How Russia Has Turned Ukraine Into a Cyber-Battlefield

Every day brings ominous new signs of an imminent Russian invasion of Ukraine. Moscow has amassed over 100,000 troops on the Ukrainian border, withdrawn the families of diplomats from the Russian embassy in Kyiv, and deployed troops to neighboring Belarus for unplanned joint military exercises with the Belarusian military, suggesting that it could attack Ukraine on multiple fronts.

Eight years after Russia annexed Crimea and supported a secessionist movement in eastern Ukraine, Russian President Vladimir Putin looks poised for yet another incursion into Russia’s western neighbor. In response to sustained Russian aggression, Kyiv has grown increasingly close to NATO, which has supplied the Ukrainian military with weapons, tactical support, and military advisers. Putin now seeks to halt the alliance’s eastward expansion and to secure Russia’s near abroad, re-creating the sphere of influence once enjoyed by the Soviet Union. Washington’s efforts to broker a peaceful resolution to the standoff have so far failed—and Moscow has continued its apparent march toward war.

Any Russian attempt to take over Ukraine is unlikely to be confined to traditional military domains, however. It will probably also play out in cyberspace, where Moscow has been waging a relentless campaign against Ukraine for nearly a decade already. Since 2014, hackers affiliated with the Russian government have interfered in Ukraine’s elections, targeted Ukrainian government agencies and private-sector companies with destructive malware, and carried out cyberattacks against electric utilities that caused widespread power outages. In recent weeks, the Ukrainian government has been hit by a series of cyberattacks—possibly conducted with the support of the Kremlin—that defaced government websites and wiped out data on some government computers. Hackers took over the websites of numerous departments and agencies, including that of the Foreign Ministry, leaving a threat to leak private data and an ominous warning to the Ukrainian public: “Be afraid and expect the worst.” 

Operations in cyberspace will not by themselves be enough to achieve Putin’s ultimate objective of bringing Ukraine firmly into Russia’s sphere of influence and preventing NATO from expanding into Russia’s backyard. For that, Putin will need to use conventional military means. But cyber-operations can give Moscow a battlefield advantage, frustrate Ukrainian efforts to respond militarily to an invasion, and sow division and confusion among the Ukrainian public—all of which bodes ill for Kyiv.

CYBER-ADVANTAGE

In the event of a full-scale invasion, Russia is likely to conduct three types of campaigns in cyberspace to support its military objectives: intelligence gathering operations, operations aimed at disrupting or deceiving the Ukrainian military, and psychological operations against the Ukrainian public. The first would seek to monitor Ukraine’s military operations. By tapping communications between Ukrainian military units, Russian intelligence agencies could access unfiltered information on Ukrainian troop deployments, defensive tactics, and other battlefield logistics.

In addition to giving Russia a military advantage, this type of cyber-espionage operation could also help Russia prepare for an eventual occupation of parts of Ukraine. By infiltrating Ukrainian national police databases, Moscow could identify and neutralize potential leaders of a future insurgency, for example, or pinpoint Ukrainian citizens who might be willing to collaborate with Moscow in a future pro-Russian government. In fact, Russia is probably already conducting some of these operations in preparation for a potential conflict.

Second, Russia would likely use cyberspace operations to deceive the Ukrainian military or disrupt its operations. For instance, Russian hackers could target the Ukrainian forces’ command-and-control networks, including both its wireless and wired communications networks, making it difficult for Ukrainian military leaders to coordinate troop deployments or efficiently mobilize reservists and volunteers. Moscow could also disrupt major Ukrainian telecommunications providers or target the digital databases of the Ukrainian military’s logistics hubs, undermining Kyiv’s ability to distribute equipment and provisions to soldiers and aid to civilians. Or hackers could attack Ukrainian air traffic control networks, disrupting civilian flights and impeding international support and aid for Ukraine.  

When it comes to cyberdefense, the best time for preparation is yesterday.

Finally, Russia could conduct psychological operations to sow confusion and doubt among the Ukrainian population, thereby eroding the public’s will to resist Russian aggression. Moscow could launch a cyberattack against Kyiv’s power grid, for instance, leaving millions of people without heat or electricity in the dead of Ukraine’s brutally cold winter. Or it could attack Ukraine’s financial system and make it difficult for civilians to buy groceries with a credit card or withdraw cash from an ATM.

Russian attacks on media outlets could cause news blackouts and impede the Ukrainian government’s ability to communicate directly with its citizens, sowing additional uncertainty and fear. Moscow could also inject false reports and rumors into informal civilian information networks, such as WhatsApp groups, to cause panic or prompt people to flee strategic areas. It could even disrupt Ukraine’s emergency communications systems, preventing firefighters, medics, and police officers from responding to emergencies or setting off air-raid sirens or shelter-in-place notifications at random.

Moscow may not do any of these things. Indeed, a Russian invasion of eastern Ukraine would likely succeed even without the help of cyberattacks. But Moscow’s consistent use of cyber-operations against Ukraine in recent years suggests that it is likely to attack across the full spectrum of military domains. Taken together, such operations would send a powerful signal to Ukrainian leaders and citizens alike that resistance is futile—and that Russia is both omnipresent and omnipotent.

ANALOG DEFENSE

What can Ukraine do to shield itself from a possible Russian cyberoffensive? Unfortunately, not very much this late in the game. When it comes to cyberdefense, the best time for preparation is yesterday. If Russia has already laid the groundwork for a campaign of cyberattacks against Ukraine, it is probably too late for Ukraine to completely defend itself. Even with the best defenses in place, Ukraine would likely suffer at least some damage to its Internet-connected infrastructure, although it is impossible to know in advance how extensive that damage could be.

In this respect at least, the message from the hackers who took over the Ukrainian Foreign Ministry’s website contains a kernel of truth: Ukraine should prepare for the worst. At this stage, Ukrainian military and civilian leaders should focus on making the country better able to weather cyberattacks—for instance, by making plans for the government and the military to fall back on noncomputerized systems in the event that Russian cyberattacks disrupt their networks.       

This will require not only extensive preparation but also a healthy dose of creativity. There are, however, some promising signs that Ukraine is thinking outside the box. The New York Times recently reported that Ukrainian troops were salvaging crank-powered World War II–era field telephones to evade high-end Russian electronic surveillance systems. As anachronistic as this may seem, it is exactly the kind of tactical sophistication that is needed to withstand an attack from a more technologically sophisticated enemy.

Such considerations point toward a broader truth about the role of cyberspace operations in modern military conflicts: there is no such thing as a pure cyberwar. There is just war, fought with a range of tools across a range of domains. In this respect, cyberattacks are not even a separate front in an otherwise conventional conflict but rather an extension of warfare itself.