Leiden Safety and Security Blog

Cyber war and the crisis in the Ukraine

Cyber war and the crisis in the Ukraine www.defenceimagery.mod.uk

As the crisis in Ukraine unfolds, headlines such as CNN's 'Cyberwar hits Ukraine' are starting to appear in Western media. The Russian actions in Crimea seem to follow a previous script from the successful annexation of South Ossestia in 2008, a conflict that was marked by cyber attacks on a number of Georgian websites. But the whole concept of cyberwar, framed by cassandra’s as a digital-nine eleven or 'cybergeddon', conjures up images of hackers taking out critical infrastructure and paralyzing society. This hyperbole is certainly not applicable to the situation in Ukraine, and the concept of cyberwar should be framed in a nuanced way. Cyber is just one more avenue to acquire intelligence and influence the opponent. It can be used alone or in conjunction with conventional instruments like air power or the eighteen year old infantryman with his bayonet. 

The cyber attacks on Estonia (2007) often serve as a case-study in cyber warfare, but in the end the large Distributed Denial of Service (DDoS) attacks only disrupted website availability, albeit for dozens of predominately government websites and during a period of three weeks. Cyber attacks on Georgia (2008) were more complex, involving defacements of government websites and interrupting news providers, causing confusion amongst the general public and hindering news coverage. In Georgia the cyber attacks preceded the conventional military attack. Russian ‘patriotic’ webfora encouraged visitors to join in the cyber attacks and even provided the technical instructions on how to do so. Official Russian government involvement in both cases can still not be proven technically, but many factors do point to government complicity, including the Russian refusal to assist Estonian investigators in tracing the origin of the cyber attacks. Technically the attribution of the attacks might not be proven, but like the current soldiers in unmarked uniforms in Crimea; their country of origin can be deduced from other factors. 

Ukraine is not as digitally advanced or connected as Estonia was in 2007, and relatively simple DDoS attacks would be effective enough if the purpose was to just disrupt website services. These days a DDoS attack can even be bought on the internet and Ukrainian government sites would be a logical target. On Saturday March 15th the NATO website was also disrupted for several hours by a DDoS attack.  But as infiltrated Russian troops currently occupy telephone providers in Crimea and Eastern Ukraine, there is probably no need for sophisticated cyber attacks to take down whole networks. A stocky person in an unmarked uniform telling someone to flick a switch will do. Although the Russians do have much expertise in the area of cyber, for many complex systems it is probably still easier to access or destroy them physically than it is to disable them through a cyber attack. So a cyber-dimension to the stand-off in Ukraine is probable, but a fully fledged cyberwar certainly is not. But what role does cyber have in modern conflict? 

The disciplines of political science, international relations and conflict studies are finding it difficult to incorporate the cyber dimension into existing conceptual frameworks. The laws of armed conflict are based on the distinction between military and civilian targets, something that is not always clear in the cyber-domain. The theory of international stability through deterrence, guided by confidence building and arms verification measures, also fits badly with the virtual and secretive world of cyber conflict. So many questions remain, and empirical research is limited. Although examples of cyber attacks used in conflict have been relatively scarce, there is a risk that we will see some examples of it in Ukraine. However, events might also prove that it is still easier to drop a bomb on something than to write code to disable it. Let's hope that neither occur.

1 Comment

commentator
Posted on November 12, 2014 at 14:06 by commentator

It is astonishing, but after reading your post I really found out that cyberwar in Ukraine is not highlighted in media now Moreover it seems that Russia successfully conceal it’s activity. In Ukraine Russia has different strategy than in Estonia or Georgia for a number of reasons. It’s main accent are MISOs (PSYOPs) for which Russia was preparing at least since 2012 (while influence on Russian public opinion started long before). Some cyberattacks (like email hacks) were held to discredit certain politicians (like Klitschko) or organizations. Other cyberattacks were potentially highly dangerous like attacks of Central Election Comission, largest private bank, exploitation of GSM vulnerability to redirect GSM traffic etc.

Further military success also depends on domestic situation in Ukraine. And MISOs in cyberspace will be essential part of subversion. For example, in October protests of serviceman of the National Guard (conscripts) in Kyiv were partly organized through social networks.

Add a Comment

Name (required)

E-mail (required)

Your own avatar? Go to www.gravatar.com

Remember me
Notify me by e-mail about comments