how to mitigate them and how to appropriately report,” Grimes said. “There is no single defense that can do as much to put down the most common hacker and malware attacks as preventing social engineering.”

Photo: Alisdare Hickson/Flickr