Binary code in colors of Russian flag showing cyber attack on Ukraine

Cyber Attacks an Expected Element of Military Strategy as Russia Deploys on the Ukraine Border

The conflict between Russia and Ukraine has led to border tensions, but United States and British intelligence think that coordinated cyber attacks are a much more likely opening move than a physical incursion.

The New York Times reports that the US and UK have dispatched cyber warfare advisors to Ukraine to prepare for potential attacks. The prospect is not unprecedented, as Russia disabled Ukrainian power stations the last time tensions between the two countries escalated.

Experts expect salvo of cyber attacks from Russia

Russian hackers have previously turned the lights off in Ukraine (in both 2015 and 2016) as part of the long-running conflict between the two nations. While Russia has moved some 175,000 troops to the border in a recent escalation, the most likely opening of hostilities would be a similar wave of cyber attacks.

American intelligence agencies believe that the strategy is more than just simple harassment. Outages of essential services, such as utilities and banking, could be used by Russia to delegitimize the Ukraine government and potentially provide a cover story for an invasion. The current conflict is tied to the formation of a separatist group that wants to see Ukraine abandon its Western alliances and align with Russia’s political interests.

While Russia has consistently engaged in some amount of cyber attacks against Ukraine in recent years, American officials say that efforts have ramped up since the beginning of December with an active campaign against assorted Ukraine government agencies along with the electrical grid.

US officials remain unsure if Russia really intends to engage in a “hot war” invasion of Ukraine; Putin’s strategy may be limited to cyber attacks with the intention of paralyzing the country’s infrastructure, creating conditions in which to install a Russia-friendly government. Russia faces global sanctions at minimum if it were to physically cross the border and invade, and also risks the possibility of an armed response by the US and other Ukraine allies.

The cyber attack avenue is also much easier for Russia due to the countries sharing an electrical grid that was developed while both were members of the Soviet Union. Russia has extensive knowledge of the Ukraine system given that most of it still makes use of parts and elements that Russia developed.

The 2015 cyber attack on Ukraine, which turned the power off to numerous neighborhoods, came during Christmas when the utility companies had skeleton crews on duty. American officials believe that if a similar attack is forthcoming, it will happen in early January after the regionally popular Orthodox Christmas.

Possibilities for cooling down Russia-Ukraine conflict are limited

Putin’s overall goal with the digital incursions into Ukraine is to get a friendly government installed, ideally a puppet that can be directly controlled by Moscow. But a central goal is to also push Ukraine away from joining NATO, something the country has declared an intention to do. And Putin does not necessarily want to control all of Ukraine; he may be satisfied with simply occupying the eastern portion of it to create a buffer between Russia and Europe.

For its part, NATO members want to see Russia withdraw from Crimea (a portion of the Ukraine that it invaded in 2014) and re-establish diplomatic ties. It also wants to see cyber attacks against its neighbor cease, with a British intelligence official describing Ukraine as “Russia’s cyber playground” for the past decade. The US has established talks with Russia, including a couple of direct phone conversations on the matter between Putin and President Joe Biden, but these efforts have seemingly not borne fruit as of yet.

Russia’s hacking teams were also handed something of a Christmas gift recently with the reveal of the Log4j vulnerability, something that potentially exposes some three billion devices around the world to relatively simple attacks that can lead to total compromise. China and Iran’s state-backed threat actors have already been observed experimenting with the vulnerability in the wild, and it is likely that Russia will join in given how common the Java tool is in software packages. Publisher Apache has made a patch for the issue available, but it will be extremely difficult and time-consuming to comb through and find every incidence of it.

If Putin’s goal is domination of Ukraine, there can be little compromise on the issue. The only thing that has stayed Russia’s hand in the past and made it fall back is the threat of repercussions, something both the US and Europe are in less of a position to deliver than usual.

US agencies believe that the strategy is more than just simple harassment. Outages of essential services, such as utilities and banking, could be used by Russia to delegitimize the Ukraine government. #cybersecurity #respectdataClick to Tweet

In lieu of direct military participation, something Americans have little appetite for, the Biden administration has the option of simply supplying Ukraine with arms to increase the toll of an invasion on Russia. But that move would do almost nothing to stem the cyber attacks, which Russia can always cover over with some layer of plausible deniability.

 

Senior Correspondent at CPO Magazine