11 January 2023

Is Russia losing the cyber warfare?

Mashal Zahid

Many peculiarities are coming out of this strange war as Russia’s invasion of Ukraine enters its eleventh month. The reason why a strong cyber warfare power like Russia has launched so few and hence ineffective cyber-attacks against Ukraine and its allies is one of the most perplexing. The digital conflict over Ukraine is examined by New Horizons, along with any potential long-term effects.

On February 24, 2022, when Russia invaded Ukraine, many analysts anticipated a conflict far different from the one that is currently being waged. Not only was the invasion expected to be a four-day blitzkrieg, but many experts predicted that Russia would wage such a fierce cyber war against Ukraine that an invasion might not even be necessary to force Kyiv to comply with Moscow’s demands. Even before Russian forces attacked Ukraine in February, many analysts in the West, Ukraine, and Russia predicted that Moscow might use cyber-attacks to cause significant harm to Ukraine before or after the military invasion began. Russia does have significant and formidable cyber capabilities. The reality, on the other hand, has been significantly different.

The offensive has stagnated and stretched into eleven months of brutal ground battle, but the cyber war has never actually taken off. This is unexpected because Russia, along with the United States, the United Kingdom, China, Israel, Iran, and North Korea, has been building advanced offensive and defensive cybernetic capabilities for decades and has also indicated a willingness to employ them on numerous occasions.

Although these cyber operations may appear formidable, they not only fell far short of expectations but also turned out to be counterproductive. The Russian cyber war cost tens of millions of dollars in losses. It was disruptive and at times terrifying, but it never went beyond a series of practical jokes. And jokes have never triumphed in battle.

Over the past eleven months, it has been clear that very few, if any, of Russia’s cyber-attacks have been carried out in support of a definite military goal. Nothing that may have put genuine pressure on Ukraine to make concessions from the nation or its allies—such as attacks on naval control and command systems or attacks on crucial infrastructure—was present.

The war in Ukraine is the largest military conflict of the cyber age and the first to incorporate such significant levels of cyber operations on all sides. It may be that Ukrainian cyberspace proved to be much better protected than some thought. Or it may be that Russia did not use its offensive cyber capabilities because the Kremlin interfered in every aspect of the preparation for the war, from military planning to cyber activities. The Kremlin wanted the invasion to play out as a “special operation” (in the Kremlin’s words), not a conventional military offensive. In this, as in much else, the Kremlin greatly miscalculated.

The first attacks were carried out using wiper software, which erases the hard disks of infected devices. These were addressed by a variety of Ukrainian government, non-profit, and information technology groups. Whispergate ransomware was disguised as ransomware, but instead of permitting recovery, it acted when the infected device was temporarily turned down and then downloaded a malicious.exe file to delete targeted data. Another type of attack was the Gamaredon virus, which targeted Ukrainian and related targets all over the world.

Over 10,000 satellite internet modems that are a component of the American satellite company Viasat’s network in Ukraine, as well as other parts of Europe, were the target of a cyber-attack when Russian troops invaded on February 24. The attack, which was linked to Russia by the US, UK, and EU governments, was followed on March 1 by massive cyber-attacks on media outlets in Kyiv at the same time a missile hit Kyiv’s television tower.

In addition to these attacks, financial firms, border check stations, and even telecommunications infrastructure were targeted, leading banking services to be disrupted, power outages to occur, and the distribution of medications, food, and humanitarian supplies to be hampered. There were also phishing assaults on the government and military, as well as the discovery of monitoring software on numerous networks that took information about social media and financial transactions from the corporate and nongovernment residents. Distributed Denial-of-Service (DDoS) attacks against telecommunications corporations were another prevalent type of assault.

Another aspect to consider is Ukraine’s cyber defenses. Russia has not attacked the country for the first time in 2022. Since the 2014 revolution that deposed the pro-Moscow administration, Ukraine has served as Russia’s digital test bed. This has turned Ukraine into Russia’s cyber playground, yet it has also pushed Ukraine into a testing ground for defenses.

Reliable reports are hard to come by due to the fog of war, but Ukraine has managed to repel Russian attacks, limit damage they caused, and even launch limited counterattacks. The internet in Ukraine is also much decentralized, and many of its resources are situated outside. In fact, creating a computer network that could continue to operate in the case of a full-scale nuclear strike was the entire objective of the internet. Commercial networks in Ukraine were fortified before the invasion, which has only increased their inherent robustness.

The fact that Ukraine still uses Cold War-era weaponry is one ironic aspect. In many ways, this is a drawback, but radar systems that use radio valves rather of microchips can be just as resistant to cyber-attack as a steam engine that burns coal.

The advent of the smartphone and other portable communications equipment with reliable encryption, on the other hand, makes the information war considerably more difficult to wage. Propaganda is easier to transmit today, but it is also quicker to counter, as shown in the West when phony documents were released in an election and were discredited in less than an hour.

Conclusion

Everyone was reminded of the importance of conventional warfare by the conflict in Ukraine. Many people believed that the use of tanks and other mechanized weapons in warfare had come to an end before Russia invaded Ukraine, and that future wars would be fought using computer software. However, both cyber-attacks and drones have been used in this conflict, and it appears that both will be used more frequently in wars to come. Software alone cannot currently guarantee a military campaign’s success. While this may sound very awful, warfare still necessitates men in steel, and this will likely continue to be the case for the near future. Hopefully, the messy nature of modern conflict, as proven by Ukraine, will serve as a warning to other nations.

No comments: