Alongside the air raids, the bombing of infrastructure and the approach of armoured vehicles to the capital, the invasion of Ukraine is underway in cyberspace. Silent and invisible, this fight may not arouse fear or passion, the two emotions that move history, but it could be decisive for all the protagonists of this war – including NATO.
In fact, the cyberspace invasion preceded the ongoing takeover, as Ukraine has become, over the past decade, the preferred laboratory for Russian hackers.
On the day of the 2014 presidential elections, for example, malicious software was introduced into the National Elections Commission, with the aim of declaring the winner of the far-right candidate rather than Mr. Petro Poroshenko. Back in 2017, one of the most devastating cyberattacks ever left citizens unable to withdraw money from banks, canceled medical appointments and disrupted transport, energy and communications. NotPetya, as it became known, was compared to an act of war and caused global damage estimated at 10 billion dollars.
In this virtual front of the conflict, it is important to consider that the most important allies may not even be the States. In the last few weeks alone, Ukraine has recruited an army of programmers through Telegram, which will now have around 400,000 personnel that carry out specific missions such as protecting critical infrastructure, sabotaging Russian navigation systems and denouncing enemy propaganda on social media. The country’s self-defence also counts on the support of companies, which assumed to be a non-neutral part in the conflict. The case of Microsoft, whose operating system is a leader in the region, and which has already announced a “close collaboration” with Kiev, NATO and the European Union.
In any case, and at least so far, experts agree, with some astonishment, that Russian cyber aggression has been relatively moderate. There is no consensus however on the possible reasons why we have not yet seen a “digital Pearl Harbor”: Kremlin programmers may be focused not on assault, but on spying, to try to anticipate the West’s response; Moscow may have dispensed with massive cyberattacks because it was confident of conquering Kiev within days; or else, since cyberspace does not have well-defined borders, Putin could be avoiding the risk of a major digital offensive slipping into NATO space, as happened with NotPetya. In a recent Washington Post event, the chairman of the US Senate Intelligence Committee even stated that: “if US troops and a truck collided in Poland, because the power grid had been disconnected, we could be very close to Article 5. ”
Ukraine has become, over the past decade, the preferred laboratory for Russian hackers.
A sign that cyberspace will play a more prominent role in the war is the entry of Kiev into the NATO Cyber Defense Center. On the Ukrainian side, an authentic “digital intifada” on the part of the exiled resistance is also anticipated. Once inside the Russian border, circumventing economic sanctions is now an imperative and one of the few lifelines available floats in the deregulated underworld of cryptocurrencies.
And speaking of regulation, it is not surprising that the main effort of the United Nations to draft its first convention against cybercrime was also shaken by the Russian invasion. “How do you want us to negotiate with a country that lies and violates international law in this way?”, asked the European Union right at the start of the work, in which our Center is participating. During the first round of negotiations, which ends today in New York, it was still possible to approve the structure and scope of action of the future treaty. But always on the basis that “nothing is awake until everything is awake”.
Center for Cooperation in Cyberspace 