Pages

6 January 2015

Could Russia Use Cyberwarfare to Further Destabilize Ukraine?



Pro-Russian activists clash with police at the regional administration building in Donetsk, Ukraine on April 6.

Eastern Ukraine is full of rioters ready to separate from their nation's government in Kiev — at least, that's the message the Russian government may want to project to the world. And analysts believe the Kremlin could use cyberattacks to create more chaos and support its objectives. 

Protesters in eastern Ukraine have clashed with police and stormed government buildings. A group of separatists who took over a building in Donetsk declared a "People's Republic of Donetsk" and demanded a referendum for independence on May 11. In Luhansk, rebels raided an armory and took 56 hostages. 

But U.S. Secretary of State John Kerry has accused Russian "special agents" of inciting the ruckus. Others claim there's a Russian hand at play behind the curtain of what seems like a looming crisis, manufactured either as pretext for a Russian invasion or as a means to distract from the Kremlin's annexation of Crimea. 

Key to all this chaos is a sense of confusion about the state of Ukraine, the theory goes. The Kremlin has led the narrative that there is a widespread separatist movement in the eastern part of the country that the government in Kiev cannot control, and experts think the Russian government could up its game with a subtle cyber strategy. 

“The majority of stuff you’re going to see is how can they deny access to information or make sure people don’t know what’s going on,” Ben FitzGerald, director of the technology and national security program at the Center for a New American Security, told Mashable. 

“Clearly, the Russians are trying to control a specific narrative." “Clearly, the Russians are trying to control a specific narrative."

That narrative is one in which the Kremlin would invade to protect native Russian speakers, the same reason it gave for invading Crimea. 

The Russian government wouldn't necessarily need computerized espionage to support an invasion of eastern Ukraine. All things considered, its takeover of Crimea went off without much of a hitch, and no one reported any electronic assaults that caused lasting damage. Russia's approach to eastern Ukraine might come from precisely the same playbook. 

But if Moscow did engage in a significant high-tech assault of any kind, it wouldn't be the first time it has done so. 

When Russia invaded neighboring Georgia in 2008, cyberwarfare was a main piece of its strategy. And there, it was true warfare. State-sponsored Russian hackers hit Georgian government websites with distributed denial of service attacks (DDoS) that essentially erased the Georgian government's presence online. It was devastating, but obvious. 

"I think those attacks would probably be too overt [this time], and also don’t fit into the Russian narrative of trying to protect Ukraine or protecting Russian-speaking citizens in Ukraine," FitzGerald said. 

This time, experts say the Russian government would probably be more covert. 

Sure, Washington might say Russia is behind any information disruption, but the Kremlin could counter by saying the disarray comes from third-party hackers it can't control, and there's likely no way the U.S. could prove otherwise. 

"Attribution is really hard," said Jen Weedon, a manager of threat intelligence at FireEye, a global network security company. "It’s not as easy as just identifying the origin of where an IP address is." Later, she added, "It’s certainly not an easy task to identify where an attack or an intrusion is coming from without substantial insight." 

And we may have already seen the Russian government testing the cyberwar waters during its takeover of Crimea, even if there were no blatant attacks. A pro-Russian group of Ukrainians known as Cyber Berkut claimed to have disabled the phones of 700 Ukrainian officials in early March, right around when Russia first entered the peninsula, and they took credit for some attacks on government websites as well. There's no evidence this disruption was coordinated by the Russian government, but the Kremlin is also known to outsource its online dirty work. Suspicions out of Kiev and the West, along with denials from the Russian government, can lead to a finger-pointing bonanza where facts are hard to decipher. 

Even so, analysts say a Moscow-led electronic espionage campaign would have identifiable goals that, if accomplished, could look like the work of more than a band of online outlaws. 

For example, a Kremlin-led cyber squad might try to cut off internal Ukrainian government communications so officials there would not be able to coordinate a response to Russian disruption efforts, Weedon said. Officials in Kiev would have difficulty passing information between one another, which might make them seem incompetent. The Russian government could also disrupt lines of communication in eastern Ukraine and mess with television and online news in such a way that eastern Ukrainians are exposed only to information propagated by the Kremlin. 

This would all be a part of a strategy that only the Russian government could coordinate, and it would do three things for Moscow. First, it would allow the Kremlin to further the narrative that it wants to protect native Russian speakers. Second, it would prevent the Ukrainian government from countering that narrative with real information. Third, Kiev's inability to respond would make it look weak, disorganized and incapable of assisting an eastern Ukraine that is floundering. 

And all this feeds into what experts believe is a larger plan to create a sense of confusion among eastern Ukrainians. 

“The fascinating thing I think about this is it’s old-school military doctrine with updated tools," FitzGerald said. 

That "old-school" Kremlin doctrine goes as follows: create chaos, then intervene in a way that makes Russia look like the white knight. Small online and electronic assaults are a means to an end for the Russian government, Weedon said, and its goal is to manipulate public perception in a way that allows it to play the hero. 

The situations described above are all plausible, according to experts, but they haven't happened. And even if they did, these experts are quick to point out that this would qualify more as espionage than cyberwar. 

It's also important to remember that cyberwar is just that — it takes place online and electronically and therefore has limitations. An army can only do so much without a physical force to back up its online operation. Russian troops are massed at the eastern Ukrainian border, but they have not crossed that line. 

"You could certainly destabilize a state [through cyberwarfare], in terms of causing chaos, targeting critical infrastructure, disrupting communications, spreading false information," said Peter Singer, director of the Center for 21st Century Security and Intelligence at the Brookings Institution. "But that’s not the same as taking over the state. For that you need physical force on the ground." 

Have something to add to this story? Share it in the comments. TOPICS: CYBER ATTACK, CYBER WARFARE, RUSSIA, UKRAINE , US & WORLD

No comments:

Post a Comment