October 24, 2025: While Ukraine is the underdog in its war with Russia, it has created a number of new weapons and techniques to even the odds. One of the more useful weapons has been Cyber War, which enables the Ukrainians to do all sorts of things. One of the more recent Cyber War efforts enables their intelligence personnel to eavesdrop on Russian radio communications. This involved getting past the Russian security measures and trying to prevent detection for as long as possible. A recent hacking attack also managed to steal a lot of valuable data from Russian defense firms. Another attack disrupted the Russian banking system.

The Russians are also skilled at Cyber War and all forms of electronic warfare. Listening in on Russian communications, especially those that involve planning for future operations and the conduct of current activities is considered a major win. This information has to be used carefully to avoid the Russians realizing their communications have been compromised. Russian countermeasures to prevent this sort of thing are constantly being modified and upgraded to detect Ukrainian efforts. Cyber War is not considered newsworthy, so the machinations of the Cyber Warriors are rarely reported. Cyber War operations are also kept secret as much as possible. Eventually details of Cyber War operations become known, but that is usually long after the operations took place.

Some Cyber War operations are impossible to conceal. For example, last year Ukraine carried out a surprise electronic attack on Russian internet access. This was accomplished by using the largest DDOS/ Distributed Denial of Service attack ever. The attack disrupted all major Russian internet systems, including financial institutions, government networks and internet-based communications. This included messaging apps and social networks.

These attacks are usually carried out by first using a computer virus, often delivered as an email attachment that installs a secret Trojan horse type program that allows someone else to take over that computer remotely and turn it into a zombie for spamming, stealing, monitoring, or DDOS attacks to shut down another site. There are millions of zombie PCs out there and these can be rented, either for spamming or launching DDOS attacks. You can equip a web site to resist, or even brush off, a DDOS attack but the Ukrainian attack was so massive and well planned that Russian DDOS defenses were of no use.

It took about three weeks to get the Russian internet back to normal, although some systems were so heavily damaged that it will took months to get them running again. Major commercial, government and military systems were damaged or offline for weeks while repairs were made. The Ukrainian attacks were so massive, hitting internet targets throughout Russia, that there were not enough Russian internet engineers to repair all that damage immediately. That meant systems that were not critical were offline for weeks or months.

Russians feared the Ukrainians would launch a similar attack before all the damage from the recent one is repaired. Russia has long been a leader in such attacks, but the Ukrainians prepared for that before the Russian 2022 invasion and upgraded their internet defenses. Russia was not as well prepared and was vulnerable. Some Russian internet engineers warned their government of the vulnerability but not enough was done.

Attacks like these are more common now but have been made for over two decades. One example occurred in 2011 there was an odd incident in South Korea, where a widely distributed computer game appeared to be infected with malware. What caught the attention of South Korean military intelligence was the fact that the malware was hidden in every copy of this game and, at one point, many of the 100,000 infected PCs tried to shut down the air traffic control system at a major South Korean airport.

Further investigation revealed that the airport attack was part of a growing Cyber War campaign by North Korea against government and military websites in South Korea. One of the most disruptive North Korean Cyber War weapons was DDOS attacks. You can equip a website to resist, or even brush off, a DDOS attack and some of those attacks are prepared. But others were not. The South Korean airport was disrupted for several hours. The Russians suffered even greater damage in 2024. North Korea has launched DDOS attacks and attempted to hack into South Korean networks for over twenty years. This is a continuing problem for South Korea and Japan, which have had to construct large scale internet defenses to provide some protection from further North Korea attacks via the internet. Most North Korean attacks are for financial gain. North Korea is perpetually broke and always in need of more cash. North Korean hackers have turned many foreign internet systems they have hacked into their own private ATM.