Russia-Ukraine War and Absence of Cyber Attacks
Quote from Jamal Nasir on 4th July 2022, 11:43 amSince beginning of full scale hostilities on 24 February, 2022, the Russian Federation has heavily relied upon conventional military force to win this war. Preliminary reviews available on open sources suggest that the Russian campaign is planned around application of conventional forces and no significant cyber attack has been carried out by the Federation. The most expected modern conflict having sophisticated cyber operations between two modern nation states is yet to come to fore.
Russia is one of the most acclaimed cyber powers. In 2014, the Russian Federation launched a campaign to annex Crimea. The campaign was based on all available instruments of power including economic coercion, cyber attacks and fomenting rebellion, in addition to a ground offensive. Before launching the ground offensive the Russian Federation launched cyber attacks against Ukrainian computer networks. The banking system of Ukraine was crippled and different official web sites were defaced. These actions had a psychological impact and proved useful in undermining the will of the adversary. Frank Hoffman analyzed this campaign as modern hybrid warfare. Moreover, different reports suggest that Russian footprints were also observed during the 2016 US elections. These events suggest that the country has the capability to launch cyber attacks.
Russia’s most significant cyber success so far in the current conflict is the disruption of the Viasat Inc’s KA-SAT satellite. This created significant damage that spread beyond Ukraine but ultimately did not provide any military advantage to Russia. The attack may have been intended to be part of a larger, coordinated cyber attack that proved unsuccessful, or the Russians may not have expected the rapid restoration of service that was provided with outside assistance.
The metric for Viasat and for other actions is not whether a cyber attack is effective in terms of network penetration or the disruption of services or data, but whether its effect helps achieve the desired military outcome; in this case, the occupation of Ukraine and the elimination of its elected government. By this metric, the Viasat attack was not a success.
Now a question arises as to why Russia is unable to launch an effective cyber attack to undermine its adversary’s cyber infrastructure and gain significant advantage by applying conventional and cyber capabilities.
There are a number of hypotheses put forward by different analysts. One of the opinions is that president Putin envisaged a swift end without dragging the conflict out. Therefore, Russian military leadership extensively applied conventional hard power to achieve effects which are otherwise not possible by merely applying cyber attacks. Hence, the Kremlin used hard power to take out targets such as electricity grids instead of launching cyber weapons for soft kills
Many experts are of opinion that countries allied with Ukraine already had counter defensive cyber measures in place before the start of hostilities to neutralize the effects of Russian cyber attacks. Before the breakout of war, Russian intelligence agency GRU launched a number of cyber attacks against the banking system and defence web sites of Ukraine, but these attacks were mitigated effectively. Ukrainian authorities had also learned lessons from 2014 Russian cyber attacks and a well-orchestrated cyber strategy was implemented in the aftermath of the Russian cyber attacks during 2014 conflict.
However, a number of experts are also warning against potential Russian cyber attacks. They are of the opinion that protracted war will compel the Russian leadership to alter their plans, and they will resort to adding a cyber dimension to their plans. These cyber operations would have certainly spillover effects for allies of Ukraine as well.
The importance of cyberspace-based operations has been highlighted for a long time. John Aquila in his seminal work Cyber War is Coming, while discussing importance of situational awareness and ramifications of the information revolution, argued that cyberspace will be pivotal in future conflicts where autonomous computers of adversaries will fight to attain strategic gains.
Richard Clark, a former US government official further highlighted idea of cyber war in his book and has discussed different scenarios associated with cybergeddon. He cited instances of cyber operations such as the Israeli attack against a clandestine Syrian nuclear facility in 2007. In this attack, the software of the Syrian radar system was altered by cyber elements and Israeli fighter aircraft were able to carry out their mission without any challenge.
In 2012 Leon E. Panetta, then Defence Secretary of US, warned that the United States was facing a cyber Pearl Harbor. He stated that an aggressor nation or extremist group could use these kinds of cyber tools to gain control of critical switches. He further elaborated that they could derail passenger trains or, even more dangerous, derail passenger trains loaded with lethal chemicals. They could contaminate the water supply in major cities, or shut down the power grid across large parts of the country.
However, analysts such as Stephen Waltz and John Rid suggested that a full scale cyber war is not possible. They are of the view that the concept of a cyber war is overblown, while attacks including cyber espionage, denial of service attacks, etc. are possible with critical effects. Thomas Rid suggests that a full scale cyber war as an alternate to conventional war is not possible. He argued that cyber war does not fulfill the Clausewitzian attributes of a war - i.e. war is violent, instrumental and political - as till date there is no cyber weapon to kill armies and inflict large scale physical damage.
Militaries around the world tend to adapt technologies to keep primacy over their adversaries. Cyberspace is in an enabling environment for the natural domains of land, air, sea and outer space. Advances in cyberspace have accentuated revolution in military affairs. Therefore, the importance of cyber infrastructure is of paramount importance to ensure strategic gains. A military grade cyber weapon surfaced in 2010, to which is attributed damage sustained by an Iranian nuclear facility. However, such sophisticated artifacts involve a lot of money and a team of experts. Since then, no other malware has been detected with kinetic effects.
Emerging disruptive technologies (EDTs) such as Artificial Intelligence, machine learning, pilotless aircraft etc. are the product of advances in cyberspace. EDTs are central to the national security formulation of different nation states and potential challenges of strategic stability are also associated with EDTs.
Although preliminary outcomes of the Russia-Ukraine war suggest the absence of cyber operations, there are certain lessons which can be inferred from this conflict. The foremost important one is that a cyber attack alone cannot create effects to compel the adversary. However, while applied prudently in tandem with conventional military power, cyber operations act as force multipliers. Cyber artifacts are also useful for information operations to subdue an adversary populace. Also, nation states learn from their failures. Ukraine learned lessons from the 2014 conflict and strengthened their cyber defence, thus proving that offence is not always as successful in cyberspace as it is perceived. Due to constantly changing threat vectors, it is assumed that offence always wins in cyberspace. Nonetheless, defensive counter measures by Ukraine provide great insight into the idea that cyber defence catering to a vast array of threats can successfully mitigate cyber offences. The nature of war is inherently chequered and filled with uncertainties. Historically, technological advances usually affect the outcome of a battle. However, it is the leadership that influences the results of war. History tells us of numerous instances where armies led by superior leadership defeated numerically advanced adversaries by wisely employing instruments of power and demonstrating great leadership qualities.
Since beginning of full scale hostilities on 24 February, 2022, the Russian Federation has heavily relied upon conventional military force to win this war. Preliminary reviews available on open sources suggest that the Russian campaign is planned around application of conventional forces and no significant cyber attack has been carried out by the Federation. The most expected modern conflict having sophisticated cyber operations between two modern nation states is yet to come to fore.
Russia is one of the most acclaimed cyber powers. In 2014, the Russian Federation launched a campaign to annex Crimea. The campaign was based on all available instruments of power including economic coercion, cyber attacks and fomenting rebellion, in addition to a ground offensive. Before launching the ground offensive the Russian Federation launched cyber attacks against Ukrainian computer networks. The banking system of Ukraine was crippled and different official web sites were defaced. These actions had a psychological impact and proved useful in undermining the will of the adversary. Frank Hoffman analyzed this campaign as modern hybrid warfare. Moreover, different reports suggest that Russian footprints were also observed during the 2016 US elections. These events suggest that the country has the capability to launch cyber attacks.
Russia’s most significant cyber success so far in the current conflict is the disruption of the Viasat Inc’s KA-SAT satellite. This created significant damage that spread beyond Ukraine but ultimately did not provide any military advantage to Russia. The attack may have been intended to be part of a larger, coordinated cyber attack that proved unsuccessful, or the Russians may not have expected the rapid restoration of service that was provided with outside assistance.
The metric for Viasat and for other actions is not whether a cyber attack is effective in terms of network penetration or the disruption of services or data, but whether its effect helps achieve the desired military outcome; in this case, the occupation of Ukraine and the elimination of its elected government. By this metric, the Viasat attack was not a success.
Now a question arises as to why Russia is unable to launch an effective cyber attack to undermine its adversary’s cyber infrastructure and gain significant advantage by applying conventional and cyber capabilities.
There are a number of hypotheses put forward by different analysts. One of the opinions is that president Putin envisaged a swift end without dragging the conflict out. Therefore, Russian military leadership extensively applied conventional hard power to achieve effects which are otherwise not possible by merely applying cyber attacks. Hence, the Kremlin used hard power to take out targets such as electricity grids instead of launching cyber weapons for soft kills
Many experts are of opinion that countries allied with Ukraine already had counter defensive cyber measures in place before the start of hostilities to neutralize the effects of Russian cyber attacks. Before the breakout of war, Russian intelligence agency GRU launched a number of cyber attacks against the banking system and defence web sites of Ukraine, but these attacks were mitigated effectively. Ukrainian authorities had also learned lessons from 2014 Russian cyber attacks and a well-orchestrated cyber strategy was implemented in the aftermath of the Russian cyber attacks during 2014 conflict.
However, a number of experts are also warning against potential Russian cyber attacks. They are of the opinion that protracted war will compel the Russian leadership to alter their plans, and they will resort to adding a cyber dimension to their plans. These cyber operations would have certainly spillover effects for allies of Ukraine as well.
The importance of cyberspace-based operations has been highlighted for a long time. John Aquila in his seminal work Cyber War is Coming, while discussing importance of situational awareness and ramifications of the information revolution, argued that cyberspace will be pivotal in future conflicts where autonomous computers of adversaries will fight to attain strategic gains.
Richard Clark, a former US government official further highlighted idea of cyber war in his book and has discussed different scenarios associated with cybergeddon. He cited instances of cyber operations such as the Israeli attack against a clandestine Syrian nuclear facility in 2007. In this attack, the software of the Syrian radar system was altered by cyber elements and Israeli fighter aircraft were able to carry out their mission without any challenge.
In 2012 Leon E. Panetta, then Defence Secretary of US, warned that the United States was facing a cyber Pearl Harbor. He stated that an aggressor nation or extremist group could use these kinds of cyber tools to gain control of critical switches. He further elaborated that they could derail passenger trains or, even more dangerous, derail passenger trains loaded with lethal chemicals. They could contaminate the water supply in major cities, or shut down the power grid across large parts of the country.
However, analysts such as Stephen Waltz and John Rid suggested that a full scale cyber war is not possible. They are of the view that the concept of a cyber war is overblown, while attacks including cyber espionage, denial of service attacks, etc. are possible with critical effects. Thomas Rid suggests that a full scale cyber war as an alternate to conventional war is not possible. He argued that cyber war does not fulfill the Clausewitzian attributes of a war - i.e. war is violent, instrumental and political - as till date there is no cyber weapon to kill armies and inflict large scale physical damage.
Militaries around the world tend to adapt technologies to keep primacy over their adversaries. Cyberspace is in an enabling environment for the natural domains of land, air, sea and outer space. Advances in cyberspace have accentuated revolution in military affairs. Therefore, the importance of cyber infrastructure is of paramount importance to ensure strategic gains. A military grade cyber weapon surfaced in 2010, to which is attributed damage sustained by an Iranian nuclear facility. However, such sophisticated artifacts involve a lot of money and a team of experts. Since then, no other malware has been detected with kinetic effects.
Emerging disruptive technologies (EDTs) such as Artificial Intelligence, machine learning, pilotless aircraft etc. are the product of advances in cyberspace. EDTs are central to the national security formulation of different nation states and potential challenges of strategic stability are also associated with EDTs.
Although preliminary outcomes of the Russia-Ukraine war suggest the absence of cyber operations, there are certain lessons which can be inferred from this conflict. The foremost important one is that a cyber attack alone cannot create effects to compel the adversary. However, while applied prudently in tandem with conventional military power, cyber operations act as force multipliers. Cyber artifacts are also useful for information operations to subdue an adversary populace. Also, nation states learn from their failures. Ukraine learned lessons from the 2014 conflict and strengthened their cyber defence, thus proving that offence is not always as successful in cyberspace as it is perceived. Due to constantly changing threat vectors, it is assumed that offence always wins in cyberspace. Nonetheless, defensive counter measures by Ukraine provide great insight into the idea that cyber defence catering to a vast array of threats can successfully mitigate cyber offences. The nature of war is inherently chequered and filled with uncertainties. Historically, technological advances usually affect the outcome of a battle. However, it is the leadership that influences the results of war. History tells us of numerous instances where armies led by superior leadership defeated numerically advanced adversaries by wisely employing instruments of power and demonstrating great leadership qualities.