The Fiji Times » Integrating cyber warfare

Before the first Russian military boots and tanks entered Ukraine two weeks ago, Russia was already at war with Kiev – a cyberwar.

Russia has been waging this cyberwar since at least 2014.

In cyberspace, Russia has interfered in Ukraine’s elections, targeted its power grid, defaced its government websites and spread misinformation.

Strategically, Russian cyber operations are designed to undermine the Ukrainian government and private sector organizations, especially in critical infrastructure.

the operations are aimed at influencing, frightening and subjugating the population.

They are also harbingers of invasion. As cybersecurity and public policy researcher Maggie Smith pointed out in her article on theconversation.com (which I’ve summarized and quoted here), I think Russian cyber operations are likely to continue.

These operations are likely to destabilize the political environment of Ukraine, namely its government, its institutions and the people and organizations that depend on it.

Russia’s intention is to sow confusion, shape public perception of the conflict and influence the ethnic Russian population in Ukraine before the start of the ground war.

Previously, the conventional military way of proceeding was to launch a massive bomb attack before the start of the ground invasion, as the United States and its allies did, for example, in the first Iraq war in 2003.

Russia has shrewdly used cyber operations to project national power, particularly through its GRU military intelligence service.

The term “instruments of national power” defines power as diplomatic, informational, military, and economic—all are mechanisms for influencing other countries or international organizations.

Cyberspace is unique as a domain of warfare because cyber operations can be used in the service of all four instruments of national power.

In fact, in 2018, Russia introduced a resolution at the UN creating a working group with like-minded states to review and reinterpret the UN rule for cyberspace, emphasizing that a state’s sovereignty should extend to cyberspace.

One could argue that Russia’s real goal is to legitimize its state internet surveillance tactics under the guise of state sovereignty.

Economically, the Russian “NotPetya” attack crippled international ports, crippled businesses, disrupted supply chains and effectively shut down the global economy – all with a single piece of code.

This cyberattack spilled over into the “wild” (open internet) and devastated other large companies like Merck & Co., which recently won their $1.4 billion insurance damages claim (2, $95 billion) after the judge ruled the cyberattack was not an “act of war” – a standard exclusion clause for most insurance policies.

In particular, Russia has a habit of associating information with military operations as tools of national power.

During previous military conflicts in eastern Ukraine, the Russian military used cyber capabilities to jam Ukrainian satellite, cellular and radio communications.

Overall, Russia sees the war as a continuum that continues with varying intensity on multiple fronts.

Simply put, for Russia the war never ends and cyberspace is a key area of ​​its ongoing conflict with Ukraine and the West.

Russia has directed its cyber operations to other countries, including the United States and Western European countries.

Russia has targeted US critical infrastructure and supply chains and conducted disinformation campaigns.

US officials are still investigating the extent of the recent SolarWinds cyberattack, for example, but have determined so far that the attack has compromised federal agencies, courts, numerous private companies, and state and state governments. local.

Russian activities are aimed at undermining US homeland and national security, democratic institutions, and even public health efforts.

But Russia is more destructive in its own backyard. The attacks on Estonia and Georgia illustrate how Russia can disrupt government functions and sow confusion as it prepares for military operations.

More recently, Microsoft’s Threat Intelligence Center detected data-erasing malware in Ukrainian government computer systems. Ukraine has publicly named Moscow as the perpetrator and attributed the software designed to destroy the data to Russian hackers.

The presence of the malware marks an escalation in Russia’s behavior towards Ukraine in cyberspace. The malware, if triggered, would have destroyed Ukrainian government records, disrupted online services and prevented the government from communicating with its citizens.

The ongoing aggression against Ukraine follows the pattern of Russia waging cyber warfare while publicly threatening and preparing for a military invasion.

Website degradation and data loss are not Ukraine’s only concerns, as in the winter of 2015-2016 Russia demonstrated its ability to hack into Ukraine’s power grid in a single attack. of its kind that cut off electricity to hundreds of thousands of Ukrainians. during a freezing winter where any loss of power could be devastating with significant loss of life.

Similarly, cyberattacks could disrupt Ukraine’s economy and communications infrastructure. An attack on the financial sector could prevent Ukrainians from withdrawing money or accessing their bank accounts.

An attack on the communications infrastructure could cripple the Ukrainian military and limit the country’s ability to defend itself. Civilians would also lose their means of communication and with them the ability to organize evacuations and coordinate resistance.

Ultimately, Russia will likely continue to use cyber warfare against Ukraine. Russian cyber operations over the past eight years confirm this.

First, cyberattacks that have costly physical effects, such as shutting down the power grid, are destabilizing and can be used to erode the will of the Ukrainian people and counter their inclination towards economic, military and political alliances with Europe and the world. NATO.

Second, physical effect cyber attacks highlight Russian cyber capabilities and demonstrate their superiority over Ukrainian defenses. And finally, Russia has already done this and annexed Crimea in 2014.

The Ukrainian government has already asked the US government to take several retaliatory actions against the Russian government for the invasion on Thursday, February 24, including cutting updates to US hardware and software.

In a list of “suggested actions” sent to President Joe Biden’s administration, Volodymyr Zelenskyy’s government called for “a ban on the supply of any goods, including hardware and software” as well as “the prohibition of the supply of any goods and technologies, including

Software used in sectors of the Russian aircraft industry, incl. in civil aviation”, and “a ban on American companies providing and updating software for the benefit of Russian consumers”.

The list was first reported by Reuters journalist Raphael Satter, who later wrote in an article that the list had been distributed to US officials.

The ban on software updates, in particular, has caught the attention of cybersecurity experts.

One of the most basic tips we give to users and businesses is to ensure that all software is updated to the latest version as known vulnerabilities are patched. If Russia were prevented from updating software, it would, in theory, make unpatched systems easier to hack.

Joe Slowik, head of threat intelligence and detections for cybersecurity firm Gigamon, told Motherboard in an online chat that the ban could be enforced, but it could affect companies’ operations. companies in Russia, such as Microsoft, which has an office in Moscow.

Other independent cybersecurity researchers and consultants have observed that cutting off Russia from software updates is “a fairly new idea, with potential long-term consequences.” Russia favors the long-term development of its cyber-sovereignty taking into account this particular risk.

The potential impact of such a ban is unclear, but it could be significant.

It would also leave many consumer digital devices open to cyberattacks, because of course blocking updates would also block security patches. Over time, this means the Russian-based software deviates from the mainstream as it develops its own.

As this cyber and kinetic war progresses, let us remember Ukraine and its people in our thoughts and prayers.

As James Scott, Senior Fellow, Institute for Critical Infrastructure Technology, observed, “Cyber ​​warfare is as much about psychological strategy as it is about technical prowess.”

It’s always, God bless and stay safe in the digital and physical worlds this weekend.

  • ILAITIA B. TUISAWAU is a private cybersecurity consultant. The opinions expressed in this article are his own and are not necessarily shared by this newspaper. Mr. Tuisawau can be contacted at ilaitia@cyberbati.com

About Michael G. Walter

Check Also

European Integration War – Modern Diplomacy

The infamous painting by Eugène Delacroix “Liberty Leading the People” reminds the world of the …