Russia and Ukraine are waging a cyberwar against each other. There have been a number of DDoS attacks on Ukrainian websites, purportedly by Russia, and, according to Meta (the company that owns Facebook), there is a concerted effort to spread disinformation among Ukrainian military officials and politicians. A number of Ukrainian government systems and banks were attacked even before the first bomb was dropped on Kyiv. In retaliation, Ukraine has established an “IT army” of its own, to hack Russian organisations.
Risks on multiple levels
The cyber aggression between the two countries is, so far, contained and focused. South Africa is unlikely to be a direct target for a cyber offensive, but experts believe there may be a spill-over effect. We face risks on multiple levels, and some of them are not obvious.
Supply chain interruptions
Ukraine produces neon, a key component in silicon chips. Russia exports elements used in the manufacture of semiconductors, among other things. Whether supply is interrupted logistically by the conflict or through a refusal to provide goods to sympathisers of the Ukraine cause, it could have an impact on the products you need. Furthermore, a number of software engineers, code writers, and hosted services are based in Ukraine. If you outsource IT services to one of these, you may have a problem.
Retaliatory Russian cyberattacks
There is controversy among cybersecurity experts about whether Russia would target Western infrastructure. But the US Cybersecurity and Infrastructure Security Agency (CISA) and the European Central Bank (ECB) have warned of the risk of retaliation if sanctions are imposed on Russia. We cannot rule out attacks on infrastructure such as transport systems, banking systems, etc., by Russia to cause economic havoc. If this does happen, Europe or the US are more likely to be the focus rather than South Africa. But whether or not we are the target, we are bound to feel the effects, as we are part of the global economy.
We could also feel the spill-over effects of network disruptions. Cryptocurrency is likely to be a key target, and malware could spread rapidly. Many South African companies are part of larger global organisations, with internationally connected systems and networks. National borders are porous in the face of heightened cybercrime activity.
Russia is home to some of the world’s most sophisticated hackers, and they have a history of carrying out cyberattacks on anyone they see as opposed to the Russian government, motivated by patriotism, not commercial gain.
It’s also likely that non-state actors who are motivated by greed will capitalise on the chaos, uncertainty, and pro-Ukrainian sentiment. Already there have been a number of phishing scams, inviting people to donate money for humanitarian aid. These often contain heart-wrenching videos of suffering, guaranteed to make the more altruistic in society reach for their wallets.