Analysis: Conflict between Russia and Ukraine will indicate future of cyberwar

Described as a “hybrid war”, Russia’s strategy against Ukraine operates within the physical and virtual world, with hacker attacks and waves of disinformation unleashed against adversaries.

The evolution of warfare to the virtual world has been a subject discussed by specialists for years, and for more than a decade the potential effects of a virtual attack beyond computers have been known.

Virtual attacks were part of the Russian strategy in the conflicts with Georgia (2008) and the annexation of Crimea (2014). None of these, however, have the proportions of the current conflict, so Russia’s behavior now should give clues to what cyberwars might look like in the future.

The first major milestone of hacking in international conflicts came in 2010, when a digital campaign was discovered that, years earlier, had been used by the US to sabotage Iran’s nuclear program. Centrifuges used in uranium enrichment were destroyed by malicious programs that with its rotational speed.

A good part of the main examples since then come from Russia, a country with notable expertise in the area.

In 2015, hundreds of thousands of Ukrainians were left without power with a hacker attack. This is a milestone in cyberwarfare: it was the first, publicly recognized, to tear down the energy grid.

Similar attacks, also against other parts of Ukraine’s critical infrastructure, are one of the main fears in the current crisis. Remotely, in addition to energy, the Russians could disable other defense-critical resources such as the internet and communications.

Among the arsenal used are simpler attacks and sophisticated malicious programs, similar to a cyberattack attributed to Russia in the past: NotPetya, also fired at Ukrainians. It got out of hand, however, and affected other countries in Europe, the Americas, and Asia.

Outside the technical realm, the Russians are accused of launching disinformation campaigns on the Ukrainian internet. They have been accused of similar tactics in the past, including trying to influence US elections.

In addition, hacking attacks aimed to take down government systems and websites, the military and important services such as banks. Among the strategies used, there is a very stamped one, the DDoS or denial of service.

In this mode, systems are overloaded with false accesses until they stop working properly. It’s like publicizing the results of the entrance exam: many people access the university’s website at the same time, making it slow.

This jump in demand is done artificially, by hacked devices and/or robots, but the effect is similar. It could end there or it could be a way to make other vulnerabilities appear and thus be the gateway to another attack.

In the slightly more sophisticated field, a malware (malicious program) WhisperGate was detected in January. It’s a virus designed to erase information in order to render computers and systems inoperable, similar to 2017’s NotPetya.

Now that the conflict also takes place in the physical world, it remains to be seen what role the Russians’ virtual attacks play in the war.

“The Russians will not win the war [com ciberataques]but they can certainly make it easier,” Aaron Brantly, a professor of political science with a focus on cybersecurity at Virginia Tech University in the US, told the Washington Post.

Another unknown is the effects of possible responses to Russia with hacker attacks. So far, there is no known cyber hit-and-run. Even because the war discrepancy between Ukrainians and Russians also appears in the hacking power.

A US reaction, however, would change things. Speaking on Thursday (24), US President Joe Biden did not make it clear whether retaliation against Russia in the face of possible attacks on the United States would come in the form of virtual offensives.

And then there’s another point to monitor in the coming days: whether cyberattacks will also target regions other than Ukraine.

Few countries are as dangerous in this sector as Russia, accused of covering up (and supporting or recruiting) some of the main cybercriminal groups on the planet. As a result, a decision to disseminate hacks to other countries can have perverse, even if unintended, effects.

This was the case with the aforementioned NotPetya. The malicious program aimed at Ukraine has spread beyond the country and caused damages in other locations, estimated at US$ 10 billion (R$ 51 billion) by the US government.

On the 11th, the US issued a warning saying that, despite not seeing an imminent threat, institutions in the country could be targets of attack and guided them on how to defend themselves. THE sheet the research group at cybersecurity firm Palo Alto Networks said that while targeted campaigns are more likely against European countries and the United States, the side effect could reach other countries.