Connect with us

Hi, what are you looking for?



Russian Cyber Restraint in Ukraine Puzzles Experts

The absence of any crippling Russian cyberattacks against Ukraine is puzzling experts, but they warn that low-level assaults may be coming, including against the West in retaliation for sanctions.

The absence of any crippling Russian cyberattacks against Ukraine is puzzling experts, but they warn that low-level assaults may be coming, including against the West in retaliation for sanctions.

Even before Russian troops poured across the border into Ukraine last month, Western observers had warned of massive attacks on Ukraine’s IT infrastructure, likely launched by Russian government agents or, by proxy, private hackers which give the government plausible deniability.

The entire range of cyberattacks is within Russia’s capabilities, from blocking banking systems, shutting down power grids and cutting the water supply, to sabotaging communication networks.

Hackers close to the government have in the past targeted corporate IT structures, government websites, planted ransomware and plundered sensitive data as part of espionage efforts, experts say. But in the war against Ukraine, the order for all out cyber-war does not appear to have been given or, if it was, has not translated into much success.

– ‘You don’t burn it down’ –

The most likely explanation is that Russia had been hoping for a quick victory without needing to resort to sophisticated and hugely damaging cyberattacks that require long preparation, according to Jason Blessing, a cybersecurity expert at the American Enterprise Institute (AEI).

“Strategic context is critical for unpacking the use of cyber operations,” he said.

Advertisement. Scroll to continue reading.

[ Read: Russia-Ukraine: Threat of Local Cyber Operations Escalating Into Global Cyberwar ]

“If your plan is to instal a puppet government, the last thing you want to do is obliterate Ukraine’s communications networks and other critical infrastructure.”

But President Vladimir Putin’s presumed plan to take Kyiv quickly and set up a Moscow-friendly regime was thwarted by a combination of Ukrainian resistance and the Russian army’s structural weaknesses.

Despite early setbacks, experts say Russia still sees political control of Ukraine as its ultimate aim and does not want to destroy more of the target country than needed to achieve that objective.

“When you think you’re going to take over the house, you don’t burn it down,” said Jim Lewis, who directs the Strategic Technologies programme at the Center for Strategic and International Studies, a think tank.

“This may change now that things are going so badly but the original reason is they thought it would be a quick victory and they wanted to maintain an intelligence advantage” by tapping into Ukrainian communications, he told AFP.

– ‘Know them intimately’ –

If Russia does decide to go after Ukraine’s networks, it will be helped by the fact that they are mostly Russian-made.

“They know them intimately and that gives them stupendous abilities to hack,” Lewis said.

Meanwhile the West is also bracing for possible Russian cyber-reprisals for sanctions, with experts agreeing however that Moscow would keep those limited so they do not come under the definition of acts of war.

“Russia will certainly punish us for what it believes we’ve done,” said David Stupples, a military intelligence specialist at City University London.

He said this would remain at the “nuisance” level rather than “taking down services” which could be considered as an act of war, Stupples said.

“But that nuisance level will be very high indeed,” he said. Last week, private cybersecurity company Mandiant said there could be cyber actions against western targets to find out what governments are planning against Moscow.

“Mandiant anticipates that Russian action against the financial sector outside of the conflict zone will include cyber espionage to gather information about implementation of Western and international sanctions,” it said.

To that end, Russian intelligence services “almost certainly have the ability to coopt criminals residing within Russia”, it said.

Government agencies, financial companies, energy utilities, service companies as well as transport and logistics faced increase risk of hacking, it said.

But Russia is sure to tread carefully, as any major cyber attack could trigger a response by NATO which, under article 5 of its treaty, considers an attack on any member as an attack on all of them.

Meanwhile Western governments are deploying their own cyber arsenal, some of it in direct aid to Ukraine, with the US dispatched soldiers of the US Cyber Command to eastern Europe, said Alexis Rapin, an expert in multi-dimensional conflict at the University of Quebec.

“From what we understand they are spying on hackers working for Russian intelligence so they can warn the Ukraines of any cyberattacks being prepared,” he said.

RelatedRussia, Ukraine and the Danger of a Global Cyberwar

RelatedRussia vs Ukraine – The War in Cyberspace

RelatedTalking Global Cyberwar With Kaspersky Lab’s Anton Shingarev


RelatedTalking UK Cyberwar With Sir David Omand

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content


WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...


Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet


On the first anniversary of Russia’s invasion of Ukraine, cybersecurity companies summarize the cyber operations they have seen and their impact.


Ask any three people to define cyberwar and you will get three different answers. But as global geopolitics worsen and aggressive cyberattacks increase, this...


The war in Ukraine is the first major conflagration between two technologically advanced powers in the age of cyber. It prompts us to question...


Russian espionage group Nomadic Octopus infiltrated a Tajikistani telecoms provider to spy on 18 entities, including government officials and public service infrastructures.

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...