Wilder School Lunch and Learn recap: “Why No Cyber ‘Shock and Awe’? The Digital Dimensions and Implications of Russia's War on Ukraine”
by David Slipher
Russia's war against Ukraine has seen widespread use of digital disruption. Western sanctions have set in motion an unprecedented shift in how Russians will use the Internet. But the "cyber blitzkrieg" expected alongside Russia's invasion of Ukraine never happened. What cybersecurity lessons can we learn from the conflict and what can we expect from Russia in the months and years to come?
These are questions that Christopher Whyte, an assistant professor of homeland security and emergency preparedness at the Wilder School, explored during the May Lunch and Learn virtual presentation, “Why No Cyber "Shock and Awe"? The Digital Dimensions and Implications of Russia's War on Ukraine.”
> View the complete presentation, along with a Q&A session on the Wilder School YouTube channel
Demystifying the digital landscape of cybersecurity
Making sense of the digital dimensions of state-sponsored hacking is no easy feat, but Christopher Whyte specializes in geopolitical cybersecurity and brings a unique perspective for understanding.
For Whyte, who views Russia as the number one belligerence to U.S. cybersecurity efforts, says it’s a battle that goes back 40 years to the first uses of computer-aided systems by both countries.
“We can trace major incidents that have cost billions of dollars and have affected and threatened our national security, our industries and our infrastructure going back decades,” Whyte said.
But Russia’s past several years of aggression and the current war against Ukraine have produced a previously unseen types of cyber threats. It’s a concoction of psychological warfare, electronic warfare and cyber operations, Whyte said. Malware and ransomware attacks have shut down utility providers and shipping companies, spilling over and hobbling private industry in the West. In another example, Whyte highlighted how the Russian army would fly drones overhead Ukrainian positions and hack soldiers’ cell phones to gather GPS data and launch geo-targeted airstrikes directly to their locations.
In recent years, the Ukrainian government has gained experience and become more responsive to these attacks, Whyte noted. Back and forth, the two countries have exchanged sophisticated attacks on communications infrastructure, networks and satellite operating companies, as well as the disruption of thousands of government websites and media outlets. It’s tough to estimate the specific cost of these attacks, but the figures are in the billions of dollars in repairs and lost services.
Not the expected cyber-blitzkrieg
Despite media hype leading up to the conflict, Russia’s cyberattacks have not been as numerous or as effective as anticipated. Whyte attributes this to the limited effectiveness of cyber attacks in active warfare. “When we were talking about cyber operations we're talking about taking websites offline or disrupting access to networks or wiping information off of hard drives that kind of thing and these are temporary victories,” Whyte said. “(These effects last) days or a couple of weeks at most, and the results of that is that cyber operations don't really help militaries control territory.”
“It's likely that we're facing a Russia that is going to be geopolitically isolated as well as a bit of a moral pariah. (Russia’s) economy is not going to be as strong as it has been at pretty much any point in history, and that's largely because of the devaluation of their commodities.” - Christopher Whyte
Whyte also highlighted that Russia’s belief in a quick military takeover would preclude attacks that would disrupt or destroy infrastructure that they planned to soon control. Ukrainians have also managed to move away from reliance on old Soviet infrastructure, adopting newer technologies for their military operations which utilize Western commercial communication firms that are much more impervious to Russian cyber attacks.
And while the Russians are incredibly cyber-capable, the majority of previous attacks have typically been carried out by individuals and other non-state actors and groups. Russia hasn’t had landed the internal pro-war support from these groups, which also explains why the country’s cyberattacks haven’t been as numerous as expected. Other potential attacks have been successfully thwarted by pro-Ukrainian hackers, working both domestically and abroad.
“In particular, there has been a groundswell of support both within Ukraine and from across the West, particularly in Europe,” said Whyte. “But I know of people here in Richmond who have operated on behalf of Ukraine.”
Looking to the future for Russia
With growing sanctions against Russia, Whyte predicts there will be increased attacks by non-state actors as conditions deteriorate the country’s international economic activites. But nearly 100,000 of Russia’s best and brightest from the tech industry are fleeing to other countries, which will further damage future economic growth.
“It's likely that we're facing a Russia that is going to be geopolitically isolated as well as a bit of a moral pariah,” said Whyte. “(Russia’s) economy is not going to be as strong as it has been at pretty much any point in history, and that's largely because of the devaluation of their commodities.”
All of these repercussions will greatly limit Russia’s access to high technology and personnel, which will have further implications for the country’s ability to conduct sophisticated cyberattacks in the future. Russia’s success or failure will be hard to determine, but Whyte sees it as likely that the country will return to the familiar, long-term isolationism seen during the Cold War.