Russian missiles fell on Kiev in the early hours of February 24. However, their computer networks have been under attack for some time now. On February 23, when the country was still preparing for an invasion that was judged to be imminent, the websites of the Ukrainian parliament and various government agencies went down. On February 15 and 16, various banks and government sites faced a similar attack that the United States, Britain and other governments quickly attributed to the GRU, the body in charge of Russian military intelligence. In January, the websites of several ministries were attacked and displayed the message “Be afraid and expect the worst”.

How serious can a modern cyber war be, and will other countries be affected? “Ukraine, unfortunately, has been Russia’s cyber playground for years,” says Ciaran Martin, first executive director of the National Cyber ​​Security Centre, the defensive arm of the Government Communications Headquarters (GCHQ), the British security agency. signals intelligence. In 2016, a malware allegedly Russian disrupted the Ukrainian power grid and left a fifth of Kiev without power in the middle of a harsh winter. Inspired in part by Stuxnet (the worm allegedly US-Israeli attack that disabled Iranian uranium enrichment centrifuges), the attack targeted protection relays that shut down electrical systems under abnormal conditions. Two years later, Ukraine announced that it had prevented an alleged Russian attempt to sabotage a chlorine factory.

The Russian invasion of Ukraine

The latest Russian computer attacks have not been particularly sophisticated and their impact has been “minimal”, although they serve to prepare the ground for new offensives

The latest attacks have not been as sophisticated. They have taken the form of Distributed Denial of Service (DDOS) attacks, a very rudimentary method in which a website is overloaded with bogus requests for information and ends up down. Its impact has been “minimal”, according to Chris Krebs, former director of the US Cybersecurity and Infrastructure Security Agency (CISA). Its purpose, he indicates, was to “distract and confuse,” perhaps paving the way for “more severe activity,” such as might accompany an ongoing Russian invasion. In fact, computer network operations (the term used by professionals to refer to cyberattacks) have been part of the war for more than two decades.





read also

The Economist

The United States and Britain, for example, have spoken openly about their offensive cyber operations during the campaign against the Islamic State in Iraq and Syria, when their intelligence agencies and armed forces disabled drones, jammed phones, suppressed jihadist propaganda and sowed dissent. in group rows. The crossing of the border by Russian troops will probably have been accompanied by the same techniques against Ukraine, both to support its military offensive (for example, disabling Ukrainian air defenses) and to destabilize the Kiev government (for example, , the spread of disinformation).

cyber war

The West is concerned about the effects of a cyber attack: in 2017, a cyber attack caused $10 billion in losses worldwide

Western officials are concerned about the fallout from any cyber conflict in Ukraine, whether accidental or deliberate. In 2017, the cyberattack NotPetya against Ukraine irreversibly encrypted computer data and caused $10 billion worth of damage worldwide (and was widely blamed on Russia). This month, CISA has issued a warning to US organizations that Russia could escalate “in ways that may affect others outside of Ukraine.” British companies have received similar warnings.

read also

Although Western countries have said they will not send soldiers to fight in Ukraine, they have already started to impose sanctions and have promised more “massive” punishments. “If we are talking about Russia being immersed in the most important military operation since the Second World War, which it considers an existential struggle, and if, at the same time, the West decides (with all moral justification) to disable the Russian economy, I would it’s hard to believe that the Russians will just go along with it,” warns Samuel Charap, a former adviser to the US State Department who now works at the Rand Corporation, a think tank. Charap sees the most likely countermeasure as a response in cyberspace: “You can imagine some kind of asymmetric response, like some big Western banks going down for a couple of days.”

war in eastern europe

The US and UK have helped Ukraine bolster its defenses in recent months

The United States and the United Kingdom have helped Ukraine bolster its cyber defenses in recent months, and could offer help in repelling attacks against the country. However, in computer networks, the line between defense and attack is not always clear. The US “defend-forward” doctrine may mean a readiness to defend Ukrainian networks by stopping attacks at the source (ie, inside Russian networks) if necessary. “I’m a soldier, I’ve always been taught that the best part of defense is attack,” British Defense Secretary Ben Wallace said on February 21 in response to a MP’s question about offensive cyber capabilities.

Western governments could also attempt to disrupt Russian military networks, communications, or “cognitive” operations, such as data alteration to confuse or mislead Russian forces. “The calculation may be that the Russians have overstepped the mark and it’s time for a cyber response,” says Marcus Willett, a former deputy chief of GCHQ. “The temptation is great to resort to cyber operations, because they seem more forceful than sanctions, but without reaching the level of launching missiles.”

If we start attacking Russian networks, the Russians might be well placed to do similar things against American and allied networks.”







Marcus WillettBritish Government Communications Headquarters





However, it’s a “fine line,” Willett warns. The concepts of deterrence, signaling and escalation in cyberspace are constantly evolving. And, in many ways, Western infrastructures are more vulnerable because they rely so much more on computer networks. “If we start attacking Russian networks, the Russians may be well placed to do similar things against US and allied networks.” this particular situation”. Russia and the United States have been probing each other’s infrastructure for years, including sensitive areas such as energy and water supplies.

There are important American voices who say they are worried about the possibility of a miscalculation. Democrat Mark Warner, chairman of the Senate intelligence committee, warns that cyber deterrence and escalation rules are not widely known. He describes a scenario in which a Russian cyberattack causes deliberate or unintentional harm to civilians in Europe and provokes retaliation from NATO.

Moscow will only launch a major cyber offensive against the West if it is willing to go into really dangerous territory.”







Ciaran MartinFirst Executive Director of the National Cyber ​​Security Center





Overall, the risks are expected to be manageable, says Martin, a former head of British cyber defense and now at Oxford University’s Blavatnik School of Government. Russia’s goal is to keep NATO out of a war in Ukraine and not drag it into it, he says, so the Kremlin is likely to treat cyber escalation the same way it weighs other instruments at the state’s disposal, such as force. military. So far, Western officials say they have seen nothing out of the ordinary when it comes to Russian cyber activity against their countries. “Moscow will only launch a major cyber offensive against the West if it is willing to go into really dangerous territory,” Martin concludes.

And, no matter how much he uses cyber power, the escalation is not safe. In fact, multinational war games conducted between 2017 and 2020 by Jacquelyn Schneider, a researcher at Stanford University’s Hoover Institution, found that (mostly Western) participants were more likely to use cyber operations for intelligence gathering and support of military operations on the battlefield than for attacking critical infrastructure. “We will see a lot of cyber operations in a conflict between Russia and Ukraine,” says Schneider, “but it will not be the main factor driving violence or leading to horizontal escalation in other countries in the region.”





read also

The Economist

“Whatever the rhetoric,” says Martin, “the West faces limitations to the use of its own cyber power.” The United States and its allies routinely lash out at Russia, China, Iran, and North Korea for their irresponsible behavior in cyberspace. Therefore, they will be cautious about resorting to similar means, such as major attacks on civilian infrastructure. So will the lawyers who oversee those things. “What kind of cyber operation would really deter Russia?” Martin asks. “What good would it do, for example, to disable the Russian media? And would we actually get to the point of doing things that endanger Russian civilians?”