Will Russia launch a cyber attack on the West? | Science and technology news
If the war in Ukraine has shown us anything, it is the appalling power of conventional weapons.
Digital tools can do many things, but they cannot level a building, destroy a tank, or end an innocent life outright.
If you want to stop a TV tower from broadcasting, as the Russian army did in Kyiv on March 1then it’s quicker and easier to do with a rocket than with computer code.
‘Pretty good’ peace talks held as Zelenskyy hints at NATO concessions – follow the latest updates on Ukraine
Informed cyber watchers are not surprised by this dynamic. They have long argued that military terms like “cyberwar” and “cyberweapons” do not describe the real impact of cyber, which is most relevant in the gray area between peace and war, where states are in conflict or competition but are not actually fighting on the battlefield.
The fog of war applies in this area as well as anywhere else, and cyber will almost certainly be used to support the Russian troops on the ground in ways we can’t see. At this point, however, it is clearly following the physical bombardment, not leading it, and even less operating as an independent force.
This is something to keep in mind when considering the possibility of a Russian cyber attack on a democratic country like Britain.
Many believe the threat is real. Russia has the capacity and the motivation.
Read more: Cyber, war and Ukraine – what does recent history teach us?
Leading cybersecurity analyst Dmitri Alperovitch was among the first to predict that Putin would invade Ukraine. He fully expects the Russian leader to order cyber attacks in response to economic sanctions.
“Russia will not accept this,” he said recently at an event organized by his think tank Alperovitch Institute. “It will take revenge on the West, including in cyberspace.
“They are obviously quite busy following the war in Ukraine at the moment, I don’t think they are interested in further escalating the fight and having a cyber hit-for-tat with the West until they have better control over Ukraine, but once they begin to achieve their military objectives on the ground in Ukraine, they may return to the West.
“I assume they could target the energy infrastructure in Europe, they could target it in the US too. They could attack the financial infrastructure in direct retaliation for sanctions.”
Read more: Should the UK be concerned about an escalating cyber conflict?
Cybersecurity teams are already on high alert. Executives at several banks told the Financial Times they were concerned about attacks on Swift, the messaging system used to send payments across borders. Even attacks on nuclear power plants were feared.
But while doomsday “cybergeddon” scenarios shouldn’t be completely ruled out, experts say they’re unlikely.
“You can never rule out these big, big events. However, the larger the event, the greater the risk for the perpetrator of provoking a very strong response,” says Emily Taylor, CEO of cybersecurity firm Oxford Information Labs.
Would a very aggressive cyber attack be treated as an act of war? This is a definite possibility that must be considered by any attacker.
The nature of cyber makes this type of calculation difficult. Although cyberattacks are often described as surgical or precise, in reality they can be extremely unpredictable. They tend to get out of control.
We can see this trend in one of the attacks that have already taken place in Ukraine. On February 24, a few hours before Russia invaded Ukraine, large parts of a network of high-speed satellite services operated by the American company Viasat suddenly went down.
For other developments:
• More than 100,000 Brits express interest in hosting Ukrainian refugees
• Britain announces sanctions against 350 more Russian nationals and entities
• Britain bans exports of luxury goods to Russia and increases import tariffs on products – including vodka
• The Brit, who traveled to the war zone to join the military fight against Russia, has put fears of a “suicide mission” behind him
• Employee interrupts Russian news broadcast with anti-war slogan
The cause was apparently a cyber attack that was apparently aimed at Ukrainian military communications. But, coincidentally or not, organizations in other countries have been affected.
In Germany, thousands of wind turbines were taken off the grid. In France, tens of thousands of internet users found their connection gone.
This type of volatility makes cyber an unwieldy tool in a conflict where precise signaling is so important. Because of this, Ms Taylor says, states tend to disrupt and demote it rather than attack it outright.
“We tend to see most state actors playing in the subversive, plausibly denial space, even when in cases the denial is very implausible,” she says.
“That’s really where cyber is the safest for a state because there’s still so much uncertainty about what the consequences are.”
Russia has long experience in this area and often operates through its network of cybercriminal gangs.
Read more: Russia is a cyber power – does this mean that a cyber war is imminent?
The consequences of these attacks can be severe. Last May, hackers with ties to Russia stopped oil flowing through the largest fuel pipeline in the United States. In the same month, the Irish Health Authority’s IT systems were shut down by Russia-based ransomware group Conti.
Cyber ’often less dangerous than it seems’
At the same time, however, we should not overestimate the threat posed by cyber. Despite the hype, it is often less dangerous than it appears.
Just yesterday, Israel announced that several of its government websites were down after “one of the largest cyber attacks in history.”
On closer inspection, this attack turned out to be a distributed denial-of-service attack—a nasty form of cybervandalism, no doubt, but not the kind of attack that would have disrupted Israel’s sophisticated cybersecurity services for too long.
Even some of history’s most notorious attacks actually had relatively little effect or were actively counterproductive.
The Stuxnet worm, which targets Iran’s nuclear facilities, is now believed to have delayed uranium production by a few months at best, while accelerating the development of Iran’s offensive cyber capabilities. North Korea’s hack of Sony Pictures did not prevent the film it was intended to prevent from being released.
In 2015 and 2016, Russia hit Ukraine with some of the most aggressive cyberattacks in history, targeting Ukraine’s power grid directly.
According to cybersecurity researcher Lennart Maschmeyer, the second of these attacks took 31 months to prepare but only resulted in a 75-minute outage in some parts of Kyiv, a city used to frequent power outages.
“Most people won’t even have realized that this was something out of the ordinary,” he said recently, adding that it also failed to achieve its goal of getting Ukraine to bow to Russia’s will, with consequences that we see today.
What makes the difference between a disaster and a temporary nuisance? Very often, Ms. Taylor says, it’s the reaction of defense attorneys – that is, all of us.
“Having a plan really helps,” she says. “Think, ‘If we were denied access to our premises, what would we do? If we couldn’t use this service, what would we do?’
“We were on a BA flight a few weeks ago and they didn’t have access to their computer systems so they did the whole flight on paper.
Those are the plans that really help in an emergency.”