Russia's cyber cold war
Should we really feel threated by Putin’s cyber arsenal? Shouldn’t we feel more threated by Kim Jong Un’s nukes? Here there are quite a few reasons.
- Thursday, 25 May 2017
On April 27, 2007, the Estonian Parliament took the decision to remove an old Soviet-era monument in Tallinn. A few hours later, a never-before-seen cyber-attack knocked the country's Internet: the websites of the parliament, banks, ministries and media crashed. Estonia is perhaps the most digitalised country in the world. The whole nation was paralyzed for hours.
On August 7, 2008, another impressive cyber-attack put Georgia's government, banking and media sites in place. Another former Soviet state. A few hours later, Russian tanks crossed the border and invaded South Ossetia, the Georgian region with strong Russian ethnic presence. Georgian response was slow, government was in trouble, information hardly circulated, there was confusion in all the country.
It is the first case of a cyber-attack combined with a conventional war between sovereign states.
It will not be the last.
On December 24, 2015 hundreds of thousands of Ukrainians in the Ivano-Frankivsk region remained in the dark for a power failure. It was soon discovered that it was not a physical failure, but the result of a malware attack to the network, carried out through theso called Black Energy software. This was the first case that made clear howa cyber-attack can have practical effects on infrastructures.
Since 2014, Ukraine has been engaged in a war against the eastern separatists supported by Russia, which at least in a couple of episodes (the battles of Ilovaisk and Debaltseve) intervened directly with its own armed forces.
By the end of 2016, computer networks in several Ukrainian institutions suffered more than 6,000 attacks. The Ukrainians feared that the Georgia scenario of 2008 was being re-presented.
And then we come to our day, with hackers offensive during the US and French presidential campaigns.
The Russian cyber arsenal experience is unparalleled.
Putin's willing hackers
I received various criticisms when I wrote - in October 2016 - an article titled "How Russia became a cyber superpower". I was told it was not so. That hacking capabilities of the United States, China and even Israel - to cite some cyber powers - are far superior to the Russian ones.
I don’t know, it may be. But what cannot be denied is that no country in the world, not even the US or Israel, can boast a cyber warfare experience like Russia has been able to accumulate over the last ten years.
It is true that Moscow was at a disadvantage, but made a quantum leap.
When between the 90s and 2000 other countries were investing millions in cyber warfare, Russian institutions were at the digital age of stone. In the same years, however, crowds of youngsters spent their teenage years in the air stale of internet cafes scattered in the basements of Russian cities, was actually growing a generation of geeks able to exploit the web in a not so legal way, out of boredom or for money. No IT or developers - not only, at least – but just hackers.
This is how Russia became the largest and most advanced marketplace for hacking services in the world. A report published in 2012 by Trend Micro, a security company, already warned on the level reached by Russian hackers and ease of access to their services. A DDoS attack such as the one that in 2016 paralyzed several Internet giants such as Twitter, may cost $30 to $70.
A cyber cold war?
It was around the end of the years 2000 that the Russian government realized that it could have taken advantage of these groups of cyber criminals, financing them, motivating them politically and integrated cyber operations in its military doctrine against both external and internal threats. Unlike China, which has focused on a form of rigid censorship based on firewalls and Human Flesh Search Engine, the control on digital dissent in Russia has been assigned to the willing Putin’s youth: Web brigades, Team G, army of trolls. This has created an even more fertile ground in which to grow young talented hackers, eager to get in the government service, for money or ideology.
Russia has a broad concept infowar, a concept that goes beyond just cyber warfare and includes intelligence and counterintelligence, disinformation, electronic and psychological warfare, debilitation of communications and propaganda.
The actions, as seen so far, range from DDoS attacks on former Soviet countries to give them a lesson and warn them of the risks they are running, to leak of information to create disagreements between allied countries (notably the one where the then US deputy State Secretary Victoria Nuland said "fuck the EU" to then-US ambassador in Kiyvin the midst of the Maidan), to trolling activities.
In this sense, DDoS attacks, electronic espionage and Russia Today's programs are the same thing.
Maybe it's true. There is a war already in progress between Russia and the West. A war fought with codes and software strings, to conquer not soil but servers. It is the cyber cold war of the twenty-first century.