London Defender

The Daily Mirror of the Great Britain

THE ROLE OF CYBER IN THE RUSSIA-UKRAINE CONFLICT WITH WASEEM AWWAD

The horrific conflict that has raged in Ukraine over the past months, has altered people’s points of view and sharpened minds in various sectors including energy and the military. Analysts are eagerly monitoring the Russian assault that has offered significant insight into the role of cyber-attacks in contemporary warfare. 

From NotPetya in 2017 to the SolarWinds supply chain hack in 2020, the Russian government has been supported in several high-profile incidents. Therefore, it seems the Russian state-sponsored cyberthreat actors would play a significant role in the fight.

But because cyber warfare is a two-way street, it seems lots of individual hackers and organizations have come to Ukraine’s aid, launching their strikes on Russia.

 To gain some reflection on these developments, we sat with Waseem Awwad, the international cybersecurity consultant, the founder and leader of the elite cyber-SWAT team for sensitive missions around the continents, and he had chaired several cyber-crime investigation committees around the world; for a brief question and answer interview. Awwad discussed the use of cyber-attack in the Russia-Ukraine Conflict so far and what this tells us about its role in modern warfare.

Interviewer: What trends have you noticed in the employment of cyberattacks amid the war between Russia and Ukraine? Has it been as widespread as you may have anticipated thus far?

Waseem Awwad: Spending on cybersecurity was rising even before the Russian incursion. The following countries spend the most on cyberspace in 2021: the US ($2bn), Japan ($665m), the UK ($350m), Germany ($240m), and France ($165m).

Future battles are likely to feature more cyber wars as a result of these increasing investments. This, in turn, is likely to affect cyber risk in both the public and private sectors.

Interviewer: Does the potential for attack exist with digital manipulation?

Waseem Awwad: Digital attacks can occasionally directly affect a battle. An army presents more potential targets the more digital it is. Russian hackers, for instance, have attempted to breach apps that control Ukrainian artillery. Access to geodata may be gained through such an endeavor, which could then be utilized to bomb a specific location.

Interviewer: Russian threat hackers have recently undertaken extremely successful cyberattacks on Ukraine’s vital infrastructure. Why do you think this is not happening now that the two nations are at war?

Waseem Awwad: In the past, Russia has a history of cyber-attacks in Ukraine. And at first, there were reasons to believe that their assault would target crucial infrastructure in Ukraine. On February 15 and 16, distributed denial of service (DDoS) assaults targeted banks and websites of the Ukrainian government. The websites of the Ukrainian legislative and executive branches of government were down on February 23. Several official websites were vandalized in January as well.

Yet, to date, Russian cyber-attacks have, however, had reasonable effect: in 2016, a suspected Russian malware affected Ukraine’s power grid, resulting in the loss of energy for a fifth of Kyiv. Russia used Ukrainian accounting software in 2017 to transmit the NotPetya malware, which caused billions of dollars in damage worldwide.

A Ukrainian chlorine facility was attempted to be shut down in 2018 by a suspected Russian strike. Perhaps the harsh lessons from these attacks motivated the hardening of the security of systems under the control of the Ukrainian government.

Interviewer: The phrase “Russian roulette” comes to mind while discussing cyberwar. What further plans do the Russians have? Are cyberattacks on the horizon as we witness Russian military preparations for the upcoming phase of the assault?

Waseem Awwad: I believe that a cyber response would be the likeliest Russian countermeasure to the economic sanctions imposed by the West. We may be entering a cyber arms race. On the other hand, Russia is showing restraint, at least for now.

Honestly, it is impossible to know. The Economist asserts that the most likely Russian reaction to Western economic sanctions would be a cyberattack. Although Russia, is being cautious for the time being; however, we may be entering a cyber arms race soon. 

Interviewer: Can Hacker attacks in hybrid warfare, decide the outcome of the war?

Waseem Awwad:  We’re discussing a deadly fight, where things blow up and people lose their lives. I’m not sure if information stolen from the Russian Defense Ministry would have a significant impact on how the conflict turned out.  Or is it a smart ambush?

But it is undeniable that Russia engages in hybrid warfare in cyberspace. Along with attack vital IT infrastructure, Russia also seems to be disseminating incorrect information on purpose. Cyber operations were already an element of contemporary psychological warfare before the invasion; the goal was to wage psychological warfare on the opponent.

Interviewer: How successful have counterattacks on online Russian government assets been by volunteer hackers and hacktivist groups? What kind of harm may this do to the Russian government?

Waseem Awwad: Going on the defensive side, 400,000 international hackers offered their services as volunteers to counterattack Russian digital assets, according to Ukrainian officials. By spray-painting antiwar messages on Russian media outlets and sharing information from rival hacking efforts, grassroots activists caused significant disruption.

And for the first time, no single government had strict control over cyberattacks that took place as a result of geopolitical strife. Never have we seen so many unrelated outside entities getting involved in the battle.

Interviewer: Would NATO’s mutual defense clause be activated by a cyberattack?

Waseem Awwad: It appears doubtful that Russia would launch a significant infrastructure attack against NATO members. This is due to the possibility that a cyberattack could be used to invoke Article 5, the mutual defense clause, of the North Atlantic Treaty.

A cyber operation would activate Article 5 if its effects were comparable to those of a kinetic operation. But when it comes to the outcome, the method used is immaterial.