The Russian government is planning a major new cyber-attack campaign on the critical infrastructure of Ukraine and its allies as winter approaches, Kyiv has warned.
A brief statement from the Ukrainian Ministry of Defense’s Main Directorate of Intelligence explained that the energy industry would be a key target as the weather gets colder.
“With this, the enemy will try to increase the effect of missile strikes on electricity supply facilities, primarily in the eastern and southern regions of Ukraine,” it said. “The occupying command is convinced that this will slow down the offensive actions of the Ukrainian defense forces.”
If the intelligence is accurate, the campaign will have echoes of the cripplingly destructive attacks of December 2015 and 2016 that the Kremlin launched against Ukrainian facilities, and which left hundreds of thousands without power.
Kyiv said in its latest missive that its experiences from responding to those incidents will help it prepare more effectively for a predicted fresh assault.
Ukrainian energy providers can expect more attacks using both destructive and wiper malware. Microsoft claimed back in April that the country had already been on the receiving end of over 230 cyber-attack campaigns, including 40 wiper attacks aimed at hundreds of targets.
However, even the tech giant admitted that its intelligence probably only recorded a fraction of total offensive activity.
The Ukrainian intelligence note also claimed that Russia is planning to intensify DDoS attacks on the critical infrastructure of Ukrainian allies, most notably Poland and the Baltic states.
Estonia for one should be well prepared for such an eventuality, having recently repelled the biggest DDoS attempts since services in the country were disrupted by Russian attacks back in 2007.
Microsoft said in June that it had recorded Russian attacks on 128 organizations in 42 countries allied to Ukraine since the start of the war. The US, Poland and Baltic nations were singled out, although the tech firm claimed that those attacks mainly involved network penetration and espionage activities.