THEO VAN GOGH INTEL: Despite expectations, a cyber-blitz has not occurred in Ukraine. Experts explain why
JULY 1, 2022 BY JOSEPH FITSANAKIS
IN THE OPENING STAGES of the Russian invasion of Ukraine, there was a widespread expectation among security experts that the world would witness a new chapter in the history of cyber-warfare: something akin to carpet-bombing in cyberspace. These fears, however, have not materialized.
Although cyber-attacks have occurred on both sides, their scale has remained markedly modest. Consequently, their effect has been limited and has had no traceable strategic impact on the conflict.
Why is that? According to two experts, Nadiya Kostyuk, assistant professor at Georgia Tech’s School of Cybersecurity and Privacy, and Aaron Brantly, assistant professor and director of Virginia Tech’s Tech4Humanity Lab, the reasons partly relate to how nation-states form cyber-alliances, as well as to Russia’s overall approach to this war. The two experts attempt to forensically analyze this topic in their article entitled “War in the Borderland Through Cyberspace: Limits of Defending Ukraine Through Interstate Cooperation”, which was published on June 29 in Contemporary Security Policy.
Does the Improved Cyber-Defense Argument Stand to Reason?
In their article, Kostyuk and Brantly systematically scrutinize a number of reasons that other experts have proposed to explain the absence of a major cyber-war campaign by Russia. Among them is the view that Ukraine significantly improved its cyber-defenses after 2015, when it began collaborating closely with Western countries —notably the United States and the United Kingdom. Specially designated “cyber-warfare teams” from these countries have been helping Ukraine in tasks ranging from “the synchronization of [its] cyber-related legislation” with Western standards, as well as aligning them with NATO standards, so that Ukrainian cyber-warfare units can make use of advanced technologies and systems. Could it be, therefore, that Ukraine has improved its cyber-security posture enough to be able to defend itself against relentless Russian cyber-attacks?
That is unlikely, say the authors, given that “Ukraine’s cyber capabilities are still organizationally and operationally under- developed” in comparison to Russia’s. That is exacerbated by the endemic corruption and clientelism (the creation of patronage networks) in Ukraine, as well as by the bitter in-fighting between government agencies —notably the Ministry of Defense and the Security Service of Ukraine. It should not go without notice, Kostyuk and Brantly note, that the Ukrainian government sought frantically to develop a “volunteer cyber-army” on an ad hoc basis to defend the nation in the first days of the Russian invasion. That did not exactly instill trust in the country’s level of preparation to withstand a cyber-campaign by Moscow.
Are Western Countries Helping? Not Particularly
Now that the war is underway, it is easy to over-estimate the ability and willingness of Ukraine’s Western cyber-allies to rush its defense, say Kostyuk and Brantly. In the domain of cyber-warfare, offense is usually the best defense. Yet governments are generally “reluctant to use their offensive cyber-capabilities on behalf of their partners” in cyber-warfare. That is because, by launching a cyber-operation on behalf of an ally, a country like the United States would have to exploit vulnerabilities in the networks of its target —in this case Russia. Even if such attacks were successful, they would force the Americans to implicitly make the Russians aware of their cyber-vulnerabilities. In turn, that would allow the Russians to patch their vulnerabilities, thus in effect making them more capable to withstand future attacks and limiting America’s cyber-offensive capabilities. That does not mean that countries like the United States are not sharing cyber-related intelligence with Ukraine. However, they are “less likely to share the exact tools they use or to act on this intelligence using cyber-offensive operations on their partner’s behalf”, the authors note.
Cyber-War Versus Cyber-Espionage
So, if Western assistance is not sufficient to explain the survival of Ukraine’s cyber-infrastructure in the past several months, then how do we account for it? Kostyuk and Brantly suggest that, simply put, the Kremlin has decided not to pursue this war with cyber means. It needs to be remembered, they argue, that “the war in Ukraine is fundamentally about territory and physical control. Cyberspace can do little to physically capture a nation”. Although cyber and physical conflict are indirectly related, “[t]here is little substitution between [them]”. In the current conditions of this ongoing war, the Russians appear to view the Internet as a “useful vehicle [to] collect information […] rather than directly shape the physical battlespace”. Thus, “cyber-espionage is playing a more important role than disruptive or degradative cyber-attacks”, the authors conclude.
► Author: Joseph Fitsanakis | Date: 01 July 2022