Russia-Ukraine War: Cyberattack and Kinetic Warfare Timeline

Credit: Getty Images

Amid Russia’s invasion of Ukraine, multiple cyberattacks have allegedly surfaced, and various cybersecurity warnings continue to emerge. The situation crystallizes how kinetic warfare (bombs, guns, bullets, etc.) is now fully intertwined with cyber warfare.

Lump kinetic war and cyber war together, and you get the new reality of hybrid war, Microsoft asserts.

Advice for MSSPs and MSPs:

  1. Closely track CISA (Cybersecurity and Infrastructure Security Agency) alerts and updates, especially as they pertain to infrastructure security worldwide.
  2. Check the Russia-Ukraine conflict timeline below, which is updated regularly with cyberattack and cyber defense information tied to the conflict.

Russia Invades Ukraine: Kinetic Warfare and Cyberattack Timeline

Here’s the latest…

May 19, 2022…

  • Russia Disinformation Campaign: Mandiant research has detailed several Russian-aligned disinformation and propaganda campaigns, including bogus online claims that Ukrainian President Vladimir Zelenskyy had committed suicide or fled Ukraine. Source: Associated Press.

May 10, 2022…

  • More Kaspersky Concerns?: The National Security Agency is investigating the extent that software made by the Russian cybersecurity company Kaspersky is embedded in U.S. businesses and organizations amid rising security concerns arising from Russia’s invasion of Ukraine. Source: Bloomberg.

May 3, 2022…

  • Germany Warning: Germany’s financial regulator BaFin warned of a “very big and very present” risk of cyberattacks in the wake of Russia’s invasion of Ukraine. Source: Reuters, May 3, 2022.

April 27, 2022: Multiple updates…

April 14, 2022: More than 600 Western companies have said they would exit or cut back operations in Russia, according to researchers at Yale University. Source: The Wall Street Journal.

April 12, 2022:

  • Nokia Exits Russia: Telecoms equipment maker Nokia is pulling out of the Russian market. Source: Reuters.
  • Sandworm Hackers Target Ukraine Power Grid: Russia’s Sandworm hackers attempted a third blackout in Ukraine. The attack was the first in five years to use Sandworm’s Industroyer malware, which is designed to automatically trigger power disruptions. Sources: Wired and SC Media.

April 11, 2022:

  • Ericsson Exits Russia: Swedish telecom equipment maker Ericsson is suspending its business in Russia indefinitely. Ericsson will record a US$95 million provision in the first quarter for costs related to the move. Source: Reuters.

April 8, 2022:

  • Cyberattacks Target Finland: The cyberattacks on Finland government websites and a suspected airspace violation by Russian aircraft just as speculation mounts that the Nordic nation will opt to apply for membership in the NATO alliance. Source: Bloomberg.

April 7, 2022:

April 6, 2022:

  • FBI vs. Russia: The FBI has wrested control of thousands of routers and firewall appliances away from Russian military hackers by hijacking the same infrastructure Moscow’s spies were using to communicate with the devices. Source: Reuters.

April 4, 2022:

  • Nordex Cyberattack: Nordex is the second German wind turbine maker to suffer a cyberattack since Russia’s invasion of Ukraine began. Nordex rival Enercon’s remote service links had been cut at start of the war. Source: ReCharge, April 4.

April 1, 2022:

March 31, 2022: 

  • Private Kaspersky Warnings: The U.S. government began privately warning some American companies the day after Russia invaded Ukraine that Moscow could manipulate software designed by Kaspersky to cause harm. Kaspersky has repeatedly denied such claims. Source: Reuters.
  • Sanctions vs. Russia Technology Sector: The U.S. Treasury Department imposed sanctions on 21 entities and 13 people, including Joint Stock Company Mikron, Russia’s largest chipmaker and manufacturer and exporter of microelectronics. Source: Reuters.

March 30, 2022:

  • Hackers Allegedly Target NATO: A Russian APT group known as Gamaredon, Callisto and COLDRIVER has been phishing accounts of NATO and Eastern European militaries in addition to existing campaigns against American NGOs, a Ukrainian defense contractor, and a Balkan military. Details surfaced from Google’s Threat Analysis Group. Source: SC Media.

March 29, 2022:

  • U.S. Energy Infrastructure Targeted: Russian hackers have been scanning the systems of energy companies and other critical infrastructure in the United States, and state-sponsored hacking by Russia presents a “current” threat to American national security, a top FBI official told lawmakers. Source: Reuters.

March 28, 2022:

  • Ukraine Telecom Cyberattack: Ukraine’s state-owned telecommunications company Ukrtelecom experienced a disruption in internet service on March 28, 2022 after a “powerful” cyberattack. Source: Reuters.

March 24, 2022:

  • SAP Russia: SAP is shutting down its cloud operations in Russia, withdrawing further from the country after stopping sales in Russia in early March 2022. Source: Reuters.

March 22, 2022:

  • U.S. Energy Companies Targeted: Hackers associated with Russian Internet addresses have been scanning the networks of five US energy companies in a possible prelude to hacking attempts, the FBI said in a March 18 advisory to US businesses. Source: CNN.

March 21, 2022:

  • Potential cyberattacks vs. United States?: President Joe Biden warned, based on “evolving intelligence,” that Russia was “exploring” potential cyberattacks on the U.S.
    Source: SC Media.
  • Kaspersky Under Pressure: The endpoint security company faces renewed scrutiny in Italy and Germany, and the chatter could pressure Kaspersky’s MSP partner program, MSSP Alert believes.
  • U.S. Health Care Cybersecurity: The Department of Health and Human Services is urging provider organizations to review and bolster defenses to guard against possible fallout from the Russian invasion of Ukraine. Source: SC Media.

March 13, 2022…

  • Cyberattack Hits Russia Energy Subsidiary: A German subsidiary of the Russian energy company Rosneft has suffered a cyberattack. So far, there had been no effect on Rosneft’s business or the supply situation even though the company’s systems had been affected. Source: Reuters.
  • Ukraine President’s Memo to Software Giants: Ukrainian President Volodymyr Zelenskiy called on Microsoft, Oracle and SAP to halt support services for their products in Russia. Source: Reuters.

March 11, 2022…

  • Russia Website Cyberattacks: Efforts to disrupt the operations of company websites in Russia have jumped in March 2022, Rostelecom-Solar said, with the number of distributed denials of service (DDoS) attacks already exceeding those for the whole of February 2022. Source: Reuters.

  • Broadband Cyberattacks: Western intelligence agencies — namely, the NSA and ANSSI plus Ukrainian intelligence — are investigating a cyberattack by unidentified hackers that disrupted broadband satellite Internet access in Ukraine coinciding with Russia’s invasion. Source: Reuters.

March 8, 2022…

  • Technology Coalition: DNSFilter has started a coalition of technology vendors “with the sole purpose of driving donations to Ukraine.” Source: DNSFilter.
  • Ukraine Crisis Resource Center: Mandiant has launched a threat analysis resource center to help organizations navigate cyber threats associated with Russia’s invasion of Ukraine. Source: Mandiant.
  • Cybersecurity Emergency Response Fund: Telecoms ministers from the 27 EU countries want the European Commission to set up a cybersecurity emergency response fund to counter large-scale cyberattacks, citing the recent attacks against Ukraine. Source: Reuters.
  • Internet Service Providers (ISPs) Exit Russia: Lumen Technologies and Cogent Communications ended their Internet services in Russia. Source: Reuters.

Continue to page two for Russia-Ukraine updates from early March and February 2022.

Return Home

1 Comment


    Ed Mahoney:

    I call the combination of cyberwar and kinetic war “Full Spectrum Cyberwar”. I follow these activities out of personal and professional interests. I feel like all prior cyberattacks by Russia are just that, cyberattacks rather than cyberwar, because they have been largely asynchronous. Russia attacks but Latvia or Georgia or whomever never counterattacks. In my estimation, this is Cyber War I.

Leave a Reply

Your email address will not be published.