Russia-Ukraine: expect more cyberattacks?

Digital in-conversation with Dmitri Alperovich, Executive Chairman at Silverado Policy Accelerator, moderated by Jon Garvie, International Policy Practice Director, discussing the risks of more cyberattacks.

The event today was a lively and informative discussion, with some key conclusions:

• From a cyber perspective, one of the main lessons of the war in Ukraine is that cyber by itself does not achieve a lot. However, combined with the rest of the conventional capabilities of an army, smart cyberwarfare can create a lot of advantages. But this requires integrated military planning and sufficient troops and resupplies, both of which Russia did not take into account before invading Ukraine. This is one of the main differences between Russia’s cyberwarfare in Ukraine and what China might be preparing for in the Taiwan Strait.
• So far, cyberattacks have not played a very important role in the war in Ukraine, and it is unlikely that they will in the future. Although the Russian army launched one of the most effective cyberattacks in the history of modern warfare on February 24th – when Russia hacked a major American satellite, blinding the Ukrainian forces in the first hours of the conflict – Russia could not capitalise on that because of insufficient troops and redeployment. Current Russian cyberattacks are not very impactful, even though they disable some civilian infrastructure for a couple of hours.
• International sanctions have made Russian cyberattacks less lucrative. At the beginning of the war, Putin and Zelensky urged hackers to conduct ransomware attacks. In fact, ransomware attacks from Russia against the West have flared up recently after they had decreased following the Biden-Putin summit in Geneva in 2021. The resumption of activities is not driven by politics but by the old motive to make money. Sanctions have changed this calculus because a quick ransom payment is no longer the least risky option for targeted companies, as the ransom payment could violate sanctions. As a result, ransomware attacks are less lucrative for the attacker and therefore less widespread.
• Russia has not seriously used cyberwarfare to respond to Western policies in support of Ukraine, but the West should strengthen the protection of its energy sector. Despite its rhetoric of hybrid warfare, Russia has not responded to the US with cyberattacks because the Kremlin is aware that the US could escalate the war with new weapons deliveries to Ukraine. Nevertheless, US government agencies are providing advice and intelligence to incentivise the private sector to (finally) better protect networks. Rather than increased cyberattacks, Russia could use a “dirty bomb” to contaminate Kherson if Russian troops are forced to abandon the city. However, the lasting effect of this would be limited and the overall likelihood of Russian nuclear escalation low.
• China will certainly learn lessons from Russia’s failure and could benefit from a range of geographical and technical circumstances. The war in Ukraine is different from a conflict in the Taiwan Strait because the US army would be much more vulnerable to cyberattacks than Ukraine is. Ukraine partially relies on howitzers from the 1970s which do not even have chips. For Taiwan, the biggest challenge is that it is an island without Poland next to it to serve as a base for resupplies from its allies. If Taiwan were to be cut off from the outside world, it would not be able to conduct the same international outreach as Zelensky has. It should also be assumed that China will not be as unprepared and poorly equipped as Russia was.