Science, Technology and International Relations

CWA # 723
Science, Technology and International Relations
Ukraine: The Recurring Russian Cyberattacks 

STIR Team
19 April 2022
Photo Source:

NIAS Fortnightly on Science, Technology and International Relations (STIR) 
Vol 1, No. 20, 19 April 2022

Cover Story
Ukraine: The Recurring Russian Cyberattacks 
Jeshil Samuel J

The cyberattacks on Ukraine are not a new phenomenon; however, the large scale Ukrainian and global retaliation are. The Russian cyberattacks on Ukraine before the invasion have brought its hybrid warfare strategy to the limelight. The problem of attribution and governance in cyberspace has yet again surfaced, and the international community does not seem to have an answer.

 

On 24 February, the Russian invasion of Ukraine began. However, experts had predicted a series of cyberattacks from Moscow even before the physical invasion started. In early January, Russian state-sponsored cyber groups relentlessly targeted Ukrainian cyberspace. The attacks have ranged from simple webpage defacements to large scale DDOS (Distributed Denial of Service) and ransomware attacks. 


Russia- Ukraine Cyberattacks: A profile
 

On 11 January, multiple government agencies in the US (Federal Bureau of Investigation, National Security Agency, Cybersecurity and Infrastructure Security Agency) issued an advisory on Russian state-sponsored cyber operations in Ukraine. The advisory consisted of mitigation and detection strategies to protect the victims of state-sponsored cyberattacks.

On 14 January, multiple Ukrainian websites (private and government-run) were defaced and brought down by suspected Russian hackers. Close to seventy official websites were hit during the attack. The website of the Ukrainian Cabinet, Ministry of External Affairs and Education Ministry was forced to shut down for a brief period. A few Ukrainian websites were hijacked, and hackers displayed messages warning the Ukrainian government and the public to be prepared for the worst. In the aftermath of the large-scale attack, the European Union offered technical assistance to the Ukrainian government to restore their systems online.

On 15 January, Microsoft's Threat Intelligence Centre (MSTIC) released a technical post that analyzed a new malware known as WhisperGate. WhisperGate was a sophisticated wiper malware (malware that deletes data on the victim's system) that prominently targetted Ukrainian entities. The malware was found in Ukrainian systems on 13 January. The malware also disguised itself as ransomware to avoid drawing attention.

On 16 and 18 January, the Ukrainian government blamed the Russian government for conducting large-scale cyberattacks. The Ukrainian government also released a statement saying that multiple government agencies had lost data due to a malware attack on their systems. 

The Ministry of Digital Transformation mentioned that the cyberattacks were part of Russia's hybrid warfare strategy. 

On 15 February, Ukraine's Defence Ministry and two major banks were hit by DDOS attacks. On the same day, a declassified intelligence report revealed that Russian state-sponsored hackers had infiltrated the networks of the Ukrainian military and energy sector.

On 23 February, researchers from cybersecurity firms ESET and Symantec found a second wiper malware in Ukrainian systems. The new malware was dubbed HermeticWiper. Hackers used the malware to target Ukrainian financial institutions and government contractors primarily. The hackers deployed the malware and massive DDOS attacks to make it difficult for cybersecurity experts to prevent. Moreover, according to researchers, the malware was created well in advance and had similarities to the earlier found WhisperGate malware.

On 24 February, before the Russian troops entered Ukraine, the world's largest commercial satellite company Viasat suffered a massive cyberattack. The multifaceted cyberattack temporarily disabled broadband services for thousands of Ukrainians. On the same day, the Russian National Computer Incident Response and Coordination Center warned businesses and the public about cyberattacks targetting Russian cyberspace. The Kremlin's website and other key Russian government websites were shut down by hackers using DDOS attacks. 

II 
Targeting Ukraine's Cyberspace


The recent cyberattacks on Ukraine are not the first time Russia has weaponized cyberspace. Russian state-sponsored cyberattacks have been carried out by Russian Advanced Persistent Threat (APT) groups since 2004. APT is a highly sophisticated threat actor who uses cyberspace for acts of espionage, coercion, theft, dissent and terrorism. APTs are usually state-sponsored due to the scale of their operations and their high-value targets. Despite Russia constantly denying any connection, cybersecurity firms have associated APTs such as Nobelium, Turla, Strontium, and Sandworm with the Russian military intelligence wing, General Staff of the Armed Forces (GRU) and the Federal Security Services (FSB). 

Russian cyberattacks on Ukraine date back to 2014 with the Russian annexation of Crimea. Soon after the annexation, Russia began supporting rebel groups in eastern Ukraine and along with this support came a spew of cyberattacks defacing Ukrainian websites and spreading Russian propaganda. In the same year, Russian state-sponsored hackers attacked the Election Commission of Ukraine to rig the presidential elections. Though the initial attack was successful, Ukrainian officials later discovered the hack and prevented the wrong candidate from winning the election.

In 2015, Russian state-sponsored hackers went on to target Ukrainian critical infrastructures. In December 2015, for example, a Russian APT known as SandWorm began targeting the Ukrainian power grid using its BlackEnergy malware. The malware allowed hackers to control parts of the power grid remotely. Through the attack, SandWorm shut down the entire power grid of Kyiv for six hours, thereby affecting nearly 2.3 lakh Ukrainian citizens. In 2016, a similar attack was carried out by Russian hackers where almost 20 per cent of Kyiv's power grid was turned off for more than six hours. In both these instances, the attack on power grids directly led to the loss of lives due to the subfreezing temperatures in Kyiv. 

In 2017, another Russian APT known as FancyBear caused havoc to Ukrainian systems using the infamous NotPetya ransomware. Ransomware is malicious software that encrypts data on a victim's system until a ransom amount is paid. The NotPetya ransomware was primarily used to target Ukrainian government offices, newspapers, media houses, health services and banks. However, the ransomware ended up targeting systems outside Ukraine, causing massive losses to businesses worldwide. The total estimated cost of the damage caused by the NotPetya ransomware is estimated to be around USD 10 billion.

III
Cyberwarfare as a security tool

Russian hackers regularly target other countries for monetary gains and steal confidential data. The ransomware business, for example, is a lucrative industry within Russia. However, in Ukraine, Russian interests are different. Cyberattacks on Ukrainian cyberspace prove that Russian hackers are not in it for monetary benefits. Russian hackers have targeted Ukrainian interests for the following reasons.

First, to promote the Russian government's interests. The Russian government has turned a blind eye toward cybercriminals and ransomware gangs operating from Russia for their allegiance to the government. Hackers and cybercrime groups operating from Russia follow certain principles, such as not targeting Russian businesses or citizens and helping the Russian government target individuals or state actors whenever needed. Cyberattacks on specific critical infrastructures such as power grids and water treatment facilities could be very costly for the Ukrainian government to fix. Using cyberattacks and ransomware attacks (in particular), the Russian government could also target the Ukrainian financial sector and create an alternate revenue stream to circumvent the heavy sanctions imposed by the West. Cyberspace has also been pivotal in acting as a propaganda machine for the Russian government during the conflict. From posting pro-Russian signs and messages on Ukrainian government websites to creating online forums for pro-Russian protestors and rebels, the Russian government has meticulously utilized cyberspace to promote its goals and agendas.  

Second to conduct large-scale disinformation campaigns. Since the Cold War era, Russians have used disinformation campaigns to manipulate and distract the attention of their enemies. These disinformation campaigns could be in the form of a state-owned news agency, malignant social media posts, fake news bulletins on television and radio shows, and conducting conferences to create false biases among the attendees. The PizzaGate scandal that broke out in the US during the 2016 Presidential elections is an excellent example of a Russian disinformation campaign using social media. The Russian secret service and military intelligence agencies have been closely associated with these disinformation campaigns making them harder to prevent and more potent on unaware citizens. According to the US Department of State, in the case of the recent Ukrainian conflict, Russia has been trying to spread disinformation, including Ukraine and Ukrainian government officials are the aggressors in the war, the West is pushing Ukraine to fight, the deployment of combat troops is just repositioning Russian forces within its borders, the US plans for chemical weapon attacks on Donbas, and NATO has plotted against Russia since the end of the Cold War.

Third, as a military strategy. The Russians had followed the idea of hybrid warfare during their invasion of Crimea in 2014, and it can be seen in the present invasion of Ukraine as well. The main attribute of hybrid warfare is the use of non-state actors to sow chaos and confusion among enemies. In this case, Russia uses hackers and ransomware gangs as its proxies. As a part of their military strategy in Crimea, the Russians used a series of cyberattacks to throw the Ukrainians off-guard. Once the Ukrainians were busy dealing with the confusion caused by the cyberattacks, the Russian military began ground operations in Crimea. This strategy allows countries like Russia to target bigger opponents or countries with stronger international support since none of the attacks can be entirely attributed back to Russia. Attribution of cyberattacks, in particular, are notoriously difficult to prove, and even the United Nations has been unable to resolve the issue of attribution in cyberspace. In the case of Ukraine, it was also in Russia's best interest to escalate tensions using cyberattacks since cyberattacks do not necessarily lead to physical confrontations. Russia could continue targeting Ukrainian critical infrastructure without fearing any kind of intervention from NATO or the EU. 

Retaliation for the cyberattacks on Ukraine

The Russian invasion of Ukraine has made Russia a prime target for hacktivists worldwide. Hacktivists use cyberattacks or data thefts to expose entities that they feel are against their norms and values. For example, the infamous hacktivist group Anonymous publicly announced a cyberwarfare campaign against Putin and his allies on 1 March. Since then, the group has defaced multiple Russian government websites and stolen data from Russia's space agency Roscosmos. In another instance, a hacktivist group known as the Cyber Partisans attacked the railway system of Belarus using cyberattacks, paralyzing the railway lines between Minsk, Orsha and Osipovichi. The hacktivist group claimed that they had conducted the attacks to slow down the movement of Russian troops to Ukraine through Belarus. 

Right after the physical invasion of Ukraine, the Ukrainian government started enrolling veteran cybersecurity experts to be part of its cyber army. The role of the cyber army was to bombard Russian websites with fake requests (DDOS) and collect critical information about Russian entities. The cyber army has grown exponentially, with even less experienced script kiddies (budding hackers) being given tasks to carry out daily. The Ukrainian cyber army and hacktivists worldwide have targeted Russian businesses, banks, media houses, and websites through large-scale cyber attacks. The targeting of Russian financial institutions, in particular, could be catastrophic for Russia when coupled with the economic sanctions imposed on the country. However, experts also fear that the use of cyberattacks by Ukraine would only push Russia to increase its cyber operations, and the use of script kiddies in the cyber army could lead to attacks on unintended targets, thus escalating the issue further.

IV 
Future of Cyberwars

First, an increase in cyberattacks. In the immediate future, we can see a drastic increase in the number of cyberattacks faced by both Russia and Ukraine. The cyber attacks from the Ukrainian side would be oriented towards shaming and threatening Russian entities. In contrast, the attacks from the Russian side would be more focused on Ukrainian critical infrastructure. The cyberattacks will continue to persist despite ceasefires and peace talks occurring in the physical world. Russia will continue its disinformation campaigns in Ukraine using cyberspace in the long run. Russia's recruitment of new rebels in the Donbas region could also be facilitated using cyberspace. 

Second, the rapid increase of cybercriminals. During times of war, the economies of both parties involved get affected. The ease of doing business, for example, has taken a hit during conflicts. In the case of the Russia-Ukraine crisis, both countries will suffer economically even after the war ends. Russia would suffer mainly because of the crippling sanctions, and Ukraine would have to bear the brunt of all the material losses and damages caused by the Russians. Unemployment rates will increase, and people (specially trained in computer science) will resort to illegal means to earn a living. Cybercrime groups in Russia and Ukraine will see a surge since the ransomware industry is a booming field with high returns. Both governments will not bother to keep the cybercriminals in check if they do not meddle with their national interests.  

Third, the intervention of allies and international organizations. Ukraine has already received assistance to recover from cyber attacks from the European Union. If the attacks continue to persist, countries in the region such as Estonia and Latvia would take an active role in helping Ukraine defend its cyberspace. Organizations such as the United Nations would request both parties to stop the cyber attacks and engage in a peaceful dialogue. In the case of Russia, China would be one of the major allies to get involved in attacking Ukrainian cyberspace. Even before Russia could launch cyberattacks on Ukraine, Chinese hackers had started targeting Ukrainian entities. Lastly, the UN may consider forming uniform international laws and norms to govern cyberspace. However, this is a distant dream since both the US, Russia, and China have differing opinions on how cyberattacks should be dealt with.  

References

Cynthia Brumfield, "Russia-linked cyberattacks on Ukraine: A timeline," CSO, 1 April 2022.

Patrick Howell, "Russian hackers tried to bring down Ukraine's power grid to help the invasion," MIT Technology Review, 12 April 2022.

Andy Greenberg, "Russia's Sandworm hackers attempted a third blackout in Ukraine," Wired, 12 April 2022.

Tom Burt, "Disrupting cyberattacks targeting Ukraine," Microsoft, 7 April 2022.

Thomas Brewster, "Most severe cyberattack since Russian invasion crashes Ukraine internet provider," Forbes, 28 March 2022.

Sue Halpern, "The threat of Russian cyberattacks looms large," The New Yorker, 22 March 2022.

Elizabeth Gibney, "Where is Russia's cyberwar? Researchers decipher its strategy," Nature, 17 March 2022.

Gordon Corera, "Russia hacked Ukrainian satellite communications, officials believe," BBC, 25 March 2022.

Natasha Ishak, "Is Russia holding back from cyberwar?," Vox, 19 March 2022.

"Russian government sites facing unprecedented cyber attacks -report," Reuters, 17 March 2022.

Sam Shead, "We want to send them back to the stone age," CNBC, 23 March 2022.

Ian Levy, "Use of Russian technology products and services following the invasion of Ukraine," National Cyber Security Centre, 29 March 2022.

Yashasvi Yadav, "The real real story behind Russia-Ukraine cyberwars," Times of India, 5 April 2022. 

Catalin Cimpanu, "Second data wiper attack hits Ukraine computer networks," The Record, 23 February 2022.

"Russian APT and Ransomware groups," Flashpoint, 3 March 2022. 

Jody Westby, "Russia has carried out 20 years of cyber attacks that call for international response," Forbes, 20 December 2020. 

Aparna Banerjea, "NotPetya: How a Russian malware created the world's worst cyberattack ever," Business Standard, 27 August 2018.

Maggie Smith, "Russia has been at war with Ukraine for years -in cyberspace," The Conversation, 7 February 2022.

Office of the Spokesperson, "Facts vs fiction: Russian disinformation on Ukraine," US Department of State, 20 January 2022.

Anthem Iibiz & Christian Kaunert, "What is hybrid warfare and why is it such a threat?," The Mint, 22 July 2021.

Ryan Gallagher, "Belarus hackers allegedly disrupted trains to thwart Russia," Bloomberg, 28 February 2022.

Joseph Marks, "11 reasons we haven't seen big Russian cyber attacks yet," The Washington Post, 3 March 2022.

Thomas Seal & Alberto Nardelli, "Russia cyber attacks are struggling to impact Ukraine's networks," Bloomberg Quint, 18 March 2022.

Janosch Delcker, "Ukraine's IT army: Who are the cyber guerrillas hacking Russia?," DW, 24 March 2022.

About the author

Jeshil Samuel J is a postgraduate scholar from the Department of International Studies, CHRIST (Deemed to be University), Bengaluru currently enrolled at the NIAS Online Certificate Course on Contemporary Peace Processes.

IN BRIEF
By Rashmi Ramesh

IPCC Report: Emphasis on mitigation and climate action

On 4 April 2022, the Intergovernmental Panel on Climate Change (IPCC) released a report titled "Climate Change 2022: Mitigation of Climate Change". The report is prepared by the Working Group III of the IPCC and is part of the IPCC Sixth Assessment Report scheduled to be released in September 2022. The UN Secretary-General Antonio Guterres remarked that the latest IPCC report is "a litany of broken promises" and added that "this is not a fiction or exaggeration. It is what science tells us will result from our current energy policies. We are on a pathway to global warming of more than double the 1.5-degree limit". 

Following are the key takeaways. First, growing anthropogenic GHG emissions. The net emissions have increased since 1850, courtesy the industrial revolution. Human actions have further accelerated the process, and the total net anthropogenic GHG emissions have increased between 2010-19. There are clear regional and income variations in terms of the contribution to GHG emissions, with 10 per cent of households with the highest per capita income contributing the largest share of global emissions. 

Second, rapid urbanization. Towns and cities have the lion's share of increasing emissions. Redesigning the cityscape with changes in transport system- from private electric vehicles to electric public transport system, reduction of distances that must be travelled, sustainable infrastructure and smart city plans are some of the key focus areas of the report. 

Third, the warnings. The report highlights that the world is not on the course yet, to limit the temperature rise by the Paris Agreement. 

Fourth, emphasis on the co-existence of sustainable development goals and mitigation efforts. The IPCC vice-chair Ramón Pichs-Madruga said: "we see that equity and just transitions can lead to deeper ambitions for accelerated climate action." 

Fifth, the positives. The rate of growth of emissions between 2010-19 has been lower than the previous decade, from 2000-09. The cost of producing solar and wind energy has reduced by nearly 85 per cent since 2010, though it is nowhere near to replacing the non-renewables. The report also takes a positive note on the visible climate action being undertaken in many countries. The IPCC Chair Hoesung Lee said that "there are policies, regulations and market instruments that are proving effective. If these are scaled up and applied more widely and equitably, they can support deep emission reductions and stimulate innovation." 

In comparison to the Fifth Assessment Report (AR5) of the IPCC, the Working Group reports of the AR6 emphasizes on the "unequivocal human influence" on the earth's system. This provides more impetus to already loud calls to formally recognize the end of Holocene and the beginning of the Anthropocene epoch. 

For the first time, an IPCC report has included a chapter on the social aspects of climate change. The chapter titled "Demand, Services and Social Aspects of Mitigation" emphasizes on the demand-side of intervention, such as the use of public transport networks, energy-efficient homes, encouraging people for using cleaner modes of cooling and movement. In other words, there is a focus on motivating people to change consumption patterns which can potentially reduce GHG emissions between 40 to 70 per cent by 2050. ("Climate Change 2022: Mitigation of Climate Change", IPCC, 04 April 2022; "Explained: What are the takeaways from the latest IPCC report on climate change?", The Hindu, 10 April 2022; "Explained: What is the IPCC, and why are its Assessment Reports important?", The Indian Express, 05 April 2022; Kieran Mulvaney, "It's now or never: UN climate report's 4 urgent takeaways", National Geographic, 05 April 2022)

S&T NUGGETS
By Harini Madhusudan and Akriti Sharma

CLIMATE AND ENVIRONMENT
The US: Arctic bases sinking due to climate change
On 16 April, The Associated Press reported that the US military bases in the Arctic and sub-Arctic are failing to prepare for installations because of climate change. The roads and the bases are sinking and cracking due to the thawing of permafrost. Earlier, the US military had recognized climate change as a threat to national security. Additionally, wildfires, storms, hurricanes, and floods have added to the interruptions in the training, installations and other operations. Earlier, in October 2021, Pentagon had called for incorporating global warming in the strategic planning and training of troops to manage their water supplies and deal with heat injuries. (Ellen Knickmeyer, "Pentagon climate plan: war-fighting in hotter, harsher world," The Associated Press, 16 April 2022)

Environment: Antarctic ice shelves collapsed because of hot air from the Pacific
On 14 April, according to the researchers reported by the New York Times, the rapid collapse of the ice shelves in the Antarctic was due to the warm moisture laden air from the Pacific Ocean. In 1995, Larsen A and in 2002 Larsen B shelves disintegrated. It has been found that the warming up of the planet over the years had weakened and fractured the ice shelves, resulting in their collapse. According to a climatologist and meteorologist at the Université Grenoble Alpes reported by the New York Times said: "We identify atmospheric rivers as a mechanism that can create extreme conditions over the ice shelves of the Antarctic Peninsula and potentially lead to their destabilization," He added: "The only reason why melting has not been significant so far is because it's just farther south compared to the others, therefore colder," The researchers are now fearing that Larsen C is also at risk of collapsing.(Henry Fountain, "Why Did Two Antarctic Ice Shelves Fail? Scientists Say They Now Know," The New York Times, 14 April 2022)

Tunisia: Diesel tank sinks
On 16 April, a diesel carrying tanker carrying 750 tonnes of fuel sank in southeastern Tunisia. On 15 April, the crew had made an emergency call due to bad weather which the cause of the sinking. The tanker was sailing from Egypt to Malta when it sank in the Gulf of Gabes. Environment Minister Leila Chikhaoui said that the situation was "under control". The Environment Ministry said: "to evaluate the situation … and take necessary preventive decisions in coordination with the regional authorities," However, the oil leakage had not begun and authorities are discovering ways to pump out the oil from the tanker which would be a challenging task. ("Diesel tanker sinks off Tunisia risking environmental disaster," The Guardian, 16 April 2022) 

South Africa: Devastating floods in KwaZulu-Natal province
On 19 April, the government of South Africa sent 10,000 troops to KwaZulu-Natal province to manage the devastating impact of the floods. As of 19 April, 440 people have died, and 63 are missing. The government has declared floods a national disaster. South African National Defence Force (SANDF) said that the troops would assist in rescue operations. The floods have damaged essential infrastructure including roads, water and electricity, bridges, schools and hospitals. On 18 April, President Cyril Ramaphosa addressed the nation and announced many measures to address the situation. He said that the government will "spare no expense" to to provide assistance and rebuild the infrastructure. According to the officials, the floods in the KwaZulu-Natal region are the worst floods in the history of South Africa owing to the magnitude of damage.("KwaZulu-Natal floods: South Africa army sends 10,000 troops," BBC, 19 April 2022)

HEALTH
The UK: Valneva vaccine approved
On 16 April, a new COVID-19 vaccine was approved in the UK manufactured by Valneva. The manufacturing of the vaccine has been done using more traditional technology similar to polio and flu vaccines. It contains an inactivated copy of the virus so that it can teach the body to fight the virus. Earlier, the government canceled the deal which was supposed to deliver 100 million vaccines due to breach of obligations. Similar to the AstraZeneca and Pfizer vaccines, Valneva also requires two doses. During trials the people had more neutralizing antibodies which outnumbered the AstraZeneca vaccine. The vaccine can prove to be revolutionary for the global efforts to fight the pandemic. ("Valneva Covid vaccine approved for use in UK," BBC, 16 April 2022)

SPACE
China: Chinese crew returns to Earth after spending 182 days in orbit 
On 16 April, three Chinese astronauts returned after spending a national record of up to 182 days in Orbit, marking China's second crewed space station mission. The astronauts spent six months aboard the Tianhe which is the core module for China's space station that is under construction. While they were abroad, they are said to have conducted many extravehicular activities of 12 hours and 36 minutes, hosted live science lectures for students on Earth, and carried out a range of science experiments and technology tests. The crew returned on Shenzhou-3, and was the first time that China employed a 'rapid return' system cutting down the number of orbits to five from 11 after leaving Tianhe. The crew landed in nine hours after docking. (Andrew Jones, "Shenzhou-13 astronauts return to Earth after 182-day mission,SpaceNews, 16 April 2022)

Space: NROL-85 spy satellite launched by SpaceX 
On 17 April, marking the 148th launch of the Falcon 9 and its 14th mission of 2022, the SpaceX rocket was used to launch NROL-85. SpaceX has received a contract from the US Air Force in 2019 to launch NROL-87 and NROL-85. The company has previously launched NRO satellites under such commercial contracts. The NRO series of the National Reconnaissance Office is known to build and operate classified US government surveillance and intelligence satellites. This marks the 61st mission launched by the agency since its existence was revealed in 1996. (Sandra Erwin, "SpaceX launches NROL-85 spy satellite for US National Reconnaissance Office,SpaceNews, 17 April 2022)

TECHNOLOGY
Ukraine-Russia War: AI facial recognition to identify the displaced in Ukraine War
On 13 April, BBC reported, how an otherwise controversial AI technology that is used for facial recognition is being used by the Ukrainian authorities in more than a thousand cases to identify individuals that are dead or displaced. In March, the company Clearview AI announced that they have given their technology to the Ukrainian government. Clearview is known to be a controversial company for its facial recognition system in the world. It owns a system called a "search engine for faces," which is a database created from billions of photos scraped from social media companies like Facebook or Twitter. And as Google helps with finding information with a string of words, this technology helps with a photo or a face. This controversial site has been on legal battles with big tech companies and governments for their data procurement strategies, and its usage in active-war has raised many legal questions. (James Clayton, "How facial recognition is identifying the dead in Ukraine,BBC, 13 April 2022)

Cryptocurrency: Gamers targeted by North Korean hackers
On 15 April, investigators from the US, linked a group of North Korea backed hackers to a massive cryptocurrency heist that targeted players of the game Axie Infinity. In the game, the players could earn crypto through gameplay or by trading their avatars. It is alleged that a group named "Lazarus" which is believed to be controlled by the North Korean government were involved in the breach that hacked USD 615 million from the players. Lazarus are previously known for their 2014 heist when they were accused for hacking Sony Pictures and leaking confidential information. ("North Korean hackers target gamers in $615m crypto heist - US," BBC, 15 April 2022)

Twitter: Board pondering 'poison pill' against Musk bid
On 17 April, the Twitter board pulled a move to arm itself against a possible 'hostile' takeover. This move was made after Elon Musk publicly announced his intent to buy the platform at USD 43 billion. Twitter will adopt a "poison pill" or a "limited-duration shareholder rights plan." This will prevent anyone from having more than 15 per cent stake in the company. Twitter also released a statement that called Musk's plan, 'unsolicited, non-binding proposal to acquire Twitter,' with no attempts made to negotiate with the company. The "poison pill" is like a nuclear option for businesses, and the current plan for twitter is expected to expire on 14 April 2023. ("Twitter board takes action to fight Musk bid,BBC, 17 April 2022)

About the authors
Harini Madhusudan, Rashmi Ramesh, and Akriti Sharma are PhD scholars at the School of Conflict and Security Studies, NIAS.


PREVIOUS COMMENTS

Global Politics Review: WPF Report 2026
June 2026 | CWA # 2142

Glynnis Winona B

Bhutan and Press Freedom:
Four takeaways on regulatory control, economic fragility, and social constraints
Global Politics Review: WPF Report 2026
June 2026 | CWA # 2141

Aishal Hab Yousuf

Maldives and Press Freedom:
Four takeaways on the influence of democracy, legislation, and state funding
Global Politics Review: WPF Report 2026
June 2026 | CWA # 2140

Nithin V

Pakistan and Press Freedom:
Four takeaways Military influence, cyber laws, political instability, and youth-driven digital journalism
Global Politics Review: WPF Report 2026
June 2026 | CWA # 2139

Siddhi Halyur

Afghanistan and Press Freedom:
Four takeaways on political control, religious restrictions and economic vulnerabilities 
Global Politics Review: WPF Report 2026
June 2026 | CWA # 2138

Siddhi Halyur

Nepal and Press Freedom:
Three takeaways on Political constraints, Missing legal protection and Funding issues
TWTW Explainer
June 2026 | CWA # 2136

Acsah H

The Blue Origin Rocket Explosion:
Does this leave Jeff Bezos grounded, Elon Musk unchallenged, and NASA’s lunar timeline in jeopardy?
CW Note
June 2026 | CWA # 2131

Rohini Reenum

Israel-Lebanon Tensions:
New Deal amidst Israeli incursion and Hezbollah’s retaliation
CW Explainer
June 2026 | CWA # 2130

Akshath Kaimal

The UK-Rwanda Asylum Deal: 
Why did the Permanent Court of Arbitration reject Rwanda’s claims? What was Rwanda’s complaint? Why did the UK cancel the deal?
CW Column
June 2026 | CWA # 2129

Anu Maria Joseph

Conflicts in Africa This Week:
The Ebola fear in DR Congo and the Elections in Ethiopia amidst conflicts
TWTW Note
May 2026 | CWA # 2126

Aparna A Nair

The Shenzhou-23 Mission:
China’s Space Missions, Technology, and Infrastructure
CW Note
May 2026 | CWA # 2124

Glynnis Winona B

The Crisis in Cuba:
The US Sanctions, Energy Crisis, and Economic Instability
CW Note
May 2026 | CWA # 2123

Akshath Kaimal

The Ebola and the DR Congo:
Multiple Outbreaks, Fragile Healthcare System, and Ineffective Global Responses
CW Column
May 2026 | CWA # 2122

Radhika M Agarwal

The War in Ukraine:
Ballistic missiles, Nuclear drills with Belarus, and the Czech ammunition initiative
CW Column
May 2026 | CWA # 2120

Brighty Ann Sarah

Conflicts in the Middle East
The US-Iran War Week Thirteen: Escalating Hostilities, Tenuous Ceasefire and Tense Negotiations
CW Column
May 2026 | CWA # 2119

Anu Maria Joseph

Conflicts in Africa
The Ebola spread in DR Congo, The Faye-Sonko split in Senegal, and the Deepening US military involvement in Nigeria
TWTW Note
May 2026 | CWA # 2115

Aparna A Nair

The Putin-Xi Summit
Trade, Technology, Security, and Pipeline
Global Politics Explainer
May 2026 | CWA # 2114

Glynnis Winona B

What makes the UAE a global player?
Explaining the Governance, Economy, People, and Strategic Influence of a Small Middle Eastern State
Global Politics Explainer
May 2026 | CWA # 2113

Aishal Hab Yousuf

Sri Lanka and the US-Iran War 
Rising oil imports, Austerity measures and State capacity
The World This Week
May 2026 | CWA # 2111

NIAS Global Politics Team

The Trump-Xi Summit
The Africa Forward Summit 2026 I North Korea's Constitutional Amendment 2026
TWTW Note
May 2026 | CWA # 2110

Aishal Hab Yousuf

The Trump-Xi Summit:
Managing Strategic Competition through Trade, Technology, and Diplomacy
Conflict Weekly
May 2026 | CWA # 2092

NIAS Global Politics Team

The US-Iran War, Week Ten
CW Column on Middle East: Escalating Israeli Aggression in Lebanon I UAE's Covert Manoeuvres
CW Column
May 2026 | CWA # 2091

Brighty Ann Sarah

Conflicts in the Middle East:
Escalating Israeli Aggression in Lebanon I UAEs Covert Manoeuvres
CW Note
May 2026 | CWA # 2090

Brighty Ann Sarah

The US-Iran War, Week Ten:
Fraying Ceasefire, Renewed Negotiations and the Risk of a Stalemate
TWTW Takeaways
May 2026 | CWA # 2088

Nithin V

King Charles's US Visit:
Emphasis on strong bilateral relations, democratic values and security cooperation
TWTW Note
May 2026 | CWA # 2086

Aishal Hab Yousuf

UAEs Exit from OPEC:
Implications for the Middle East and the Energy Market
CW Note
May 2026 | CWA # 2083

Brighty Ann Sarah

The US-Iran War, Week Nine:
Deadlocked Negotiations, Competing Agendas and Domestic Pressure
CW Note
May 2026 | CWA # 2082

Akshath Kaimal

Escalating Violence in Mali:
Between Ethnic Insurgencies, Jihadist Attacks, and Military Coups
TWTW Note
April 2026 | CWA # 2079

Aishal Hab Yousuf

Japans New Defence Posture:
From Post-War Pacifism to Strategic Recalibration and Autonomy
CW Note
April 2026 | CWA # 2074

Brighty Ann Sarah

Israel-Lebanon Ceasefire:
Asymmetric Terms, Fragile Truce and Israeli Occupation
CW Note
April 2026 | CWA # 2073

Akshath Kaimal

The US-Iran War, Week Eight:
A Fragile Ceasefire, Attempts to Control Hormuz and the Stalled Talks in Islamabad
Special Commentary
April 2026 | CWA # 2072

Anu Maria Joseph

Three Years of War in Sudan
Prolonged Stalemate, Humanitarian Cost, External Interventions and Regional Fallouts
Peace and Conflicts This Quarter (JanuaryMarch 2026)
April 2026 | CWA # 2069

Padmashree Anandhan

The War in Ukraine
Expanding Drone Warfare, Russia's Strategic Patience and Ukraine's Diplomatic Outreach
Peace and Conflicts This Quarter (JanuaryMarch 2026)
April 2026 | CWA # 2068

Femy Francis

China-Japan Tensions
Escalating Defence Posturing and Economic Decoupling
Peace and Conflicts This Quarter (JanuaryMarch 2026)
April 2026 | CWA # 2067

Anu Maria Joseph

Conflicts in Africa
Continuing Conflicts in Sudan, South Sudan and DR Congo, Security issues in Nigeria, and Political Instability in Madagascar
Peace and Conflicts This Quarter (JanuaryMarch 2026)
April 2026 | CWA # 2066

Akshath Kaimal

The Pakistan-Afghanistan Conflict
Recurrent Clashes, Defiant Taliban, Contesting Narratives and Emerging Chinas Role
The World This Quarter
April 2026 | CWA # 2065

Lakshmi Venugopal Menon

The Middle East (JanMar 2026):
The US-Iran War, Israel-Hamas Conflict and their interconnected fallouts
The World This Quarter
April 2026 | CWA # 2064

Anwesha Ghosh

Afghanistan (JanMar 2026):
Gender Repression, Leadership Rifts, Regional Realignments and Clashes with Pakistan
The World This Quarter
April 2026 | CWA # 2063

Ramya B

Russia (Jan-Mar 2026)
Assertive Military Posture, Attempts for an Economic Turnaround and Search for Partners
The World This Quarter
April 2026 | CWA # 2062

Himani Pant

Europe (Jan-Mar 2026)
Trade diversification & FTAs, Increased defence spending, Tightening irregular migration and Economic slowdown
The World This Quarter
April 2026 | CWA # 2061

S Shaji

Africa (Jan-Mar 2026)
Elections, Civil Wars, Militancy and Peace Initiatives
The World This Quarter
April 2026 | CWA # 2059

Adarsh Vijay

India and the World(Jan-Mar 2026)
Maintaining Strategic Autonomy, Balancing the US relations and Resetting the China ties
The World This Quarter
April 2026 | CWA # 2058

Nishchal N Pandey & Mahesh Raj Bhatta

Nepal (Jan-Mar 2026)
Political Upheaval, Generational Change and Economic Uncertainty
The World This Quarter
April 2026 | CWA # 2057

Bibhu Prasad Routray

Myanmar (Jan-Mar 2026)
An Illegitimate Regimes Consolidation Game
The World This Quarter
April 2026 | CWA # 2056

Ashik J Bonofer

Southeast Asia (Jan-Mar 2026)
Deteriorating situation in Myanmar, Philippines as the ASEAN Chair, New government in Thailand, and Economic & Environmental challenges
The World This Quarter
April 2026 | CWA # 2055

Haans J Freddy

East Asia (Jan-Mar 2026)
Chinas military operations near Taiwan, Japan-China tensions and South Koreas security challenges
The World This Quarter
April 2026 | CWA # 2054

Amrita Jash

Chinas External Landscape (Jan-Mar 2026):
Regional assertion, Pragmatic recalibration with the West and Avoiding military entanglement in the Middle East
The World This Quarter
April 2026 | CWA # 2052

Shreya Upadhyay

The United States(Jan-Mar2026)
Tariffs, Ukraine, Iran and Operationalization of Trumps World Order
March 2026 | CWA # 2039

Femy Francis

Trump-Xi Meeting
Why did Trump reschedule it? What does that mean?
March 2026 | CWA # 2035

Akshath Kaimal

Pakistan-Afghanistan Conflict
Broken ceasefire, Expanding military strikes and Worsening humanitarian situation
Global Politics Early Bird
March 2026 | CWA # 2033

Mahesh Bhatta

Nepal after elections:
Five major challenges for the new government
March 2026 | CWA # 2024

Lekshmi MK

The UN and the Iran-US War
UNSC Resolution 2817 between Clear and Unified Message and Manifest Injustice
March 2026 | CWA # 2023

Femy Francis

Chinas Two Sessions 2026
New Five-Year Plan, Ethnic Unity Law, and an Enhanced Defence Budget
March 2026 | CWA # 2019

Akshath Kaimal

Rising Violence in Nigeria
Limited State Capacity, Multiple Actors, and a Complex Security Environment
March 2026 | CWA # 2012

Padmashree Anandhan

The War in Ukraine
Long-range strikes, Defence adaptation and the EUs energy dependence
Global Politics Early Bird
March 2026 | CWA # 2010

Mahesh Bhatta

Nepal Elections 2026
The Rise of the New and the Fall of the Old
March 2026 | CWA # 2009

Sreemaya Nair

Nepal Elections 2026
Rise of a new leadership and Reset in political landscape
March 2026 | CWA # 2004

Akshath Kaimal

The Forgotten South Sudan Conflict
Instability returns, with a fragile peace agreement, uptick in violence and limited international engagement
March 2026 | CWA # 2003

Yesasvi Koganti

PM Modis Visit to Israel
From bilateral ties to a special strategic partnership
February 2026 | CWA # 1998

Anu Maria Joseph

Instability in Sudan
Response to the genocide call and the threats of a regional spillover
PR Commentary
February 2026 | CWA # 1985

Abhimanyu Solanki

Basant in Pakistan
The return of Basant, and what it signifies
February 2026 | CWA # 1977

Anu Maria Joseph

Violence in Nigeria
US military deployment amidst worsening insurgency
February 2026 | CWA # 1976

Lekshmi MK

The War in Ukraine
The Geneva Talks and Growing Negotiation Asymmetry
Pakistan in 2025
December 2025 | CWA # 1971

Vani Vyshnavi Jupudi

Pakistan Budget 2025-26
Legislating stabilisation under IMF discipline and coalition constraints
Pakistan in 2025
December 2025 | CWA # 1970

Aparna A Nair

Pakistan & China
Ten Years of China-Pakistan Economic Corridor (CPEC)
PR Explainer
November 2025 | CWA # 1968

Vani Vyshnavi Jupudi

Pakistan and the US
A New opening, or another cycle?
February 2026 | CWA # 1959

Yesasvi Koganti

UK and China
PM Keir Starmers visit and the Recalibration of Economic, Strategic, and Domestic ties
TWTW Note
January 2026 | CWA # 1946

R Preetha

The Davos Summit 2026
Five Major Takeaways from The World Economic Forum
State of Global Politics 2025
December 2025 | CWA # 1931

Padmashree Anandhan

NATO Summit 2025
State of Global Politics 2025
December 2025 | CWA # 1924

Padmashree Anandhan

NATO Summit 2025
This Week in History
August 2025 | CWA # 1801

R Preetha

28 August 1963
Martin Luther King's "I Have a Dream" speech and the Civil Rights Movement in the US
The World This Week
August 2025 | CWA # 1790

GP Team

The World This Week#323-324
The Trump-Putin meeting & the US-China tariff extension
TWTW note
August 2025 | CWA # 1780

Abhiruchi Chowdhury

Trump tariffs:
Weaponization of access to the US economy
The World This Week
August 2025 | CWA # 1779

GP Team

The World This Week#322
US tariffs on India, Brazil and Canada & the EU-US trade deal
This Week in History
August 2025 | CWA # 1778

Lekshmi MK

28 July 1914
Austria-Hungary declares war on Serbia, starting the First World War
Global Politics Explainer
July 2025 | CWA # 1770

Abhiruchi Chowdhury

Pakistan-Afghanistan relations:
Why the focus on terrorism, refugees, and Uzbekistan as the third partner?
The World This Week
July 2025 | CWA # 1769

GP Team

The World This Week#321
Indian PM Modi's visit to the Maldives I Elections to the Upper House in Japan
Global Politics Explainer
July 2025 | CWA # 1762

Lekshmi MK

Ocean Darkening: 
What is the phenomenon? What are its effects? And who are more vulnerable?
Global Politics Explainer
July 2025 | CWA # 1749

R Preetha

Africa as the Hunger Epicenter
Of the 13 Global Hunger Hotspots, 8 are in Africa: Five reasons why
The World This Week
July 2025 | CWA # 1748

GP Team

The World This Week #318
PM Modi’s Visit to Trinidad and Tobago & Ghana, One big beautiful bill, and Quad Foreign Ministers Meeting
Global Politics Explainer
July 2025 | CWA # 1744

Chittrothu Vaihali

EU-Canada Summit 2025
What is security and defence partnership all about?
Conflict Weekly
July 2025 | CWA # 1742

IPRI Team

Conflict Weekly # 287-88
The 12 Day War and the Congo-Rwanda Peace Deal
Global Politics Explainer
July 2025 | CWA # 1738

Fleur Elizabeth Philip

Thailand and Cambodia
What was the phone call between PM Shinawatra and President of Senate Hun Sen? What is the border dispute between the two? Why has this become an issue?
TWTW Note
June 2025 | CWA # 1735

Padmashree Anandhan

NATO Summit 2025:
Trump making Europe great again
The World This Week
June 2025 | CWA # 1734

GP Team

The World This Week #317
NATO Summit 2025 and Russia-Mali bilateral agreements
Global Politics Explainer
June 2025 | CWA # 1733

Ananya Dinesh

China and the Pacific Islands 
What was the recent China-PIC joint statement about? What it says, and what it means?
TWTW Note
June 2025 | CWA # 1728

M Kejia

G7 Summit 2025:
The Focus on the Middle East and Trade negotiations
The World This Week
June 2025 | CWA # 1726

GP Team

The World This Week #316
China-Central Asia Summit in Kazakhstan, and the G7 Summit in Canada
Global Politics Explainer
June 2025 | CWA # 1725

Brighty Ann Sarah, R Preetha, Santhiya M, Aparna A Nair & M Kejia

Operation Midnight Hammer: US bombs three nuclear sites in Iran
What were the three Iranian nuclear sites that were targeted? What are the B2 Bombers and Bunker Buster Bombs? What do these attacks mean? What Next?
Conflict Weekly
June 2025 | CWA # 1724

IPRI Team

Conflict Weekly #286
The Spiralling Israel-Iran Crisis, and the Dangerous Hunger Hotspots
Global Politics Explainer
June 2025 | CWA # 1721

Rizwana Banu S and Santhiya M

Who are the Afrikaners?
Why is Trump interested in the Afrikaner question in South Africa?
Global Politics Explainer
June 2025 | CWA # 1720

Lekshmi MK

New WMO Report on Arctic Warming
What are the social, economic and environmental implications of Arctic warming
Global Politics Explainer
June 2025 | CWA # 1719

J Yamini  

China’s EV Surge
What contributes to the rise of BYD
Global Politics Explainer
June 2025 | CWA # 1717

J Yamini

Gender Violence in Pakistan:
What are the larger issues in the Noor Mukadam case?
TWTW Note
June 2025 | CWA # 1715

Femy Francis

The US-China:
On Tariffs, Rare Earths and Visas
The World This Week
June 2025 | CWA # 1713

GP Team

The World This Week #315
The UN Ocean Conference in France and the US-China Meeting in London
Conflict Weekly
June 2025 | CWA # 1709

IPRI Team

Conflict Weekly #284-285
Cambodia-Thailand Border Tensions, Protests in the US, and the Indigenous Māori question in New Zealand
The World This Week
June 2025 | CWA # 1705

GP Team

The World This Week #314
Elections in South Korea and Poland I China and the Pacific Island Countries I Bangladesh Election Announcement 2026
Global Politics Explainer
June 2025 | CWA # 1700

R Preetha

Ethiopia bans the TPLF
What does the TPLF ban mean for the Pretoria agreement? What next for Ethiopia?
TWTW Note
June 2025 | CWA # 1694

Aashish Ganeshan

The US:
Harvard vs Trump Administration
The World This Week
June 2025 | CWA # 1691

GP Team

The World This Week #313
China-ASEAN-GCC Summit I President Macron's visit to South East Asia I Trump Vs Harvard
The World This Week
May 2025 | CWA # 1690

GP Team

The World This Week #312
Elections in Romania, Portugal & Poland I UK-EU Summit
CW Note
May 2025 | CWA # 1689

Padmashree Anandhan

Ukraine
Continuing Russia’s Aerial Attacks, despite exchange of prisoners
CW Note
May 2025 | CWA # 1688

Ayan Datta

Gaza
The Humanitarian Crisis and Israel’s Renewed Offensive
TWTW Note
May 2025 | CWA # 1685

Aparna A Nair

UK-EU Summit:
First step towards a reset
TWTW Note
May 2025 | CWA # 1683

Aashish Ganeshan

Elections in Portugal:
The Rise of Chega Party and the Search for Political Stability
TWTW Note
May 2025 | CWA # 1679

Aashish Ganeshan

US in the Middle Easr
Trump’s visit to Saudi Arabia, Qatar and UAE
TWTW Note
May 2025 | CWA # 1678

Gauri Gupta

China in Latin America
China-CELAC forum: Strengthening ties with Latin America and Caribbean
The World This Week
May 2025 | CWA # 1677

GP Team

The World This Week #310-311
China in Latin America and the Carribbean I Trump's Middle East Visit I Denmark as the new Arctic Chair
CW Note
May 2025 | CWA # 1675

Lekshmi MK

Turkey:
PKK disbands after 40 years of armed insurgency
CW Note
May 2025 | CWA # 1673

Padmashree Anandhan

Ukraine:
The Discussion in Turkiye and the Elusive Ceasefire
CW Note
May 2025 | CWA # 1672

D Suba Chandran

India and Pakistan:
De-escalation and the “New Normal”
CW Note
May 2025 | CWA # 1671

Abhiruchi Chowdhury

US, Ukraine and Russia:
Air attacks amidst a Minerals deal and Ceasefire Proposals
Global Politics Early Bird
May 2025 | CWA # 1670

Fleur Elizabeth Philip

Singapore Elections in 2025:
People’s Action Party (PAP) Wins, Again
TWTW Note
May 2025 | CWA # 1667

R Preetha and Brighty Ann Sarah

East Asia:
Tough Tariff Negotiations with the US
TWTW Note
May 2025 | CWA # 1666

Padmashree Anandhan

The US-Ukraine
The mineral deal with the US
Conflict Weekly
May 2025 | CWA # 1665
Conflict Weekly # 280-81
India-Pakistan De-escalation I Ukraine Discussion in Istanbul I The Battle over Port Sudan I Disbanding of PKK in Turkiye I France-Algeria Diplomatic Tensions
Global Politics Early Bird
May 2025 | CWA # 1663

R Preetha

Canada Elections 2025:
What do the results convey? What next for Mark Carney?
NIAS Global Politics Database
March 2024 | CWA # 1251

NIAS Africa Team

Africa This Week
NIAS Global Politics Database
February 2024 | CWA # 1226

NIAS Africa Team

Africa This Week
The War in Ukraine
October 2023 | CWA # 1091

Annem Naga Bindhu Madhuri

Issues for Europe
IPRI Quarterly Forecasts I Triggers, Trends, and Trajectories
July 2023 | CWA # 1012

Bibhu Prasad Routray

Myanmar continues to burn
2022: The World This Year
December 2022 | CWA # 879

Padmashree Anandhan

The Ukraine War
Europe: Heatwaves, Wildfires, Droughts, and Ice Melt in Alps
November 2022 | CWA # 838

Rishma Banerjee

Tracing Europe's droughts
NIAS Africa Weekly
March 2022 | CWA # 705

NIAS Africa Team

In Focus: Libya
The World This Week: 150th Issue
December 2021 | CWA # 630

GP Team

Europe in 2021
Pakistan Reader
October 2021 | CWA # 588

Abigail Miriam Fernandez

TLP is back again
NIAS Fortnightly on Science, Technology & International Relations
August 2021 | CWA # 528

STIR Team

Space Tourism
Science, Technology and International Relations
September 2019 | CWA # 162

Lakshman Chakravarthy N

5G: A Primer
South Asia Monthly Brief (Nov 2018)
December 2018 | CWA # 71

Mahesh Bhatta

Nepal
South Asia Monthly Brief (Nov 2018)
December 2018 | CWA # 70

Nasima Khatoon

The Maldives
South Asia Monthly Brief (Nov 2018)
December 2018 | CWA # 69

Harini Madhusudan

India
South Asia Monthly Brief (Nov 2018)
December 2018 | CWA # 68

Sourina Bej

Bangladesh
South Asia Monthly Brief (Nov 2018)
December 2018 | CWA # 67

Seetha Lakshmi Dinesh Iyer

Afghanistan