Whether Ukraine is in a ‘cyberwar’ or not, it’s getting bad

Join online with today’s leading executives at the Data Summit on March 9th. Register here.


There is a debate over whether it is appropriate to call the current digital conflict in Ukraine a “cyber war” – or if using that term you would be guilty of hyping in the middle of an accident.

Aside from the unpredictable, heartbreaking destruction and casualties caused by Russia’s unprovoked military offensive against Ukraine last week, there are worrying signs that cyber attacks on civilian targets are getting worse.

If you haven’t already, I encourage you to read yesterday’s blog post by Microsoft President Brad Smith. Because it can give you a whole new perspective on the whole “Cyber ​​War” question, as it were for me.

My big take from the post: People really have no idea about the scope or seriousness of the cyber attacks that have hit Ukraine so far.

The point is, even if you choose to define “cyber war”, it is difficult to say for sure whether Ukraine is one or the other. We do not have enough information yet.

It is true that electricity, water and the Internet are still largely operational in Ukraine. Since the Russian invasion last Thursday, virtually no major disruptions have been reported in the main infrastructure, where the cyber attack was a possible cause. As the Washington Post and others have pointed out, the worst-case scenario for cyber-attacks has not yet become clear.

But that does not mean that some very harmful cyber attacks have not taken place in Ukraine. Unless you think Smith is exaggerating, which doesn’t sound like his style, there was definitely.

Geneva effects

In his post, Smith cited cases of cyber-attacks against civilian targets in Ukraine – including cyber-attacks targeting humanitarian aid, emergency response services, agriculture and energy. The attacks are shocking to imagine, but Microsoft has reported that it has recently observed them all in Ukraine.

Smith did not offer any specifics, but made it clear that some of the recent cyber-attacks that Microsoft tracked in Ukraine were as bad as any. He was referring to recent cyber attacks on civilian targets in Ukraine that “raise serious concerns under the Geneva Conventions” – referring to the international treaty that defines what is commonly known as “war crimes”.

And yet none of the publicly announced cyber attacks in Ukraine so far really match what Smith is describing here.

Except for one: the data-viper attack on Ukraine’s border control, if it was intended to slow down the movement of refugees from the war zone, seems like a contender for the Geneva Convention violations, according to some cyber security experts.

With such an attack, “you are entering the Geneva convention region very quickly,” said Casey Ellis, founder and CTO of Bugcrod.

Netanrich agrees John Bambanek, the main threat hunter, called the attack – a report on Sunday by The Washington Post and VentureBeat – “amazingly inhumane” action against Ukrainian refugees. (Assuming it was intentional, and not unintentional.)

But the only reason the public report of this attack exists is a complete coincidence. Chris Kubeka, a well-known cyber-attack expert, was trying to travel from Ukraine to Romania. Between viper attacksBorder control officers at the scene were eager to talk to her once they found out who she was and filled out some details of the cyber attack.

Information control

But apart from the report – which the Ukrainian government has not yet officially commented on – there have been no documented cases of cyber-attacks in Ukraine in the past week that appear to have reached the Geneva-infringement scale.

But that doesn’t mean they haven’t happened, said Stan Golubchik, CEO of cybersecurity firm Contraforce. “I believe the information has not been released deliberately yet,” Golubchik said.

Smith’s general statements about what Microsoft has observed, with a few clarifications provided, seem to support that assumption.

The Ukrainian government is a customer of Microsoft, and there are “many other entities” in Ukraine, he noted in the blog. And as a full-fledged provider of computing capabilities – applications, operating systems, cloud infrastructure and security tools – Microsoft is in a unique position to understand the true state of cybersecurity in Ukraine, experts said.

“Microsoft will know if civic infrastructure is being targeted,” said Stel Valavanis, founder and CEO of Onshore Security, a managed security services firm.

Presumably, the company has evidence of these cyber-attacks, which it is currently preventing, Valvanis said. “I believe there are far more attacks in Ukraine than we have ever experienced,” he said.

In the blog, Smith “clearly states” that these are “some of the worst targeted attacks Microsoft has ever seen,” said John Dixon, vice president of cybersecurity advisory services firm Colfire.

Notably, Microsoft does not send such updates frequently – and “certainly not from its president,” Dixon said.

“This draws a terrible picture,” he said. “I doubt they are seeing more than they are willing to speak in public.”

VentureBeat has reached out to Microsoft for comment. In a blog post, Smith said that for cyber-attacks raising concerns at the Geneva Conventions, Microsoft has “shared information with the Ukrainian government about each of them.”

“I have my doubts [Microsoft is] They are seeing more than they are willing to speak in public.

John Dixon, Vice President of Colfire

Advertising Risks

When private companies are violated, they are often afraid of damaging reputation and being hit by public advertising, noted Danny Lopez, CEO of cybersecurity vendor Glasswall.

“Even in [Ukraine’s] In that case, there are even more dangerous implications, “Lopez said.

Security researchers who have revealed recent cyber attacks against Ukraine are sensitive to this. For example, in today’s ESET ad for Viper malware that was used to attack a Ukrainian government institution last weekend – following a Russian invasion – researchers said they did not identify the affected agency.

“In order to protect the victims and not benefit the attackers, we cannot disclose further specifications,” Jean-Ian Boutin, head of ESET’s threat research, said in a statement to VentureBeat.

There are other possible reasons for stopping details on cyber attacks for the moment. Simply put, Cyber ​​events during the war have the potential to “increase fear, uncertainty and suspicion,” said Daniel Jablanski, Oz Cybersecurity strategist at Nozomi Networks.

There is no denying that language barriers – and the nature of “cyber warfare” – can be in the game. Especially when it comes to information that the English-speaking world is gaining on this subject.

“There’s a very specific information warfare and propaganda aspect in this conflict, which is going on from both sides – which is confusing as to what kind of information you believe to be accurate,” Ellis said.

Cyber ​​warfare is different

He noted that this is one of the main ways that cyber warfare differs from physical warfare. For example, when a bomb explodes, you can feel very confident in determining if it actually happened, Alice said.

But that’s not always the case with cyber warfare, he said.

“You don’t necessarily understand what’s going on in the first place – even if it’s in English,” Ellis said. “Then you have a language barrier. Then you have all the misinformation and propaganda at the top. “

After all, when it comes to Russia’s invasion of Ukraine, it may take some time for us to truly assess the cyber aspects – and decide whether it will be known as the “Cyber ​​War” of all time.

“Until the dust settles and peace is restored, we will not know the true extent of the potential damage,” Lopez said.

One final note: in his post, Smith did not explicitly mention Microsoft’s earlier proposal for a “Digital Geneva Convention”.

But according to Andrew Rubin, co-founder and CEO of Illumio, it is clear that protocols and technology connections are needed to protect against increasing cyber attacks. While the rules of alliance for land, air and sea conflicts exist, “Today, we need the rules of alliance for cyber warfare,” Rubin said.

Venturebeat’s mission Transformative Enterprise is about to become a digital town square for technology decision makers to gain knowledge about technology and transactions. Learn more

Similar Posts

Leave a Reply

Your email address will not be published.