View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
December 22, 2023

Russia’s GRU enlists hackers to fight Ukraine – April 2023 in review

Moscow's security forces enlisted the help of cybercriminal gangs as they set their sights on disabling critical infrastructure.

By Matthew Gooding

April’s tech news review starts with the conflict in eastern Europe.

The war in Ukraine rumbled on throughout 2023, and alongside the physical conflict a host of cyberattacks took place, carried out by Russian hackers and those sympathetic to Kyiv’s plight.

Russia’s war in Ukraine has involved enlisting hacking gangs. (Photo by Kutsenko Volodymyr/Shutterstock)

In April it was revealed that Russian intelligence agency the GRU was outsourcing its intelligence efforts to an increasingly wide range of cybercriminals. The research, carried out by the European Cyber Conflict Research Initiative (ECCRI) and commissioned by the UK’s National Cyber Security Centre (NCSC), also pointed out that the breadth of the agency’s network meant it risked losing control of the operations.

According to the research, the GRU “leans heavily on cyber contractors, hacktivists and other state-affiliated cybercriminal groups”. Later in the year research from security vendor Mandiant would reveal that Sandworm, a hacking group with close links to the GRU, managed to cause power cuts in Ukraine by hacking into the nation’s infrastructure.

Infrastructure in the UK was also on the mind of the NCSC, which said in a separate announcement that Russian hackers were likely to target the power and water grids with attacks. This led the government to introduce cyber resilience targets for the UK’s critical infrastructure providers, with a compliance deadline of 2025.

Sunak defends Online Safety Bill

Prime Minister Rishi Sunak defended his government’s Online Safety Bill legislation amid growing criticism from the tech industry that it would hinder security and data protection.

Speaking to Tech Monitor at a Business Connect meet-and-greet event in London, Sunak said: “I think everyone wants to make sure their privacy is protected online, but people also want to know that law enforcement agencies are able to keep them safe and have reasonable ways to be able to do that, and that’s what we’re trying to do with the Online Safety Bill.”

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

His comments came weeks after a group of messaging services including WhatsApp and Signal warned that the bill would allow third parties to monitor messages on currently encrypted platforms. It compels vendors to build back-door access into their technology that can be used by law enforcement to scan for abuse material. It is feared hackers could exploit this.

Sunak pledged to “work in a spirit of constructive engagement” with the industry, describing the bill as “a novel piece of legislation”. It would eventually become law, but not before the government appeared to make a partial climbdown, agreeing that the provision that mandated the backdoor access would not be implemented until suitable technology was developed enabling it to be done safely.

More from April 2023

Topics in this article :
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.