NATO Plays Cyberwar To Prep For A Real Russian Attack

April 19, 2022 TH Author headline,government,russia,cyberwar,military

The Ukrainian Elephant in the Room

2022’s games will take place under the large, looming shadow of a besieged Ukraine just around 100 miles to the south. Since the start of the Russian invasion, Cybersecurity experts and Ukrainian officials have worried Russia would supplement its now two-month-long ground war with a powerful cyberattack targeting critical infrastructure.

Russia did just that in 2015, when attackers reportedly compromised Ukrainian power distributors, leading to outages for more than 230,000 people. In some cases, residents were left scrambling in the dark for more than six hours. That incident led many to fear Russia would use similar tactics in its eventual military invasion. Prior to that, Russia had used cyberattacks of varying efficacy alongside its 2008 military operations in Georgia and 2014 invasion of Crimea.

So far, in 2022 that hasn’t happened, at least not on the almost apocalyptic scale some had imagined.

“We imagined this orchestrated unleashing of violence in cyberspace, this ballet of attacks striking Ukraine in waves, and instead of that we have a brawl,” Colombia Cybersecurity researcher and former White House staffer Jason Healey told The Washington Post. “And not even a very consequential brawl, just yet.”

There are some smaller exceptions. A recent CloudFlare report shared with Gizmodo found evidence of limited attacks on Ukrainian broadcast media and publishing websites in the first quarter of 2021. Other recent reports found evidence of large distributed denial of service attacks targeting Ukrainian banks, and malware affecting government computers, but those incidents fell far short of the types of seismic, internet-shattering attacks experts had braced themselves for.

That mostly unfettered access to the internet has allowed Ukrainians to remain in contact and organize, both militarily and amongst civilians. Crucially, the internet has also served as a beacon for Ukrainians to stream first hand accounts of their experiences to the world in real time and conduct their own information war on social media. That’s helped muster sympathetic support from a wide swatch of counties around and has led to the idolization of Ukraine’s president Volodymyr Zelenskyy, himself an effective online communicator.

Exactly why a catastrophe-level cyber attack hasn’t happened yet remains shrouded in mystery. Some experts speaking with the Post said Ukraine had learned from previous power grid and infrastructure attacks in 2015 and 2016 and used those experiences to bolster defenses this time around, in a sense the same trajectory NATO members hope Locked Shields will take. Others, like Center for Strategic and International Studies Systems Engineer Malekos Smith, told Nature they believe Russia may have intended to preserve Ukraine’s infrastructure ahead of what they thought would be rapid victory. Others have suggested Russia held back in an effort to avoid attacking the Ukrainian system also used by other countries. Those unintended targets could risk bringing other countries into the war.

Update 4/19, 9:35 a.m. ET: Added comment from CCDCOE spokesperson.