Cyber Attacks and Threats Amidst the Russian Invasion of Ukraine

In its special advisory, Radware shares insights based on public information regarding threats and attacks surrounding the Kremlin’s special military action against Ukraine.

Currently, attacks were limited to targets directly relating to the conflict and our Cloud Security Services have no significant indicators of a shift in attack patterns that might be attributed to this event. The most significant threat for organizations is becoming collateral in a proxy war fought by patriotic hactivists. The threats and potential attacks that might follow as conflicts could escalate between nations or between online communities are not different from threats organizations have faced from hactivists and ransomware operators in the recent months. Organizations across the globe should continue bolstering their cyber security resilience, now more than ever.

Highlights of the report:

  • Russian troops invaded Ukraine on February 24th, in an attempt to overthrow the Ukrainian government, after US and NATO rejected Russia’s demand to bar Ukraine from NATO 
  • NATO fully supports Ukraine’s sovereignty, territorial integrity, and Ukraine’s right of self-defense and condemned the invasion
  • NATO alliance members cannot and will not go to war with Russia unless one of its members is attacked, this applies both to online and offline conflicts.
  • Just before the invasion started, Ukraine targets were assaulted by a wiper malware
  • DDoS attacks on Ukraine were reported and attributed to Russia by the US Government and the NCSC (UK)
  • Anonymous declared war to Russia and claimed responsibility for the DDoS attacks on Russian financial and government targets
  • Ransomware operators Conti and CoomingProject posted messages announcing their Russian government support
  • Lockbit published an “Official Statement on the Cyber Threat to Russia” saying it is not engaging in international conflicts and is “only interested in money for their harmless and useful work”
  • A Telegram channel is regrouping over 180,000 pro-Ukrainian members who are willing to spread content and hack back at those attacking Ukraine, supported by the Vice Prime Minister of Ukraine
  • Geoblocking reportedly deployed by Russia in an attempt to mitigate potential attacks
  • Advise for organizations across the globe

[You may also like: What Drives DDoS Attacks and Why it Should be a Concern]

Please read the full advisory [Cyberattacks and Threats Amidst Russian Invasion of Ukraine] with more detailed and factual information on the most recent developments online, influenced by, and in support of the offline conflict.

Like this post? Subscribe now to get the latest Radware content in your inbox
weekly plus exclusive access to Radware’s Premium Content.


Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program


An Online Encyclopedia Of Cyberattack and Cybersecurity Terms

What is WAF?
What is DDoS?
Bot Detection
ARP Spoofing

Get Social

Connect with experts and join the conversation about Radware technologies.

Security Research Center