As Russian forces advance deep into Ukraine, they’ve gained ground slower than some military experts may have expected. Many have been happily surprised at Ukrainian President Zelensky’s ability to hold strong against Vladimir Putin’s invasion. From vehicles stuck in the mud to air superiority not going to Russia, military pundits have been perplexed at the fight. Most surprising of all is that Russia hasn’t hit Ukraine with a massive cyber attack targeting critical infrastructure, something that was almost expected.
“All you need for an all out cyber war is access, interest, and motivation,” said Elizabeth Wharton, vice president of operations at cyber security research firm SCYTHE.
“While Russia has all three, at least in theory, they don’t necessarily want to use their capabilities,” Wharton told ClearanceJobs. “They have a long history of using cyber tactics combined with active measures. Right now, they’re focusing on global disinformation campaigns. It’s really the Russian-aligned threat actor groups that would be more concerning. By not being officially recognized by Russia, their activities won’t spark a global cyber war. It’s important to remember that Russia and the U.S. are always engaging in active offensive cyber operations, but we might not be seeing them in the news.”
Cyber Skirmishes?
Since the first bullets were fired more than a week ago, cyberwarfare has been waged by both sides. In fact, it began even before the conventional attack. Just a week prior to Russia’s ground assault, there had been a considerable cyber attack that impacted Ukraine’s power grid.
However, since the fighting began, both sides have held back on the cyber front. That may not continue for too much longer.
“Though currently we have not seen as many major cyber attacks between Russia and Ukraine, we need to remain on high alert because cyber attacks is an expected arsenal capability,” explained Nasser Fattah, North America Steering Committee chair at cyber research consortium Shared Assessments.
“Also, prior to an attack, there is plenty of reconnaissance taking place to discover and learn to best optimize the success of the attack(s),” added Fattah. “In a war scenario, cyber attacks are likely to be destructive by nature, and not solely or primarily financial. Also, many countries – in support of Ukraine – are likely supporting Ukraine in the cyber front.”
Another factor, said Fattah, is that countries in support of Ukraine had assisted with cyber matters. “That included early detection and response, mitigating attacks where possible, and working to bolster the current security posture of Ukraine’s critical infrastructures.”
Russian Attacks Coming Soon?
Ani Chaudhuri, CEO of cyber security provider Dasera also suggested that Moscow could be holding back for three specific reasons.
“They’re simply waiting, and a massive cyber attack may happen at a moment’s notice in the future,” Chaudhuri told ClearanceJobs on Thursday. “Or they’ve decided that, in a prolonged occupation, they’ll need critical infrastructure, and a massive cyber attack isn’t in their interests.”
Another factor could be that Russia will rely on more traditional methods to take control of Ukraine.
“They may have simply decided that bombs, shelling, tanks, and missiles serve their current objectives better than a cyber attack,” added Chaudhuri.
Cyber War By Proxy
Even as Moscow has seemingly held back from conducting a full on cyber assault against Kyiv, hackers have pledged their support. The Conti ransomware operators announced their “full support” of the Russian government following the Russian invasion, and even threatened to go after countries that punish Moscow.
The cybercriminals have threatened to hack the critical infrastructure of any country seen as an enemy – while the hacker collective Anonymous vowed to target Russian cyber assets and any other measures to assist Ukraine.
So far neither side has really done much to take the fight to the enemy.
“Anonymous is a collective without leadership. As a community they despise aggressive despotism and have announced they are and will continue to focus hacking activities towards Russia. This may be putting Russia more on the cyber defensive than on the offensive against Ukraine,” said Tom Garrubba, vice president at Shared Assessments.
“Any decentralized group that is considerable in size, possesses knowhow, and shares a common motive can be very formidable,” added Fattah. “Also, it’s important to know that Anonymous has been historically successful with cyber attacks and has taken down websites, including government and financial websites. They are to be taken seriously.”
Moreover, because Anonymous has no leadership, and is not a country or a company, combating them could be difficult. The lack of traditional leadership could even make them all the more formidable.
The question is whether these third-party hacker groups can make a difference.
“There has been a call to arms from the hacking community to help fight the cyber war,” said Lucas Budman, CEO of digital encryption firm TruU.
“We are already seeing the fruits of this effort with the recent released ministry of defense database. This effort will only increase if the war continues,” Budman added. “Russia will have a hard time defending itself from the onslaught of the global community – this is modern warfare.”
However, even with Anonymous and other hackers vowing to support Ukraine, that won’t likely worry Putin much.
“Russia isn’t holding back on a cyber attack out of fear of retribution by Anonymous,” warned Chaudhuri. “If Russia were worried about consequences, they wouldn’t have invaded Ukraine in the first place.”