These are some of the most disruptive cyberattacks we've ever seen.

I'm Andy Greenberg, I'm a senior writer with wired and the author of the book Sand worm and I'm going to walk you through the history of Russia's cyberattacks against Ukraine.

Right now, of course, there is an actual full scale Russian invasion of Ukraine taking place.

Ukraine is now the epicenter of Russia's conflict with the West as it has been in some ways sort of under the radar for the last almost decade.

But it also is a country whose recent history has these lessons about the nature of cyber war and it's a country where we can look to understand what Russia is capable of in its digital disruption and how to be prepared for it.

2014, Russia hacks the Ukrainian Central Election Commission In 2014, Ukraine has a revolution and it pulls away from Russia's sphere of influence.

And then later that year, as it's having its first presidential election, Russian state sponsored hackers break into its Central Election Commission and essentially try to fake the results.

They plant a spoofed image that seems to show that this far right candidate has won by a landslide.

In fact he won like single digit percentages of the votes.

Actually, the Central Election Commission caught this fake results in time and managed to foil this, but Russian tv.

Nonetheless broadcast those fake results, which kind of shows how they were working in league with these hackers Putin and the Kremlin have always wanted to paint the new Ukrainian democratic government as controlled secretly by neo nazis And so trying to spoof that the results showed that the actual winner of the election was this super far right candidate was just another kind of beat in that campaign of disinformation.

2015 Russia hacks, Ukraine's power grid, A now notorious group of state sponsored hackers called sandworm takes over Russia's cyber warfare in Ukraine and they launch a whole series of attacks that hits Ukrainian media government agencies and then just before christmas they cap all this off with a cyber attack on Ukrainian power grid, which is the first time in history that hackers actually trigger a blackout, but just to kind of add insult to injury, Sandworm also destroyed hundreds of computers inside of these utilities, they bombarded them with fake phone calls just to add an extra layer of chaos and they even turned off the backup power supply to the control rooms themselves so that these operators were thrown into a kind of blackout in the midst of their own blackout.

This blackout really only lasted six hours or so before Ukrainians were able to manually switch the power back on, but I think it was intended to have a kind of Terrorizing effect and it shocked the world and it's also kind of gave sand worm this reputation as perhaps the most disruptive, the most cyberwar oriented hacker group in the world, 2016 sandworm attacks, Ukraine's power grid again, this time in Kiev, about a year after sand worms first attacks in Ukraine, it returns with another even more severe collection of cyber attacks against Ukrainian government agencies, the Ministry of Defense and Infrastructure and finance.

The hackers destroyed terabytes of data on these agency networks.

They actually wiped the country's national budget for the year.

This series of cyberattacks culminates in an attack on the power grid, causing another blackout this time in the capital of Kiev.

The second blackout only lasted an hour, but in some ways it was nonetheless kind of escalation of what sand worm had inflicted the year before.

They actually disabled safety systems in this transmission station with the intention that when the Ukrainian operators rushed to turn the power back on, they might have caused an overload of currents on power lines or even exploded.

A transformer, truly dangerous and physically destructive effects of a kind that we had never seen before inside of an electrical utility and that only failed because of a tiny miss configuration.

In sand worms malware, 2017 sand worm releases the not petty.

A malware That morning of 27 June 2017 Ukrainians across the country began to see this ransomware message appear on computers in all sorts of networks from private industry and banks to government, agencies hospitals.

it seemed to be encrypting computers and demanding a ransom in the ways that cyber criminal hackers often do.

But even when you paid the ransom, you couldn't recover your files.

It was actually a data destroying piece of code designed to cause maximum chaos.

And then because internet worms do not generally like stay within national boundaries, it spread to the rest of the world.

Not to, to immediately hit companies like Maersk, the world's largest shipping firm, and Fedex and Mondelez, which owns Cadbury and Nabisco and Merck, the pharmaceutical giants.

In the case of mask for instance, that meant that tens of thousands of trucks were lining up outside of terminals and ports around the world and ships with thousands and thousands of containers on them are arriving at those ports and nobody knows what is on them for market meant.

They had to borrow their own HPV vaccine from the Center for Disease control because their manufacturing was shut down.

In each of these cases, these companies lost hundreds of millions of dollars, more than a billion in some cases, all because of this one cyber attack that had spilled out from Ukraine, what comes next In the years after sand worm hit other targets around the world, including the 2018 Winter.

Olympics in Pyeongchang Korea To the nation of Georgia where they shut down television stations in 2019, but we haven't seen sand worm reappear in any obvious way in Ukraine.

Now, just before the full scale physical Russian invasion of Ukraine that occurred on February 24, we did see another round of cyber attacks that destroyed hundreds of computers in Ukrainian governments and military agencies.

Um although we don't have any conclusive evidence yet that it really was sand worm.

This time.

Now in the midst of this invasion, cyberwar has been a pretty secondary element at best, people are dying by the thousands, refugees are fleeing the country.

That is of course the context in which anything I say about cyberwar has to be framed.

It might even make attacks on computer systems seem kind of trivial.

But I think that now that we understand Russia's cyber Warfare playbook, now that we see what sand worm is capable of, we have to kind of reckon with those capabilities, Russia is now in this conflict with the West as a whole.