Cyber peace reigns despite Russia, Ukraine tensions
While tensions on the ground in Ukraine are rising almost daily, one area of potential conflict is eerily quiet.
Ukraine and Russia are both widely considered computer hacking powerhouses, yet apart from a steady drumbeat of relatively minor distributed denial of service attacks, there have been no major offensives.
Russia has not been shy about using its cyber know-how in the past.
In 2007, a massive cyber attack reportedly perpetrated by Russia shut down huge swaths of the Internet in Estonia following that country’s plan to remove a Soviet-era war monument.
A year later, Russia launched a cyber onslaught that preceded its invasion of South Ossetia. The attack took down or defaced numerous official Georgian websites.
There are a few possible explanations for why nothing like this has happened yet between Russia and Ukraine, experts say.
Familiarity
First, since Russia and Ukraine use similar systems of legal intercept, known as System for Operative Investigative Activities, or SORM, they may have an interest in keeping the Internet and other electronic forms of communication humming along so as to potentially listen in.
“Launching a cyber attack might be dumb,” said Christopher Ahlberg, founder of Recorded Future, a web intelligence company based in Cambridge, Mass., adding that because the web serves as an outlet for people to talk, “you can be 100 percent sure [Russians] can listen to the Ukrainians.”
The Russian incursion into Crimea may have given them an advantage in that they could get access to Ukrainian SORM hardware, according to Recorded Future.
There were recent reports that “unidentified people” took control of telecommunication nodes operated by Ukrtelecom, Ukraine’s landline provider, in Crimea, temporarily knocking out service there.
According to a company blog post, “Russia has already exerted a measure of control over Ukrainian telecommunication systems” and has “intimate knowledge of Ukrainian lawful intercept systems which are modeled after Russian FSB SORM systems.”
“I thought it to be a Russian advantage as they occupied Ukrainian land and had hard access to the Ukrainian installations, whereas the Ukrainians don’t have the same physical access to Russian installations of the equipment,” said Scott Donnelly of Recorded Future.
Deterrence
Another reason for the relative cyber peace might be that the two sides are so adept at cyber attacks that they don’t want to incite the other side.
“Some of the most adroit cyber criminal actors are from within the Ukraine, said Christopher Burgess, CEO of Prevendra, Inc., an Internet security firm. “That may be a deterrent in and of itself.”
“Ukrainian hackers are well-known in the world,” Valentyn Petrov, an information security official at the Security Service of Ukraine, known by the acronym SBU, told The Washington Post last year. “Our country is a potential source of cyber threats to other countries.”
Doug Madory, of Renesys, an Internet intelligence company based in Manchester, N.H., is less sure about deterrence.
“Given that attribution is near impossible, the prospect of deterrence in cyber doesn’t hold like it does in physical conflict,” he said. “If hackers in Ukraine wanted to retaliate for what they perceived was hacking by Russia, they might be able to target something in Russia but probably not the entity responsible for the hacking.”
Ahlberg doesn’t dispute the Ukrainian talent, but is not convinced it’s a major reason for the quiet.
“At one level, it is well known that Ukraine has great hackers – mostly in the realm of financial cybercrime,” he said. “That said, I doubt Mr. Putin would be afraid.”
Western Connections
Finally, it would be very difficult for Russia to completely shut down the Internet in Ukraine, said Madory.
“Russia would have a hard time disconnecting Ukraine. Nearly all the ISPs in Ukraine reach the outside world through connections to the West,” he said. “Even the Ukrainian subsidiaries of Russian telecoms connect to the west versus up through Russia.”