Søk

A year of cyber war: Ukrainian success or Russian failure?

Author : Laurent  Célérier, Executive VP Technology & Marketing

 

The cyber war began well before the land offensive and is continuing to unfold. There’s one certainty: it will continue irrespective of the conflict’s outcome. Cyber strikes have not yet had the expected impact on the conduct of military operations. Is this due to Ukrainian success? A Russian failure? The unsuitability of the cyber weapon in this type of conflict? From now, even if it’s difficult to pierce through the fog of the war (strengthened by information warfare maneuvers), we can draw the first conclusions and envisage the prospects for the Ukrainian conflict and for France.

What is the impact on military operations?

Russian cyber strikes contributed to the initial phase, at the beginning of the offensive, to support land and air maneuvers. These attacks have consisted in particular of website defacement and data leaks to amplify the atmosphere of chaos. They also led to disruption of the Ukrainian forces’ communication with the shutdown of the satellite operator Viasat. Then, they targeted the same infrastructure as kinetic strikes (communication, electricity, and transport) with a much less serious effect.

In parallel to these cyber strikes, the gathering of cyber military information as well as influence maneuvers to unite partisans and weaken the enemy camp have been carried out without it being possible to measure their extent or actual efficacy.

In strictly military terms and based on the open source information available, we can consider that the impact of cyber-attacks on the conduct of operations has been limited. 

Is this due to unexpected Ukrainian resilience?

Ukrainian cyber resistance belied the prognostics: there was no Ukrainian digital collapse, no "cyber Pearl Harbor," nor any spread beyond the theater of operations.

Ukraine has resisted as a result of prior preparation, but above all thanks to support from countries, the private tech sector, and partisans. Doubtless we must take a closer look at this trio of players with complementary attributes. 

Support from countries exceeds simple information and involves American "forward hunting" initiatives in particular, aiming to disable Russian offensive capacities installed beforehand in Ukrainian infrastructure. It is accompanied by the lasting establishment of the United States in Ukrainian networks.

Then, another key player for Ukraine was the private technological sector, American again, which has formed an additional powerful defense, but which also creates complete dependence in future.

Finally, Ukrainian resistance has also relied on the mobilization of partisans, in particular the "IT Army," a more controversial approach with a relatively limited impact, even if was able to "fix" Russian capabilities.

Isn’t it also due to lesser Russian cyber efficacy than expected?

It’s true, the Russians’ use of cyber weapons seems to have soon reached its limits. To have a significant influence on large-scale operations such as in the Ukrainian theater, cyber operations must be conducted at the same pace, which the Russians were not able to achieve past the first few weeks.

Furthermore, it’s noteworthy that the Russian general staff has not always been able to direct the cyber-offensive capabilities with enough precision and forethought for them to have had a significant impact. Conducting a cyber-attack requires time and expertise, which are in essence limited in war time even if Russian cybercriminals have been able to form a supplementary force.

Finally, the Russian government does not seem to have wanted to abandon its information and influence initiatives in its other theaters of operation, in particular in Africa or towards NATO.

What are the other cyber consequences of the war in Ukraine?

We’re seeing the temporary stabilization of malicious attacks (ransomware against companies, worldwide) following the disorganization of groups of Russian attackers and the mobilization of certain parties in the conflict, illustrating the ties between these groups and the government.

We’ve also seen a Russian retreat in its digital and information sphere, limiting the effects of adverse propaganda as well as the risks of internal protest. Finally, influence initiatives have been carried out well outside Russian territory and the Western sphere. This has enabled Russia to benefit from the support of certain governments in a war presented as Western aggression towards Moscow.

What are the cyber prospects in the conflict?

The systemic vulnerabilities of the Russian armies revealed in recent months, such as the anticipation of operations, control of the multi-sensor information cycle or cyber/kinetic coordination will be difficult to mitigate in the short term.

We can therefore expect a concentration of cyber strikes on more occasional and high added-value targets as well as the intensification of strategic information to have levers in future negotiations.

Finally, influence operations should continue by trying to affect Ukrainian national unity, in particular by highlighting internal dissent or military doubts while trying to legitimize the action with non-Western nations.

Should we conclude that the cyber weapon is actually unsuitable for high-intensity conflicts?

The advantages of the cyber weapon are mainly its limited physical lethality, its possible reversibility, its discretion and anonymity, its immunity to distance, its moderate cost in particular in light of its scalability and finally, the possibility to use it at low risk, i.e. without directly exposing troops on the ground.

The disadvantages are the preparation time and therefore the need for anticipation, the level of expertise required both to implement and coordinate it with other military capabilities as well as the lack of guarantees as to its operation and therefore its impact.

These advantages and disadvantages make it an especially suitable weapon in both times of peace and crisis.

Within the framework of a high-intensity conflict, beyond information and influence which remain essential, cyber strikes can be effective if they are perfectly targeted, for example when bombing a strategic site or to neutralize a specific adversary.

Conducting cyber strikes in the same way as artillery or missile strikes, i.e. several hundred a day for months, is, today, out of even the most powerful armies’ reach.

What are the lessons for the future Law on military programming?

We cannot wait for the end of the war to draw the first conclusions and make them part of budgetary programming.

The President of the Republic’s desire to make France a top-ranking cyber nation is a commitment that follows the course of history. This intention should materialize in cyber defensive and offensive capabilities in the strict sense, as well as, and above all, connect with the other military components and the private sector. Finally, this impetus in cyberdefense is as much about transforming the organization of armies and national defense as it is about technology.

Incident Response Hotline

Står du overfor en cyberhendelse akkurat nå?

 

Kontakt vår globale 24/7/365 tjeneste incident response hotline.