Crossroads Blog | CYBER SECURITY LAW AND POLICY

Current Affairs, cyber attack, Uncategorized, warfare

Crimea Crisis: Operational Complexities in a (Non-) Present Cyberwar

As the situation on the Crimean peninsula remains tense, media reports on cyber incidents disrupting Crimean information and communication networks are increasingly discussing the likelihood of a virtual escalation of the crisis, and the hypotheticals of a cyberwar between Russia and the Ukraine. While the following articles provide different assessments of the cyber-strategical status quo, together they give a simple overview of the different layers on which the involved parties have already carried out cyber attacks.

The Physical – Ukraine/Crimea

Two days ago, Foreign Policy (FP) reported how “[t]he new strikes appear to have been conducted mostly by hand rather than by hackers”. The article mentioned the jamming of phone and radio signals, possibly from Russian navy ships, and, more prominently, the siege of several of the Ukrainian state-owned service provider’s Crimea offices, in the course of which phone and internet cables have allegedly been cut, damaging the region’s internet backbone. Also, “armed commandos reportedly cut off power lines at the Ukrainian navy headquarters in Sevastopol”, and “other teams of commandos” allegedly broke into Ukrainian navy communication stations, sabotaging information and communication technological infrastructure.

The Virtual – Endpoints in Ukraine/Crimea

Yesterday, Digital news outlet Quartz cited the head of Ukraine’s security service, saying that “the mobile phones of Ukrainian lawmakers are under attack by equipment located in Russian-controlled Crimea”. Moreover, though “only sporadic”, remote attacks have been reported targeting Ukraine.

The Virtual – Endpoints in Russia

Also yesterday, the Massachusetts Institute of Technology (MIT) Technology Review mentioned that the Russian government “has moved to block Internet pages devoted to the Ukrainian protest movement”, while “Info-war tactics have been seen on the Ukrainian side too”, when the Russian government’s English-language news organ Russia Today had been hacked and defaced.

The common spin of all three reports is that “all-in” cyberwarefare in the form of massive denial-of-service attacks, as witnessed in Estonia 2007 or Georgia 2008, has not yet occurred. Accordingly, further layers facilitating cyber conflict, including physical spaces in Russia and other critical infrastructures in the Ukraine, have not evolved for now. FP stated that “Moscow hasn’t succeeded in imposing an information blackout, but the attacks could be sign that Russia is looking to escalate its military operations […] without firing a shot”. Contrarily, Quartz argued that the limited scope of this (non-)present cyberwar is in line with the Russian Federation’s intentions of isolating Crimea and controlling information and communication traffic through the peninsula’s internet exchange point.

 

While the evolution of the conflict and of Russia’s and Ukraine’s cyber operations can hardly be predicted at the moment, I think it is worth tracking how the current events develop international military and diplomatic conduct in cyber conflicts, and which rules of engagement the involved parties will base their actions on – on each of the different layers elaborated above.

 

Leave a Reply