For years, Ukraine and other countries have been the target of cyber attacks. The Kremlin has always officially denied any responsibility. But thousands of pages of internal and secret documents are now revealing for the first time how a Russian software company is developing digital weapons for Putin's military and intelligence services. They were renamed the 'Vulkan Files', by the Moscow-based computer company Vulkan. These are the internal documents collected by international media, led by the German Der Spiegel, that would reveal how Vladimir Putin's Russia has planned a real cyber-war that is fought online and not on the battlefield.

One example above all, corresponds to the invasion of Ukraine on February 24, 2022. The Kremlin, on this occasion, has not only relied on bombs and tanks, ZDF says, but also on its arsenal of cyber weapons. On the first day of the war alone, tens of thousands of modems of the satellite operator Viasat crashed. Apparently it was Moscow's attempt to cripple Ukraine's command infrastructure.

The 'Vulkan Files' came to German media from an anonymous whistleblower and would demonstrate Russia's extensive capacity for cyber attacks around the world. The Vulkan company, according to the files, would play a particularly revealing role. The company, according to internal documents, also works for Russian intelligence services, such as the military intelligence service GRU, the FSB domestic intelligence service and the foreign intelligence service SWR.

Software developed by Vulkan should be able, among other things, to disable rail, air and sea transport control systems, disrupt power lines and identify vulnerabilities in critical infrastructure. For the Ukrainian-born expert Marina Krotofil of the European Cybersecurity Network interviewed by the ZDF, any cyber attacks would violate the Geneva Convention because they were carried out against civilian infrastructures.

Several Western intelligence services have been able to view parts of the 'Vulkan Files' and consider the documents authentic and worrying. Vulkan's software has been operating for a long time, and has been linked to hacker attacks by the Russian group 'Cozy Bear' against authorities and organizations in Europe and the United States.

According to German media research, another goal of Russia is the control of the Internet in the occupied territories. However, it is not known whether the Vulkan software is also used in operations related to the war in Ukraine. The Moscow-based IT company, however, according to the investigation of the German media, would be linked to the 'Unit 74455' of the military intelligence service of the GRU, also known as "Sandworm", which would be behind several hacker attacks such as the one that in June 2017 infected thousands of computers around the world with malware, and caused 370 million euros in damage to the FedEx logistics group.

"Sandworm" is also held responsible for the cyberattack on the Olympic Organizing Committee ahead of the Winter Games in Pyeongchang, South Korea, in retaliation for anti-doping sanctions against Russian athletes. The member of the Greens in the Bundestag, Konstantin von Notz, chairman of the parliamentary control committee responsible for the secret services, assumes that "hundreds of such cyber weapons" are currently being developed. "These examples and also many incidents in recent years make it clear that there is a real danger from cyberspace to critical infrastructure in Germany," von Notz explained.