Cyber Scene #65 - Cyber Front Strategic Update: Not Quiet on Western, or Any Fronts
Cyber Scene #65 -
Cyber Front Strategic Update: Not Quiet on Western, or Any Fronts
The Kremlin is whipping up a 21st century Ukrainian requiem for democracy, which is capturing the world's audience. In Ukraine, mortars join state-of-the-art cyberattacks barely obvious while intentionally discernable. Missiles are being "tested" on Ukraine's borders.We have heard other requiems called world wars. This one is decidedly different as it functions with high tech modalities. Vladimir Putin accompanied his multi-pronged military attack on Ukraine with cyber variations.
The Western world continues its attempt to give peace--or at a minimum, diplomacy--a chance, as documented by the Economist,19 February, in "Russia and Ukraine." Attempts by US President Biden, French and EU President Macron, and NATO's Secretary General Stoltenberg have not quieted the "beating to quarters" Russian drum rolls. This Economist article maps out the threats by land and sea, the latter which, since the annexation of Ukraine's Crimea, Russia now controls. The most recent edition of this article notes that President Biden is expecting an invasion of Ukraine. On 20 February, the Economist "Zeros and Ones" addresses another weapon: that Ukraine is bracing for a cyber invasion—a second, but likely simultaneous punch--and notes that its "defences have improved a lot since 2014, but weaknesses remain."
Warmongering is problematic. There may be or may not be 130,000 or 190,000 Russian troops along Ukraine's borders circling Russia's prey. Whether Putin is credible or not, when he maintains that he is pulling back when Western intelligence services and opensource collectors disagree is pointedly vague. Whether Russian forces are "testing" or trying to stir up retaliation as a pretext for war may again be intentionally open to debate. As the Economist above points out, the "fog of war" is one issue, but the intentional foggy prelude to war is something entirely different. It smacks of "false flag" prevarication.
On the other hand, there is little cause for misunderstanding regarding a cyber invasion. Cyberattacks that were relaunched in mid-January were undeniable. The warning that ushered them in was likewise indisputable: "Be afraid and expect the worst." Along with invasion, Ukraine stands in line for an onslaught of a different sort, deriving from "the country widely recognized as the world leader in digital warfare."
The Wall Street Journal's (WSJ) Jillian Kay Melchior fittingly sheds - light on the state of cyberwar on 19 February "The Cyberspace Front in the Attacks on Ukraine." She cites her conversation in Kyiv, from whence she writes, with former Ukrainian Prime Minister Yatsenyuk on cyberattack issues. Wedged between two recent attacks, he maintains that cyber is the number 2 issue, second only to military and munitions. The cyberattacks, to date, are "Ukraine's worst wound: the largest denial-of-service attack in history," according to his government. The Defense Ministry, Armed Services, and two state-owned banks were flooded with cyberattacks denying service.
Melchior goes on to repeat the warning cited by the Economist--that the hacks included messages "to be afraid and expect the worst." Former Prime Minister Yatsenyuk cautions: "It's a red alert for Ukraine, red alert." The UK and US have determined that Russia was the perpetrator of the January and February attacks. Russia promptly denied the accusation.
The Ukrainian Government has been reluctant to speak out officially. This reticence bears a resemblance to Belgium in World War II. The Belgians had been overrun most of their historic lives (Belgium was not even a country until 1830) and were subtle in their resistance and attempting not to bite Hitler's hand that might soon be feeding them. Paybacks were, well, threatening. The post-World War I mantra was "Never Again," yet World War II struck. The same approach to threatened invasion by an exceedingly powerful and threatening neighbor might explain Kyiv's reluctance to speak out against it.
As for the thrust of these attacks, Melchior reports that the Ukrainian Government's State Service of Special Communication and Information Protection did release data regarding its Computer Emergency Response Team's discovery of 113 incidents of "critical severity" during the January to 19 February period, compared to five during the same period in 2021. She notes that in 2015, cyberattacks on three Ukrainian energy-distribution companies left 225,000 Ukrainians without power. In 2016, the attack on the Ministry of Finance and State Treasury system left 150,000 Ukrainians without their pension payments. These series of cyberattacks resulted in two US charges in 2020 against Russian military intelligence hackers behind the attacks. Following the 2014 hack, the US poured $80 million to help Ukraine build up its cyber defenses.
As an aside: European countries also helped, although Ukraine is not, nor is it likely to become, a member of either the EU or NATO anytime soon. This means that, regarding NATO's military role in the European theater, Ukraine is not to be a beneficiary of Article 5 ("one for all and all for one"). The only time Article 5 was invoked was for 9/11 support to the US. But this does not impede nations, individually or collectively, from helping in other measures of engagement.
The WSJ article notes that support from the US and other Western countries resulted in Ukraine bolstering its cyber defense. This includes "…landmark cybersecurity legislation," beefing up cyber staffing to address vulnerabilities, and cyber critical infrastructure improvement with state and key sectors working together. The restoration of services following the most recent cyberattack was said to be much improved by current and former officials, per the WSJ.
The US (but not Ukraine) "…blamed Russian state operatives for the 2017 NotPetya attack that the White House called "the most destructive and costly cyber-attack in history." Melchior adds that the impact affected one third of Ukrainian banks and seriously disrupted its newspapers, transportation, and energy. Globally, NotPetya had a $10 billion impact. Russia denied any involvement of its intelligence officers. Melchior concludes by stating: "Cyber defense is mainly Ukraine's job, but it's up to the Biden administration and Europe to deter Russia's cyber warfare."
As backdrop, Ukraine's Orange Revolution, fueling the country with democratic goals, did not sit well with Putin. Although the "color" of Ukraine changed in 2004, when Putin was the eminence grise behind the official president he selected, the dissolution of the old USSR was painful to him. He viewed the US and NATO as enemies, then and now. Cyber is one of the tools of statecraft he has readily used over his leadership.
The 20 February Washington Post (WP) study on Putin "Wielding the threat of war, a new, more aggressive Putin steps forward", compiled and analyzed - by Paul Sonne and Robyn Dixon, does not address cyber particularly. However, the authors provide both a historic and contemporary understanding of Putin's objectives and the longstanding irritation of the US and NATO particularly in his plans for the restoration of at least a portion of the old USSR of his past. With Moldova, Belarus, Ukraine's former Crimea (annexed by Russia in 2014), and some sympathetic eastern Ukrainians under his control, his next goal is clearly the addition of the rest of Ukraine. Given the Ukraine-wide and indeed global influence offered by cyberattacks and used in the recent past, an understanding of Putin's intent is well worth the read.
As this column closes (21 February), Bloomberg's latest Ukraine Update, "US, Considering Moving Embassy Out of Ukraine," reports that Putin will recognize eastern Ukrainians as separatists, "…a move that would likely torpedo European-mediated peace talks and further escalate tensions with the West." This seems to have happened already.
Moscow also debunks other expectations of a near-term Biden-Putin summit that the White House and France had just announced; Russia says "no concrete plans" are in the works. Biden has called for an immediate National Security Council meeting while France's Defense Minister Le Drian and German Chancellor Scholz (who replaced Angela Merkel) attempt to advance Western-Russo relations regarding Ukraine. They have since received calls from Putin confirming his decree to deploy troops to eastern Ukraine.
The "DIME" option—Diplomacy, Information, Military use, and Economics— was focused in this case, preventively, on diplomacy. US and French Presidents have not made progress, as of this writing, on the diplomatic front.
These efforts now have minimal chance of support, according to breaking news from the BBC "Putin orders troops into Eastern Ukraine." President Biden has called this decree a clear attack on Ukraine's sovereignty. Earlier, Prime Minister Boris Johnson, as captured in the same dispatch, has addressed the media stating that Putin's decision to recognize two breakaway regions of eastern Ukraine—Donetsk and Luhansk--as independent of Ukraine, was a very dark sign which violates the sovereignty of Ukraine. Putin claims it was never sovereign. NATO's Secretary General Stoltenberg stated: "I condemn Russia's decision to extend recognition to the self-proclaimed 'Donetsk People's Republic' and 'Luhansk People's Republic. This further undermines Ukraine's sovereignty and territorial integrity, erodes efforts towards a resolution of the conflict, and violates the Minsk Agreements, to which Russia is a party." He went on to accuse Russia of seeking a pretext to invade Ukraine.
As we follow Ukraine Updates changing the substance of the hyperlinks cited above, expect to see Ukrainian lights dimming, figuratively and literally, under new cyberattacks.