“It’s one of the first times that digital weighs in on the game of the war”, analyzed a few weeks ago for 20 Minutes Rayna Stamboliyska, digital diplomacy specialist and cybersecurity consultant. In the aftermath of the launch of “a special military operation” by Vladimir Putin against Ukraine, this assertion is more topical than ever. From now on, the question which arises is to know the cyber-weapons that Russia can hold. What are their specificities? Does she have so many cyber tricks up her sleeve?
On Wednesday, several government websites were blocked, despite having already been targeted in January. Kiev attributes these attacks to Russian operators, which Moscow denies. But it is now clear that the Russian conventional offensive could be accompanied by a wave of cyberattacks targeting Ukrainian strategic infrastructure. But not only because, according to Julien Nocetti, specialist in major international digital and cyber issues, as well as Russian foreign policy, “Moscow has a very complete cyber package”.
The Russian cyber-arsenal
First, Russia is in possession of a panel of cyber-weapons, some of which were deployed even before the invasion of troops on Ukrainian soil on Thursday morning. “There have already been distributed denial of service attacks, which are often summarized by the acronym of DDoS attacks, and which consist of paralyzing website servers”, analyzes Julien Nocetti. These cyberattacks have typically hit government sites or Ukrainian institutions. “It is a technically unsophisticated act but which has strong psychological consequences”, he explains again. And for good reason, this type of inconvenience when there are many, contribute to “undermining the confidence that Ukrainian citizens will have in the ability of their leaders to ensure their safety”.
Technically more complex and “more vicious”, the attack through wipers is also one of the Russian cyber weapons. “These digital weapons are introduced deep into digital networks to destroy millions of data,” explains the cybersecurity expert. With this tool, it is impossible to dispute the military purpose. The technique is not new since it is the one used by the NotPetya ransomware in 2017, which had also caused international collateral damage.
It should not be forgotten either that interventions on the Ukrainian ground are also a means of acting at the level of the digital conflict: Russian troops can target interconnection points, that is to say large nodes which go connect digital networks together. “Yesterday already, some interconnection points on the territory of eastern Ukraine were out of service. Was it to accompany the entry of the Russians? Highly possible. But as the conflict is still at an embryonic stage, we do not know to what extent control over these infrastructures is possible in the longer term,” adds Julien Nocetti.
Russian specificities and assets
“Regarding digital weapons, the Russian doctrine is clear: it places the cyber dimension and the informational component on the same level”. Namely for this last category: propaganda, subversion and disinformation. “A whole technical palette is cheerfully employed today, initially targeting Ukraine then, perhaps later, targeting Western adversaries”, quotes the researcher.
He also adds the possibility that cybercriminal networks will join the Russian forces, with an increased deployment of ransomware and great diplomatic and military difficulty in identifying the perpetrators: “technically, there would always be a small percentage of doubts about the decision maker, and great difficulties in proving the organic link with the Kremlin”. Without forgetting that the world of Russian cybercrime has evolved very quickly in recent years from isolated and poorly organized hackers to a very professional system where the structures are close to “VSEs-SMEs or specialized start-ups”, analyzed Rayna Stamboliyska. “At REvil, for example, there were at least ten developers, not counting the members who deal with support functions, after-sales service or even marketing. »
“I don’t believe in a cyber Pearl Harbor or a digital Fukushima”
Barring a major strategic surprise, for Julien Nocetti, the whole panel of Russian cyber-weapons is known: “I don’t believe in a cyber Pearl Harbor or a digital Fukushima,” he assures us. This arsenal has also proven itself in past conflicts, particularly in Crimea, Dombass and Syria: “Russia was able to use several proving grounds to test its cyber-weapons and coordinate the operational aspect between the army, intelligence services and diplomatic discourse”.
In addition, Moscow takes advantage of being able to play pertinently on “a gray area: today, there is a real absence of codification of cyber-warfare and no connection of cyber-attacks to any article of international law”, further discerns the researcher . In other words, Russia has the advantage of ambiguity in its pocket.
Ukraine and its allies, cyber-poor?
Can we really say that Ukraine and its allies did not anticipate the cyber war? “It’s hard to answer. A lack of preparation, you may not have to go that far. Among the main Western powers, there is still a move upmarket at the cyber level which has been evident for three to four years, on the technical, financial, human, doctrinal level”, distinguishes Julien Nocetti. But it’s one thing to prepare for war, it’s another to put it into practice once the conflict is declared.
The specialist in major international digital and cyber issues also considers that this type of action often takes place with a covered face, “in a clandestine directory, dear to the intelligence world”. Without forgetting that Ukraine and its allies can also ask for the help of hacker collectives, such as that of Anonymous, which has already managed to temporarily take the website of the Russia Today channel offline. “The contribution of these cyber-partisans could even allow Western states not to engage too directly on the military front in this conflict in Ukraine”, concludes Julien Nocetti.