Watching for a Crimean Cyberwar Crisis
Russia’s takeover of the Crimean peninsula has been accompanied by a elements of an information-control campaign: telecom cables connecting that region to the rest of Ukraine have been severed, and the Russian government has moved to block Internet pages devoted to the Ukrainian protest movement.
But so far there is no public evidence of more serious cyberattacks against military or government institutions. Indeed, Russia may need to tread a fine line with such tactics, since they could be seen as acts of war under evolving military doctrine. A report from a NATO group chaired by Madeleine Albright, a former U.S. Secretary of State, has said that if NATO infrastructure were the victim of a cyberattack, it could lead to a physical response such as a bombing.
So far, anyway, “Russia has limited themselves to the things they usually do in the onset of a conflict to try to shape opinion, stifle critics, and advance their own viewpoint,” says James Lewis, director of the Center for Strategic and International Studies, a think tank in Washington, D.C. “They are doing the informational side, which is the opening move in the playbook.” Over the weekend, though, Ukraine’s national telephone company, Ukrtelecom, said that unknown vandals had seized telecommunications nodes and cut cables, severing much of the data and voice links between Crimea and the rest of Ukraine.
Info-war tactics have been seen on the Ukrainian side too. Someone sympathetic to the Ukrainian cause managed to hack the Russian government’s English-language news organ, Russia Today, and substitute the word “Nazi” for “military” in some headlines, with results such as “Russian Senators Vote to Use Stabilizing Nazi Forces on Ukrainian Territory.”
The region has a colorful history of cyberattacks against smaller states and organizations seen as opposing the Kremlin. In Estonia in 2007, the local government antagonized Russia by relocating a bronze statue commemorating Russian soldiers. A flood of attacks against government, media, and telecom websites in Estonia followed, paralyzing them for weeks. (The attacks were “denial-of-service” events, flooding servers with page requests to overload them.) The Russian government denied responsibility, saying “patriotic hackers” were to blame.
In 2008, similar events played out when Russia invaded South Ossetia, part of the neighboring republic of Georgia. Again, the attacks—on sites associated with government offices and the embassies of the United States and United Kingdom, among others—could not be provably linked to Russia’s government (see “Georgian Cyberattacks Traced to Russian Civilians”).
Ukraine may be something of a different case. Both Ukraine and Russia are well-known centers of international cybercrime, and both are home to talented computer engineers. But for whatever reason, this sort of mass cyberattack is not happening. “In Georgia you had cyber incidents coördinated with military operations. But the Russians haven’t done that here,” Lewis says. “If violence breaks out in the Crimea, I think they will bump it up a notch.”
The events provide a way for the United States to see what Russia’s cyberwar capabilities are, says Stewart Baker, a former policy chief at the U.S. Department of Homeland Security and now a lawyer in private practice. “From the U.S. point of view, it is an opportunity to watch one country that has integrated cyber [tactics] into their military–Russia–and see what their current doctrines suggest they do,” he said. “But it may be they have decided they don’t need to show what they’ve got, and won’t do it.”
Four years ago, Vladimir Sherstyuk, a member of Russia’s National Security Council and director of the Institute for Information Security Issues at Moscow State University, boasted of significant capacities. “Cyberweapons can affect a huge amount of people, as well as nuclear,” he said in an interview with MIT Technology Review (see “Russia’s Cyber Security Plans”). “But there is one big difference between them. Cyberweapons are very cheap—almost free of charge.”
Keep Reading
Most Popular

These materials were meant to revolutionize the solar industry. Why hasn’t it happened?
Perovskites are promising, but real-world conditions have held them back.

Why China is still obsessed with disinfecting everything
Most public health bodies dealing with covid have long since moved on from the idea of surface transmission. China’s didn’t—and that helps it control the narrative about the disease’s origins and danger.

Anti-aging drugs are being tested as a way to treat covid
Drugs that rejuvenate our immune systems and make us biologically younger could help protect us from the disease’s worst effects.

A quick guide to the most important AI law you’ve never heard of
The European Union is planning new legislation aimed at curbing the worst harms associated with artificial intelligence.
Stay connected

Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.