New Times,
New Thinking.

  1. Spotlight on Policy
  2. Tech and Regulation
  3. Cybersecurity
18 July 2022updated 27 Oct 2023 11:29am

In the cyber war between Russia and Ukraine, media companies are under threat

Figures show a large spike in attacks on journalism and civil society organisations since the invasion.

Cyber attacks on Ukrainian media outlets have shot up since Russia’s invasion of Ukraine. Figures from content delivery network and distributed denial of service (DDoS) mitigation company Cloudflare show a large spike in attacks on journalism and civil society organisations since the invasion began on 24 February.

Cloudflare began offering free cyber security protection to such organisations through its Project Galileo solution in 2014 after spotting an “unsettling trend” of cyber attacks against them.

Since the invasion, however, Cloudflare has seen an increase in applications to Project Galileo. “Many came in while [organisations were] under DDoS attack [where attackers overwhelm websites with traffic, blocking normal users from viewing them], but we also saw sites subject to large influxes of traffic from people on the ground in Ukraine attempting to access information on the ongoing war,” the company said.

“While traffic [to] organisations in Ukraine was largely flat before the start of the war, since that time, traffic increases primarily have been driven by organisations that work in journalism and media.”

The figures show large amounts of hostile traffic to these organisations being blocked by Cloudflare’s Web Application Firewall (WAF), which is a shield placed between a website and the internet. WAFs can protect against a range of attacks, including cross-site scripting (or XSS, which redirects users to non-legitimate websites to steal information from them) and structured query language (SQL) injection (which attacks vulnerabilities in databases).

Select and enter your email address Your weekly guide to the best writing on ideas, politics, books and culture every Saturday. The best way to sign up for The Saturday Read is via The New Statesman's quick and essential guide to the news and politics of the day. The best way to sign up for Morning Call is via
  • Administration / Office
  • Arts and Culture
  • Board Member
  • Business / Corporate Services
  • Client / Customer Services
  • Communications
  • Construction, Works, Engineering
  • Education, Curriculum and Teaching
  • Environment, Conservation and NRM
  • Facility / Grounds Management and Maintenance
  • Finance Management
  • Health - Medical and Nursing Management
  • HR, Training and Organisational Development
  • Information and Communications Technology
  • Information Services, Statistics, Records, Archives
  • Infrastructure Management - Transport, Utilities
  • Legal Officers and Practitioners
  • Librarians and Library Management
  • Management
  • Marketing
  • OH&S, Risk Management
  • Operations Management
  • Planning, Policy, Strategy
  • Printing, Design, Publishing, Web
  • Projects, Programs and Advisors
  • Property, Assets and Fleet Management
  • Public Relations and Media
  • Purchasing and Procurement
  • Quality Management
  • Science and Technical Research and Development
  • Security and Law Enforcement
  • Service Delivery
  • Sport and Recreation
  • Travel, Accommodation, Tourism
  • Wellbeing, Community / Social Services
Visit our privacy Policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications.

As well as stopping some harmful traffic using the WAF, Cloudflare reported that they have also stopped a steady stream of DDoS attacks against journalism organisations. On 19 April, one DDoS attack represented 90 per cent of traffic to Ukrainian journalism organisations protected by Cloudflare’s Project Galileo.

Almost 80 per cent of all DDoS attacks targeting Ukraine were against broadcast, online media and publishing organisations.

The cyber war on the media isn’t just happening in one direction. Separate Cloudflare figures show that Russian media companies were the most targeted industry within the country from January to March 2022, making up more than 80 per cent of DDoS attacks.

Of those, direct attacks from Ukraine made up about 5 per cent. Some 22 per cent of attacks on Russian online media came from Germany, 21 per cent originated in the US, and 13 per cent came from Finland.

Attacks on both countries are distributed across many source countries. For example, most of the attack traffic against Ukraine originated from the US, Russia, Germany, China, the UK and Thailand, which Cloudflare suggested may indicate the use of global botnets.

Content from our partners
We need an urgent review of UK pensions
The future of private credit
Peatlands are nature's unsung climate warriors

Topics in this article : , ,