Join online with today’s leading executives at the Data Summit on March 9th. Register here.
We do not know the full extent of the damage caused by cyber-attacks against Ukraine over the past week, between non-provocative invasions by Russia and barbaric military strikes. But judging by the statements of those who may actually know, the cyber strikes so far against Ukraine are, unfortunately, worse than the public perception.
Alex Bornyakov, Ukraine’s deputy minister for digital transformation, told TechCrunch this week that “you have no idea how many cyber attacks Ukraine has been facing since the invasion.” And Microsoft President Brad Smith said in a blog post on Monday that recent cyber attacks against civilian targets in Ukraine “raise serious concerns under the Geneva Convention.” But with one possible exception, cyber attacks on “war crimes” have not yet been made public.
However, there is one thing that is clear to see: cyber attacks have not disabled Ukraine’s communications infrastructure since the beginning of the Russian invasion, as many previously feared.
This does not mean that it will not happen at some point. And as Russia looks more and more desperate and brutal every day, experts say the chances of that happening soon are, tragically, very strong.
But the question remains: why haven’t cyber-attacks already crippled Ukraine’s communications infrastructure? As important as Ukraine’s defense and morale of phone and internet service is, why would it be allowed to continue working?
During his interview with TechCrunch, Bornyakov described it as part of an overall miscalculation by Vladimir Putin and his commanders, which has been reported by the BBC and other outlets.
In short, the idea is that Russia did not consider it necessary to deactivate Ukraine’s communications systems.
“They didn’t do this in the first place because I think they thought it would be faster and easier. They would just pass through the city, stop at the main square and just celebrate,” Bornyakov told TechCrunch.
In email comments to VentureBeat today, operational technology (OT) security experts emphasized why things have gone this way so far – and where they can go next.
Why things happened this way
Since the beginning of the current crisis, there has been some speculation as to what is going on in the minds of Putin and the Russian commanders, said Eric Byres, CTO of OT software supply chain security firm Adolus Technology.
“Perhaps the best guess is Bornyakov’s suggestion: Russia thought victory would be quick, so they did not need to attack Ukraine’s communications infrastructure,” Byrne said. “The fact that both physical and cyber attacks on infrastructure are limited, so far, suggests that it is not a question of capability.”
Thus, “I have to assume that this is a deliberate decision by the Russian commanders and there is no capability limit,” he said.
Daniel Jablansky, OT cybersecurity strategist at Nozomi Networks, agreed, saying Russia had clearly “assumed that their boots on the ground would be more immediately effective for their purposes.”
Notably, some have suggested that Russian troops actually needed to use Ukraine’s communications infrastructure, and therefore wanted it to remain intact, Bayer noted.
However, “this seems unlikely to me,” he said. “I can’t imagine a modern army based on a civilian communications structure, not even their own – no matter the enemy.”
More likely, Russia wants a quick, decisive victory with little to no infrastructure damage, Bayer said.
There are other potential factors as well. For example, launching a single, destructive cyber strike to disable the entire communications system is “not as real as some might think,” Zeblanski told VentureBeat.
“It requires access and dismantling of many different nodes, systems, devices and networks,” she said.
Regardless, it seems that Russia has underestimated the prospect of rapid success, and “has not invested heavily in a cyber-offensive strategy because of this fog,” said Stan Golubchik, CEO of Contraforce.
What could happen next
Examples of major infrastructure hacks in Ukraine include a six-hour power grid outage in 2015 due to a cyber attack attributed to Russia.
In an interview with TechCrunch, Bornyakov noted that he sees further impact on communication systems going forward. “I think they will try to disrupt the connections,” he said.
As part of a discussion this week by SpaceX CEO Elon Musk on the shipment of Starlink satellite dishes to the country, Bornyakov said Ukraine has contingency plans for this. “There are multiple layers of backups,” he said.
The experts told VentureBeat, and they will probably be needed.
“Both cyber and kinetic attacks are likely to increase, although cyber operations will be more diverse events rather than a major blow to one area,” Jablansky said.
Russia’s strategy so far has been disastrous, and they are now resorting to heavy weapons and explosives to destroy civilian-centric areas, Golubchik noted.
Similarly, cyber strikes are likely to increase in the face of stronger resistance than expected from Ukrainians, he said.
“Russia’s history is very destructive when wars do not go its way,” Byrne said. Examples are the “massive catastrophe” that began on Grozny in 1994-1995 and again in 1999-2000, he said.
“I hope and pray that this war will not go in the right direction,” Byrne said.
Venturebeat’s mission Digital Town Square is set to become a place for technical decision makers to gain knowledge about the changing enterprise technology and practices. Learn more