Blogpost

The Cyber Side to the Russia-Ukraine Conflict

For the past few weeks, a worldwide audience has watched in fear and shock as war unfolds in the streets of Ukraine, causing thousands of casualties and deaths and displacing thousands of people. This is the bloody side of war, the one some experts have hoped we’d see less of worldwide as more countries venture into cyberwarfare.

As battles play out in the streets, cyberwarfare is also happening in the background.

Russia’s Initial Cyber Attacks

One reason cyberwarfare is attractive to world powers is that it provides plausible deniability—it can be challenging to trace a hack back to the person, organization, or government entity that perpetrated it. So while Russia’s cyber attacks on the Ukraine can be hard to track and measure, experts are confident that they’ve been happening at least as far back as the 2015 attack on the Ukrainian power grid

While many expected Russia to make cyber warfare a key part of their most recent campaign, their online actions have been milder than anticipated. Nonetheless, a Check Point Research analysis found a 196% increase in online attacks against Ukrainian military and governmental sectors in the first few days after the invasion. And in the days leading up to the attack, Ukraine faced several DDoS (Distributed Denial of Service) attacks on government websites. 

International Hackers Fight Back

Experts anticipated Russia’s use of cyber warfare in this conflict, but fewer predicted the kind of global response it would provoke. Ukrainian authorities estimate that 400,000 volunteer hackers from around the world have gotten involved in issuing counter-attacks against the world power.

The Rosneft Attack

On March 12, the German branch of the Russian oil company Rosneft reported that it was the victim of a cyber attack. The hacker collective Anonymous has since taken responsibility for the attack. They managed to download 20 terabytes of the company’s data, and say they gained access to employees’ computer backups and iPhones. 

Rosneft was chosen as a target because it’s a state-owned Russian company with close ties to German and Russian elites, yet was not the focus of official sanctions. While the hackers didn’t make moves to take Rosneft plants offline, the data breach reveals the company’s security vulnerabilities. And just the idea of their private information being out there in the hands of hackers is likely enough to make employees and executives squirm.

 

The Information Attacks

In addition to Rosneft, hackers have gone after Russian information services. Russia itself has ably demonstrated how powerful disinformation can be via their social media campaigns during recent U.S. elections. Hackers that appear to be associated with Anonymous are taking a move from Russia’s own playbook by hacking into Russian state TV channels to broadcast pro-Ukraine images and content. They’ve also launched their own DDoS attacks, this time targeting Russian government websites, along with the website of the state-backed news service, Russia Today.  

Who is Anonymous?

The hacker collective that goes by Anonymous hasn’t just claimed credit for these attacks, they’ve outright declared war on the Russian government. The Anonymous collective is officially in cyberwar against the Russian government.

The (loose) group of hacktivists first came onto the scene in the early aughts, starting on the 4chan message boards. As the name suggests, the group’s membership has always been (or aimed to be) anonymous. Over the years, they’ve turned their computer skills toward a number of causes they feel merit online activism, with an emphasis on freedom of speech issues. Their targets have ranged from the Church of Scientology to Donald Trump. And now they’ve set their sights on Russia—which doesn’t bode well for Putin. 

“If I’m on the basketball court in a pick-up game, and Shaq is available, he’s my first choice. The same is true with Anonymous,” explains Ron Bradley, Vice President of Shared Assessments. “You don’t want to be on the receiving end of their wrath.”

Anonymous is giving the Russian government a taste of their own medicine here. “Russia is a master at state-sponsored hacktivities, but they are not immune to attacks against them or their downstream support partners,” Bradley points out. “The Internet and digital media (including television broadcasts) is a double-edged sword which Russia will feel both sides of.” 

These Attacks Are a Sign of Things to Come

The cyber side of the current war between Russia and Ukraine introduces a wild card relatively new to the realities of warfare: global volunteers who have no obvious stake in the game, but are choosing to step into the conflict according to their own ideas of justice. Many experts expected cyberwarfare to be a part of this conflict, but not many expected it to look like this. And with hacker collectives working together to crowdsource their efforts, the potential for creative new attacks that are highly disruptive or damaging is high. 

One notable feature of these attacks is what they’re targeting (so far): utilities and information. “Adversaries will target critical infrastructure as it has proven to be an Achilles’ heel due to the nature of antiquated industrial control systems and a lack of layered security,” says Bradley.  

Taking out utilities can have big consequences. Just think about how hard it is to go a day without electricity, running water, or internet. It’s extremely disruptive to modern life. And information has long played an important role in warfare. We’ve seen ample examples—historical and recent—of how powerful propaganda can be. 

These recent attacks bring the additional complication that these hackers aren’t directly associated with a government power, which means there’s less room for accountability. Governments must practice caution when dealing with other world powers or face consequences that range from economic sanctions (like Russia is currently experiencing) to nuclear war (something pretty much everyone in the world would like to avoid). Hackers are able to enact more chaos with fewer consequences because they’re more of a moving target—there’s not one clear institution to hold to account. 

That can be a benefit, as unaffiliated hackers can move without all the bureaucratic rules and concerns of politicians and military personnel. But it also has a clear downside. “Lest we forget…just because you may have Shaq on your team, it doesn’t mean he’s your friend,” Bradley notes. 

As with most things related to war, the current cyber battles come with moral complexity. One thing is clear though: we can and should expect to see more of this kind of complexity in future conflicts.