Estonia is believed to have been the first country affected by a cyberwar offensive, in which Russians (backed or unbacked by the Russian government) carried out a week-long denial of service attack against hundreds of Estonian websites, destroying its online banking, news media, government sites, and practically everything else online. A politically motivated cyber attack was triggered by an Estonian government decision to move a Soviet-era statue from a central location in Tallinn.

In 2008, Russia invaded Georgia with tanks and navy, blockingading Black Sea to "protect" Russia-friendly separatists within Georgia's borders. However, as the Russian Army rolled into Georgia city-by-city, a series of Denial of Service attacks were launched on designated cities before the invasion. The Russian government denied the cyberwar but action spoke louder.

In addition to Operation Orchard against Syria, the Western forces have developed a series of cyber weapons against Iran in the form of Stuxnet, Duqu, and Flame.

North Korea has launched several cyberattacks against the USA and South Korea, while China uses an Advanced Persistent Threat approach to maintain aggressive cyber postures.

Currently, the conflict between Russia and Ukraine is in the spotlight. Currently, it is in the thick of Cyberwar (read Ambassador Prabhat P Shukla's article here for a prognosis of the conflict). (Please note that cyberwar, among other things, is characterised by its ability to remain anonymous). The latest rounds of cyberwar is presently in progress between Ukraine, supported by the USA, Canada and NATO and Russia supported by Belarus.

There have been several rounds of cyber offensives between two nations, primarily Russia attacking Ukraine since 2015 where they targeted Ukrainian media and infrastructure, including its national railway and Kyiv's airport, destroying hundreds of computers across those victims' networks.

They attacked three Ukrainian regional energy utilities, turning out the lights to about 225,000 civilians, the first known blackout in history ever to be caused by a cyberattack. Russian hackers also hit the country’s pension fund, treasury, seaport authority, and ministries of infrastructure, defence, and finance—deleting terabytes of data that included the next year’s budget. They also hit Ukraine’s railway company, knocking out its online booking system for days during peak holiday travel season. The custom made malware Industroyer or Crash Override carried out a second blackout attack designed to send rapid-fire commands directly to circuit breakers in a victim utility, automating the power-killing process and scaling it up so that it could, in the future, be used simultaneously against multiple facilities.

Switch to the present ongoing conflict. Russia is building up forces on the borders of Ukraine. In the meanwhile Russian forces with heavy equipment were sighted in Belarus. Trains were identified transporting Russian rocket launchers and other equipment in the Belarusian cities of Minsk, Gomel and Rechitsa The official explanation for this buildup is the upcoming joint military exercise Allied Resolve, which is being organised to train soldiers from Russia and Belarus in “repelling an external attack.” The western world is not convinced with the Russian Explanation. They fear that the exercise is just a cover to build up equipment and troops in order to attack Ukraine from the north. The build up will draw large Ukraine forces to its Northern Border thereby thinning the strength at Russian-Ukrainian border An attack from the north would tie up a significant number of Ukrainian forces, preventing them from fighting on the eastern border with Russia or toward Russia-occupied Crimea in the south. Additionally, an attack from the north gives Russian troops an advantage of being able to reach Kyiv without crossing the Dnipro River. Kyiv is just ninety kilometres from the Belarusian border.

The Belarusian leader, Alexander Lukashenko faced western rebuke over the 2020 elections, when he launched a bloody crackdown on protests sparked by vote-rigging during presidential elections. He was driven further into international isolation after he grounded a RyanAir flight in order to arrest a critic of his government and helped manufacture a migrant crisis on EU borders, prompting a humanitarian emergency. He is now completely with Putin. There is total distrust in the statements of Lukashenko by the western world.

On 14th January 2022, several websites of Ukrainian government ministries were hacked and messages in Ukrainian, Russian, and Polish were posted. The statements cited a large-scale leak of personal data of Ukrainians and claimed that the hack was an act of revenge for the genocide of Poles by the Ukrainian Insurgent Army during World War II. The metadata and other Cyber forensic indicators showed geolocation of the start of attack from Poland, especially Warsaw, a possible attempt to shift blame for the cyberattack to Poland. The catch was that the statement in Polish had many grammatical errors and it appeared to have been translated from Russian into Polish via Yandex Translate. The Ukrainian government suspects Belarus behind it. Sergei Demedyuk, deputy secretary of Ukraine’s National Security and Defense Council, told Reuters on January 16 that UNC1151, a hacker group with connections to Belarusian intelligence, could be behind a cyberattack on Ukrainian government websites two days earlier.

In the meanwhile, after the bloody election, in September 2020 the Cyber Partisans ( Twitter handle @cpartisans ) Hacktivist consisting of about 30 members was formed. The hackers have waged cyber offensives targeting Belarusian government. Last year, they released a large classified data that included secret police archives, lists of alleged police informants, personal information about top government officials and spies, video footage gathered from police drones and detention centres and secret recordings of phone calls from a government wiretapping system. The Supreme Court of Belarus declared the hacktavists group Cyber Partisans a terrorist organisation.

On 24th January 2022, the Cyber Partisans group carried out a Ransomware attack on Belarus Railways in an attempt to stop movement of Russian Troops. The posted the message, “ At the command of the terrorist Lukashenka, Belarusian Railway allows the occupying troops to enter our land. We encrypted some of BR's servers, databases and workstations to disrupt its operations.Automation and security systems were NOT affected to avoid emergency situations. We have encryption keys, and we are ready to return Belarusian Railroad's systems to normal mode. Our conditions:

• Release of the 50 political prisoners who are most in need of medical assistance.

• Preventing the presence of Russian troops on the territory of Belarus.

(Earlier on 10 Dec 2021 also the Cyber Partisans group demanded release of 10 Political prisons of their choice while their ransomware had attacked Mogilevtransmash, the largest car company of Belarus. But the government did not accept their demand.)

On 26th January 2022, the group released many internal sensitive documents of Belarus Railways including bank statement to prove that they have indeed encrypted the data and systems of Belarus Railways.

Meanwhile, the Homeland Security of the USA has issued a warning of the high probability of Russian Cyber attack. The warning to important companies and Critical Infrastructure has said, “Russia maintains a range of offensive cyber tools that it could employ against US networks”. It is pertinent to note that Microsoft has been issuing warnings since the last few weeks where build-up is taking place in the US cyberspace for a massive cyber attack.

The Canadian government has informed that its forign ministry has been affected by cyber attack and normal services have been impacted, while critical services are still functional.

Ukraine is getting entrapped from three directions - Russia, Belarus and Black Sea, and Putin in no mood to relent, face off around 09th February 2022 is expected in terms of military operations while Cyber attacks will intensify. For cyberwarfare, Ransomware is becoming a primary choice where demand is not money but political in nature. Or it could well be like a non-Petya with a one way ticket for no decryption key, irrespective of the fact if the demand is met or not.