Cyber war and the crisis in the Ukraine www.defenceimagery.mod.uk

Cyber war and the crisis in the Ukraine

Cyberwar conjures up images of hackers taking out critical infrastructure and paralyzing society. This hyperbole is certainly not applicatie to the situation in the Ukraine.

As the crisis in Ukraine unfolds, headlines such as CNN's 'Cyberwar hits Ukraine' are starting to appear in Western media. The Russian actions in Crimea seem to follow a previous script from the successful annexation of South Ossestia in 2008, a conflict that was marked by cyber attacks on a number of Georgian websites. But the whole concept of cyberwar, framed by cassandra’s as a digital-nine eleven or 'cybergeddon', conjures up images of hackers taking out critical infrastructure and paralyzing society. This hyperbole is certainly not applicable to the situation in Ukraine, and the concept of cyberwar should be framed in a nuanced way. Cyber is just one more avenue to acquire intelligence and influence the opponent. It can be used alone or in conjunction with conventional instruments like air power or the eighteen year old infantryman with his bayonet.

The cyber attacks on Estonia (2007) often serve as a case-study in cyber warfare, but in the end the large Distributed Denial of Service (DDoS) attacks only disrupted website availability, albeit for dozens of predominately government websites and during a period of three weeks. Cyber attacks on Georgia (2008) were more complex, involving defacements of government websites and interrupting news providers, causing confusion amongst the general public and hindering news coverage. In Georgia the cyber attacks preceded the conventional military attack. Russian ‘patriotic’ webfora encouraged visitors to join in the cyber attacks and even provided the technical instructions on how to do so. Official Russian government involvement in both cases can still not be proven technically, but many factors do point to government complicity, including the Russian refusal to assist Estonian investigators in tracing the origin of the cyber attacks. Technically the attribution of the attacks might not be proven, but like the current soldiers in unmarked uniforms in Crimea; their country of origin can be deduced from other factors.

Ukraine is not as digitally advanced or connected as Estonia was in 2007, and relatively simple DDoS attacks would be effective enough if the purpose was to just disrupt website services. These days a DDoS attack can even be bought on the internet and Ukrainian government sites would be a logical target. On Saturday March 15th the NATO website was also disrupted for several hours by a DDoS attack. But as infiltrated Russian troops currently occupy telephone providers in Crimea and Eastern Ukraine, there is probably no need for sophisticated cyber attacks to take down whole networks. A stocky person in an unmarked uniform telling someone to flick a switch will do. Although the Russians do have much expertise in the area of cyber, for many complex systems it is probably still easier to access or destroy them physically than it is to disable them through a cyber attack. So a cyber-dimension to the stand-off in Ukraine is probable, but a fully fledged cyberwar certainly is not. But what role does cyber have in modern conflict?

The disciplines of political science, international relations and conflict studies are finding it difficult to incorporate the cyber dimension into existing conceptual frameworks. The laws of armed conflict are based on the distinction between military and civilian targets, something that is not always clear in the cyber-domain. The theory of international stability through deterrence, guided by confidence building and arms verification measures, also fits badly with the virtual and secretive world of cyber conflict. So many questions remain, and empirical research is limited. Although examples of cyber attacks used in conflict have been relatively scarce, there is a risk that we will see some examples of it in Ukraine. However, events might also prove that it is still easier to drop a bomb on something than to write code to disable it. Let's hope that neither occur.