London24NEWS

GCHQ chief says Putin launched cyber-attack on Ukraine the month before invasion

The head of Britain’s spy agency GCHQ said Vladimir Putin launched a cyber attack on Ukraine a month before Russia invaded the country. 

Writing in the Economist, Jeremy Fleming said Russia had deployed ‘WhisperGate’ malware to destroy and deface Ukrainian government systems in January this year.

He added that, less than an hour before Russian forces invaded their neighbour on February 24, Russia targeted satellite networks used by the Ukrainian military, government and civilians. 

The attack ‘spilled over’ into neighbouring countries and caused ‘collateral damage’ in services including wind farms and internet access. 

But Mr Fleming also warned Putin against targeting members of Nato, saying the organisation had ‘made it clear’ that a cyber attack could trigger Article 5, the alliance’s mutual defence clause. 

The head of Britain's spy agency GCHQ said Vladimir Putin launched a cyber attack on Ukraine a month before Russia invaded the country. Above: Vladimir Putin this week

The head of Britain’s spy agency GCHQ said Vladimir Putin launched a cyber attack on Ukraine a month before Russia invaded the country. Above: Vladimir Putin this week

Pro-Russian troops are seen atop a tank during Russia's attack on the Ukrainian city of Mariupol in March

Pro-Russian troops are seen atop a tank during Russia’s attack on the Ukrainian city of Mariupol in March

What is ‘WhisperGate’ malware?  

Whispergate is a form of ‘ransomware’.  

Ransomware sees cybercriminals use ‘blockers’ to stop their victim accessing their device.

This may include a message telling them this is due to ‘illegal content’ such as porn being identified on their device.

Anyone who has accessed porn online is probably less likely to take the matter up with law enforcement.

Hackers then ask for money to be paid, often in the form of Bitcoins or other untraceable cryptocurrencies, for the block to be removed.

In May 2017, a massive ransomware virus attack called WannaCry spread to the computer systems of hundreds of private companies and public organisations across the globe.

Advertisement

That scenario would see nations including Britain, the US and France springing into retaliatory action against Russia. 

Mr Fleming’s article came after news emerged that Russia has lost yet another command post to a Ukrainian rocket strike. 

A headquarters in the contested Donbas region was blown up on Thursday, officials claimed. 

Mr Fleming said in his Economist article that, despite its cyberattacks, Russia has failed to gain ground in cyberspace against Ukraine almost six months after its invasion of the country. 

He wrote that both Ukraine and Russia have been using their cyber capabilities in the war.

‘So far, president Putin has comprehensively lost the information war in Ukraine and in the West. 

‘Although that’s cause for celebration, we should not underestimate how Russian disinformation is playing out elsewhere in the world,’ Mr Fleming wrote.

‘Just as with its land invasion, Russia’s initial online plans appear to have fallen short. The country’s use of offensive cyber tools has been irresponsible and indiscriminate.’

Mr Fleming said Russia had deployed WhisperGate malware to destroy and deface Ukrainian government systems.

Writing in the Economist, Jeremy Fleming said Russia had deployed 'WhisperGate' malware to destroy and deface Ukrainian government systems in January this year

Writing in the Economist, Jeremy Fleming said Russia had deployed ‘WhisperGate’ malware to destroy and deface Ukrainian government systems in January this year

It was reported in February how a cyberattack the day before Russia’s invasion had targeted Ukraine’s government and banks. 

The websites of Ministry of Foreign Affairs, the Ministry of Defence, Ministry of Internal Affairs, the Security Service, and Cabinet of Ministers were all out of action. 

At the same time, bomb threats were also phoned in to several government buildings 

Mr Fleming also said Russia has used the same playbook before on Syria and the Balkans and said online disinformation is a major part of Russia’s strategy. 

However, GCHQ has been able to intercept and to provide warnings in time, he said.

Without going into much detail, Mr Fleming said the UK’s National Cyber Force could respond to Russia by deploying a UK military unit that employs offensive cyber tools.

 Mr Fleming said that Russia’s ‘cyberactors’ are ‘carefully calibrating’ to avoid the risk of escalation with other nations. 

He added: ‘Afterall, Nato has made it clear that a serious cyber-attack against a member country could trigger Article 5, the alliance’s mutual defence clause. 

‘The danger of overspill to Nato countries is very real—we’ve seen incompetence and carelessness by Russia before.’

The attack on Ukraine began with Putin declaring a ‘special military operation’ at around 3am Ukraine time on February 24.