People die because of cyber wars, even if no bullets are ever fired. Instead, they die in emergency rooms that no longer have power, from broken medical communication networks, and from riots. All of this has happened before. It will happen again. And now, with Russia poised to invade Ukraine and Russian cyberattacks already in motion, we can only hope and pray that what promises to be the first major European war since World War II doesn’t spark the next World War.
If it does, I fear the proximate cause won’t be Russian T-90 main battle tanks trying to smash their way into Ukraine’s capital, Kyiv. It will be the Russian GRU Sandworm hacking group launching a cyberattack that perhaps wrecks the European Union power grid; or knocks out major US internet sites such as Google, Facebook, and Microsoft; or stops 4G and 5G cellular services in their tracks.
Sound like something out of a modern-day Tom Clancy novel? I wish. This is all too real.
Last week, the US Cybersecurity and Infrastructure Security Agency (CISA) gave notice that critical infrastructure operators should take “urgent, near-term steps” against cyber threats. It’s not so much a fear that Russia will target US or UK technology resources as it is that in the past, when Russia has gone after Ukraine’s IT infrastructure, the attacks hit the West, as well.
Malware doesn’t care about borders. Past malware such as NotPetya and WannaCry began as nation-state attackware then quickly went well beyond their original targets. To this day, they’re still causing trouble.
That caught headlines, but it was purely a psychological attack.
The real attack, Microsoft revealed, was that destructive malware had been injected into multiple Ukrainian government organizations on Jan. 13. The Microsoft Threat Intelligence Center (MSTIC) reports that these programs masquerade as ransomware but they’re purely destructive and designed to ruin computers and devices rather than extort a ransom. Microsoft also warns that these programs are only the malware they’ve detected. There are almost certainly others not yet discovered.
Russia has made such attacks (and others) before on Ukraine. Indeed, in 2016, Russia turned off Kyiv’s power supply. It’s a lead-pipe cinch they’ll try again.
When — not if — they do, these attacks may well hit targets Russia never meant to smack.
Or maybe Russia will want to attack Western infrastructure. Unlike the Trump Administration that kowtowed to Russian President Vladimir Putin, US President Joe Biden is pushing back against Russia’s aggression. And he’s not alone. The other NATO powers are also telling Putin that enough is enough.
While I doubt this means we’ll see the 82nd Airborne deploying along the Dnieper River, cyberattacks are another matter entirely. After all, as President Biden said in his Jan. 19 news conference, the US could respond to future Russian cyberattacks against Ukraine with its own cyberwar resources. In a “hack-for-hack” world, the internet we know and use every day isn’t likely to hold up for long.
Russia has already been attacking the US on the internet. These attacks tend not to be noticed since they blur into American politics. There’s often little difference between a social network message from a rabid, but sincere, Trump supporter and one from a Russian (Internet Research Agency) IRA troll factory.
But what we’re facing now is an entirely different level of cyber warfare. It’s also one that Russia’s been doing for quite some time. In the last few decades, besides Ukraine, Russia has attacked Estonia and Georgia.
More recently, “58% of all cyberattacks from nation-states have come from Russia,” said Tom Burt, Microsoft corporate vice president. For example, the US and UK blame the Russian Foreign Intelligence Service (SVR) for the huge SolarWinds software supply chain attack. As Burt pointed out, Kremlin-backed hackers are becoming “increasingly effective.” That’s no surprise. After all, Russian agents have been at it for years.
Even if you can’t find Ukraine on a map, things happening there are all too likely to affect all of us everywhere soon.
Copyright © 2022 IDG Communications, Inc.