Each new armed conflict is an opportunity for the military and manufacturers of death devices to test their new toys. Russia’s attempted invasion of Ukraine is no exception. The newest missiles, including one or two hypersonic ones, competed against the latest anti-missile batteries. The latest versions of armed drones, coming in particular from Iran and Turkey, which have developed this warlike niche, have measured their effectiveness.
Above all, the Ukrainian computer tinkerers have made a number of small inexpensive drones their spies and their grenade droppers, which had not been foreseen by any Pentagon. Unforeseen also by the Russian generals: that their propensity to chat on their iPhone allows their geolocation, then their spraying. Never had so many generals of an invading army fallen in battle. True, in previous wars, the ranks did not have Twitter and TikTok.
The cybersecurity world was mostly abuzz with anticipation of just how cyber Ukraine’s war would be. The Russians had made a name for themselves during the 2016 US presidential election, then by their frequent attacks on Ukrainian networks. An hour before the start of the invasion a year ago, the Russian army’s intelligence service, the GRU, struck a blow by disrupting the American satellite Viasat, used by the Ukrainian army for its communications .
According to a report published last December by the Carnegie Endowment for International Peace, Russian cyber-warriors succeeded in transmitting to thousands of modems an instruction rendering Internet service unusable among thousands of Ukrainians, including military forces, and among tens of thousands of Europeans, collateral victims. The offensive was coupled with an operation to jam communications on the ground which disrupted the communications of the Ukrainian officers with their troops, but also part of the Russian transmissions. This tactical victory was short-lived: the Ukrainian army had land lines that remained intact. Then the rapid arrival of Starlink terminals – very resistant to hacking – restored satellite links.
Two other Ukrainian internet and phone service companies suffered a massive hack in the early days of the offensive, which disrupted 85% of their operations, a loss reverted in a single day. NATO experts note that on the day of the invasion, Russia “successfully deployed more destructive malware than the rest of the world’s cyberpowers combined typically use in a year.”
In the first four months of the war, in 56 waves of computer attacks, Russian hackers dropped viruses into 48 government agencies, departments and businesses. This is seven times more than all similar attacks recorded worldwide between 2012 and 2018.
However, if the damage was real on many databases, this historic cyberattack will have had, according to the Microsoft team which compiles the damage, “only a limited operational impact”. Similarly, early in the conflict the Russians blew up a building containing strategic data, but the Ukraine had… a backup copy! A migration of its essential data to Amazon’s secure servers “literally saved our infrastructure”, said a Ukrainian minister.
From this first and vast offensive, we retain both the vigor of the Russian attack and the responsiveness of the Ukrainian cyber defense, hardened, it is true, by several years of response to the electronic interference of their cumbersome neighbor.
Then the Russian cyberwarriors pretty much chickened out. Their activity became almost anemic, being limited to about three cyberattacks per week, then one per week in April, then none until October. Experts can’t figure out why.
“War, Charles de Gaulle would have said, is like hunting. Except that in war, rabbits shoot! In cyber warfare, the Rabbits are the hackers associated as Anonymous, who have declared “all-out war” on Russia. The day after the invasion, they knocked out Russian state television, broke into the Ministry of Defense and published a list of officers’ names, phone numbers and email addresses. Two days later, they posted anti-war messages on the homepage of the official TASS news agency website and a few others.
In March, they turned their digital fire on European companies slow to close their operations in Russia, such as the giant Nestlé. In April, they stole and released hundreds of thousands of emails from major Russian oil, forestry and real estate companies. This was followed by major data leaks from the Russian Ministry of Culture and municipalities. One of their feats of arms: the hacking of the Moscow taxi control system Yandex, owned by the Russian equivalent of Google, which caused a huge traffic jam in the Russian capital.
All this is entertaining, but there is no indication that the mobilization of the most dedicated pirates on the planet has succeeded in destabilizing even a little the Russian war effort, its communications, its supplies.
It is true that we are in complete fog and that we will perhaps only learn in 50 years that some of the serious operational difficulties experienced by the Russian army were the result of specialized cybercommandos, Ukrainian or American, or even that Western moles imploded Russia’s cyber warfare services from within, rendering them inoperable after their first offensive. Why the Ukrainian Cyberwar Didn’t Happen : this is the title of the book I can’t wait to read.
blog: jflisee.org