Ukraine-Russia: the first shots have already been fired – in cyberspace

Ukraine-Russia: the first shots have already been fired – in cyberspace

NicoElNino via Shutterstock

Wars always used to begin to with the softening up of an enemy with artillery fire. More recently, artillery has been replaced by strategic bombers or cruise missiles fired from naval vessels hundreds of miles away. This has made for eye-grabbing prime-time viewing in countries not being targeted by smart missiles and carpet bombing.

Of course, Ukraine has been fighting Russians in the east of the country since 2014. But the opening salvos in the latest chapter of hostilities – viewed by much of the rest of the world as a potential invasion of Ukraine by its mighty neighbour – are already being fired.

The artillery being used today, however, is not high explosives. It chiefly comprises clever use of computer code and the deliberate exploitation of computer networks. This new warfare makes for a poor television spectacle, but it is doing the same job.

In 2013, the Russian general and current head of the Russian armed forces, Valery Gerasimov gave a speech in which he assessed modern warfighting. Gerasimov’s speech was widely misinterpreted as a description of the Russian way of war, but was actually a critique of Nato. Russia perceives itself – with some justification – to have faced constant interference and aggressive attention since the end of the cold war.

Russia has become expert at what has been described as the “Gerasimov doctrine” – hybrid or sub-threshold warfare – including against Ukraine. The essence of this idea is that the attacking force uses techniques that fall below a threshold that would usually trigger an armed response by the victim or its allies.

It has been established that Russian hackers attempted to disrupt electronic voting machines in the 2016 US presidential election. They have also been blamed for the intrusion into Hilary Clinton’s campaign team emails that helped Donald Trump to victory and the misinformation that has so divided the US ever since. But these were not acts of war that could justify an armed response.

Since 2015, disinformation campaigns mounted by or attributed to Russia through its proxies during various European elections, the Brexit referendum and the pandemic have similarly resulted in notable levels of public confusion and societal fractures. But these campaigns have not warranted an armed response, and occasionally – for diplomatic reasons – they have not been investigated at all. They are tactics whose effects would make a useful contribution to a military campaign without being obviously military themselves.

‘Wait for the worst’

There has reportedly been a marked increase in disinformation being pushed through Ukrainian social media platforms in the past few weeks. On January 13, Microsoft’s Threat Intelligence Center noted that malware had been placed on vulnerable Ukrainian computers.

It was a program designed to look like ransomware – an attack that effectively holds information captive until a “ransom” is paid. When triggered, the program simply deletes the information instead, causing disruption to organisations in deleting customer, payment or appointment records, for example.

A day later a concerted attack on Ukrainian government and media sites saw their front pages replaced for several hours with the ominous message of “Be afraid and wait for the worst”. Highly emotive propaganda and disinformation is aimed at weakening public morale, making invasion and occupation simpler to achieve.

Russia has a strong track record of intrusions into its neighbours’ cyberspace. In 2007 Russian hackers overwhelmed many Estonian institutions, including banks, media outlets, the parliament, and various public services. It was a distributed denial of service attack, which makes use of a global network of compromised computers to simultaneously place large demands on the target servers, forcing them offline.

The Russian military physically disabled communications technology in Georgia prior to their invasion in 2008. It was, wrote Brian Whitmore, a senior fellow of the Atlantic Council:

a Beta test for future aggression against Russia’s neighbours and a dry run for the tactics and strategies that would later be deployed in the 2014 invasion of Ukraine … When Russian forces attacked Georgia on the night of August 7-8, 2008, it was preceded by a cyberattack, a disinformation campaign, and an all-out effort to meddle in that country’s domestic politics. These are all tactics that are now very familiar to the United States and its allies.

On December 23 2015, Russian hackers – having located a vulnerability – managed to enter the control panel of a Ukrainian power station, disconnecting 223,000 Ukrainians from their heating for six hours in the depths of winter.

Global threat

A similar deprivation of electronic communications in Ukraine through physically or electronically attacking them would have a much larger impact today. Ukraine is a modern society that makes extensive use of modern electronic communications and banking systems. We can judge the possible impact of switching these facilities off, by simply thinking through how it would affect us if it were done here.

The stark reality is that Russia is a highly capable cyberpower. Russia uses cyberattacks strategically. It chooses opportune moments and targets to meet its strategic objectives in this case to undermine Ukrainian morale and the willingness of the public to follow government instructions. Ukraine has long experience of Russia’s non-military tactics. It is, in many respects, better prepared than Nato powers to withstand this type of warfare.

But while Ukraine is psychologically better prepared than the west, it will not be able to prevent Russia from shutting down vital infrastructure and communication services. Cyberattacks on businesses and hospitals create a potential spiral of economic disruption in Ukraine that will require direct financial support.

The west should worry about how Ukraine will fight a defensive conflict without this infrastructure and networks. And western governments need to worry about their lack of preparedness if Russia uses its cyber capabilities more broadly. Our societies are far less well prepared.

The Conversation

Robert M. Dover does not work for, consult, own shares in or receive funding from any company or organisation that would benefit from this article, and has disclosed no relevant affiliations beyond their academic appointment.