UPDATE – 24-02-2022
The article below proved prescient, as during the night of the 24th the Russians went on to attack Ukraine from multiple directions thus triggering the worst security crisis in Europe since WW2. On a personal note, my heart goes out to the people of Ukraine!
23-02-2022
On Wed. afternoon, Feb. 23, many Govt. of Ukraine websites & those of banks, including their Cabinet Office & Parliament sites suddenly went down, presumably as a result of a further probable major cyber-attack from Russia.
Tensions continued to increase hourly between Russia & the West, as Russian President Vladimir Putin massed vast numbers of troops & resources on the border of Ukraine, but in 2022 wars are not only fought on the physical battlefield.
Russia, Ukraine & the latter’s western allies have all built up the capacity to commence huge state-sponsored cyber-attacks. Is the world now moving towards its biggest ever cyber-war is the question being asked by many professionals?
Cyber Defences
Western authorities seem extremely worried about potential cyber-attacks. The UK’s National Cyber Security Centre warned organisations to improve their cyber defences on Feb. 22, though declined to further elaborate when asked by New Scientist.
There are similar warnings from the US. On Feb 16. the US Cyber-Security & Infrastructure Security Agency (CISA) warned companies that provide services to US armed forces to look for any increased number of attempts to break into their IT systems.
Cyber Tools
That followed on from a Jan. 23 memo from the US Department of Homeland Security (DHS) warning that “Russia maintains a range of offensive cyber tools that it could employ against US networks.” In early Feb. the European Central Bank (ECB) also warned over cyber-attacks.
Some of the risk to these nations is not from a direct Russian attack on IT infrastructure outside Ukraine – though that is highly possible – but instead an attack on Ukrainian IT indirectly also affecting western businesses.
One in 5 US Fortune 500 companies rely on Ukraine’s IT outsourcing sector, according to Ukraine’s Ministry of Foreign Affairs. Other countries cyber industries, including Israel, also are dependent on this.
Major Disruption
“We’ve seen in the past that Russia has the intent & capability to cause major disruption through cyber-operations,” states Jamie MacColl at the Royal United Service Institute, a UK think tank.
Harvard University’s Belfer Centre for Science & International Affairs places Russia 4th in its National Cyber Power Index, behind the US, China & UK.
Russia has at least 3 military units within the GRU, Russia’s military intelligence Agency, that launch cyber-attacks, according to research produced for members of the US Congress in Feb. 2022. 2 of those units – Unit 26165 & Unit 74455 – were responsible for attacking political campaign servers & stealing documents & emails, which were used to help thwart Hilary Clinton’s attempt to become US President in 2016.
US Department of Justice
Members of Russia’s Unit 74455 were also indicted by the US Department of Justice in Oct. 2020 for their connections to a year-long cyber-attack against Ukraine between 2015 & 2016.
Unit 74455 has also been linked by US authorities to attacks against Georgia in 2018 & 2019 – which Russia has previously sought to bring under its influence –& the 2017 NotPetya attack against Ukraine, which caused widespread disruption to IT systems worldwide.
“It’s the NotPetya case that fuelled a lot of fears about spill-over, either intentionally or unintentionally,” explained MacColl.
288,000 Attacks
Russian cyber forces have been working against Ukraine since 2014, when Russia last seized the country’s territory, outlined the Ukrainian Govt. In the 1st 10 months of 2021, Ukraine was hit with 288,000 cyber-attacks, with the govt. again attributing to Russia.
In recent weeks, what’s believed to be 1 of the largest Distributed Denial of Service (DDoS) attack in Ukraine’s history was launched. It took down many of Ukraine’s banks & govt. depts. The UK & US Govts. attributed this attack to Russia’s GRU.
Supporting the Ukraine side, that nation’s allies are preparing cyber-security forces to repulse Russian attacks. On Feb. 22, Lithuania’s
Ministry of Defence stood up its Cyber Rapid Response Team to help Ukrainian institutions cope with their increased cyber-security threat.
European Foreign Affairs Council (EFAC)
The European Foreign Affairs Council (EFAC) also pledged a team to aid Ukraine following their meeting in Paris on Feb. 22.
Some nations may go well beyond defence. UK Defence Minister Ben Wallace told parliament on 21 Feb. that a planned offensive cyber-attack agency, the National Cyber Force, had “already been established in the NW of England” & was growing in size.
Wallace outlined that he could not comment on actions it could launch but added: “I am a soldier & I was always taught that the best part of defence is offence.”
Ministry of Defence (MOD)
The UK Ministry of Defence (MOD) declined to expand when asked by New Scientist.
“People at a senior level in Western Govts. have for a decade or more been calling for calibrated cyber-attack options to respond to both kinetic & cyber incoming attacks,” says Lynette Nusbacher, former Head of the UK Govt.’s Strategic Horizons Unit.
This all points to digital attacks being & becoming a major factor in the Russian created conflict, but will it be a huge cyberwar? Experts think no. “For the moment it seems that most such incursions are considered digital espionage & sabotage, more so than full-out conflict,” says Agnes Venema at the University of Malta.
Civilian Infrastructure
Any attacks by the UK would not be against Russian civilian infrastructure, says MacColl. “It will be about degrading their ability to conduct cyber-attacks against us.”
Venema also believes international law will limit Western attacks on civilian networks.
“Those countries who consider the international legal order as worthy to uphold will always apply human rights law & principles such as distinction between military targets & civilian infrastructure when acting,” she explains.
Escalating the Conflict
There is also the risk of escalating the conflict. “You need to consider what happens when you release such a weapon,” Venema says. “After all, it can be used against you in the future.”
Cyber remains a new & dangerous arena of conflict as the world endures the worst security crisis since at least the Cuban Missile Crisis of 1962, & possibly the 2nd World War.
Admiral John Kirby
At a press conference at the Pentagon on Wed. evening, spokesman Admiral John Kirby disclosed that the US Dept. of Defense (DoD) are providing support in the cyber resilience of Ukraine, but refused to comment further for operational reasons.