Statistical Analysis of Cyberattacks in the Russian-Ukrainian War in the Aspects of the CER Directive and Various Attack Methods
摘要
Cyber warfare has become an increasingly dominant factor in armed conflicts, mainly through attacks on critical infrastructure and state institutions. During the Russian-Ukrainian conflict, cyber operations affected the belligerents’ security and the countries indirectly involved. This paper builds on the statistical analysis of CyberPeace Institute’s recorded cyberattacks from 2022–2023, using cross-tabulations and Chi-squared tests to examine their temporal, sectoral, and typological distribution. Key findings indicate that Ukraine has been the principal target, with 73% of incidents aimed at disrupting service availability, particularly within critical infrastructure sectors. In contrast, attacks against Russia demonstrated a broader array of objectives, with a heightened proportion focusing on data integrity. The findings reveal notable deficiencies in international legal frameworks governing cyber warfare, especially concerning the differentiation between civilian and military targets. The analysis pays particular attention to the attack methodologies given in an ENISA publication and the sectors that can be designated under the CER Directive. This study highlights the necessity of strengthening the resilience of critical infrastructure and formulating international cybersecurity policies to effectively address the complexities inherent in hybrid warfare.