by Dmitry ZAKS
Agence France-Presse
KIEV, Ukraine (AFP) – Ukraine’s military on Friday denied reports claiming Russia may have hacked targeting software for its heavy artillery in a breach that could have helped Moscow track and destroy Kiev’s big guns.
The cybersecurity firm CrowdStrike — the same one that discovered the Kremlin’s alleged interference in the US election — said in December it had evidence Russian hackers might have bolstered Moscow’s spying on Ukraine’s forces in the eastern war zone.
CrowdStrike said the malware was installed on software used to aim Ukraine’s D-30 howitzer guns that were the backbone of the government’s forces fighting Russian-backed insurgents for 31 months.
The conflict has claimed the lives of nearly 10,000 people and was one of the main factors why Moscow’s relations with the West are at a post-Cold War low.
Ukraine’s defence ministry blasted the report’s claims and rejected any allegations that a hack led to a majority of its howitzers being destroyed during the conflict.
It stressed that “artillery losses were many times smaller and not caused by the reason” given by CrowdStrike.
Ukraine’s rebuttal came a day after high-profile US Senate hearings in which the heads of three intelligence agencies all pointed the blame at Russia’s most senior officials for hacking into the Democratic National Committee during the presidential campaign.
Democrat Hillary Clinton said the leaked information was one of the reasons why she lost to Donald Trump — the president-elect who has publically praised Russian leader President Vladimir Putin.
‘High-loss nature’
Fears of Russia also trying to influence upcoming European elections have put a new focus on cybersecurity firms. But Ukraine was adamant that CrowdStrike was wrong on this occasion.
“The spread of false information leads to a heightening of social tensions and undermines people’s trust in Ukraine’s armed forces,” the defence ministry said.
The December CrowdStrike report said that “from late 2014 and through 2016, FANCY BEAR X-Agent implant was covertly distributed on Ukrainian military forums within a legitimate Android application.”
Fancy Bear is a code name for a group of Russian hackers that CrowdStrike has linked to the country’s secretive military intelligence.
“Successful deployment of the FANCY BEAR malware within this application may have facilitated reconnaissance against Ukrainian troops,” the report said.
It added some 80 percent of Ukraine’s howitzers were destroyed during the war — a vast figure that had never been reported before and would mean nearly the entire arsenal of Ukraine’s biggest guns being erased.
London’s International Institute of Strategic Studies also said that Ukrainian artillery bearing the alleged Russian malware “may have contributed to the high-loss nature of this” type of big gun in Ukraine.
The targeting programme was provided to Ukraine’s under-funded army by volunteers and not developed by the defence ministry itself.