Russia’s takeover of the Crimean peninsula has been accompanied by a elements of an information-control campaign: Telecom cables connecting that region to the rest of Ukraine have been severed, and the Russian government has moved to block Internet pages devoted to the Ukrainian protest movement.
But so far there is no public evidence of more serious cyberattacks against military or government institutions. Indeed, Russia may need to tread a fine line with such tactics, since they could be seen as acts of war under evolving military doctrine. A report from a NATO group chaired by Madeleine Albright has said that if NATO infrastructure were the victim of a cyberattack, it could lead to a physical response such as a bombing.
So far, anyway, “Russia has limited themselves to the things they usually do in the onset of a conflict to try to shape opinion, stifle critics, and advance their own viewpoint,” says James Lewis, director of the Center for Strategic and International Studies, a think tank in Washington, D.C. “They are doing the informational side, which is the opening move in the playbook.” Over the weekend, though, Ukraine’s national telephone company, Ukrtelecom, said that unknown vandals had seized telecommunications nodes and cut cables, severing much of the data and voice links between Crimea and the rest of Ukraine.
Info-war tactics have been seen on the Ulrainian side too. Also over the weekend, someone sympathetic to the Ukrainian cause managed to hack the Russian government’s English-language news organ, Russia Today, and substitute the word “Nazi” for “military” in some headlines, with results such as “Russian Senators Vote to Use Stabilizing Nazi Forces on Ukrainian Territory.”
The region has a colorful history of cyberattacks against smaller states and organizations seen as opposing the Kremlin. In Estonia in 2007, the local government antagonized Russia by relocating a bronze statue commemorating Russian soldiers. A flood of attacks against government, media, and telecom websites in Estonia followed, paralyzing them for weeks. (The attacks were “denial-of-service” events, flooding servers with page requests to overload them.) The Russian government denied responsibility, saying “patriotic hackers” were to blame.
In 2008, similar events played out when Russia invaded South Ossetia, part of the neighboring republic of Georgia. Again, the attacks—on sites associated with government offices and the embassies of the United States and United Kingdom, among others—could not be provably linked to Russia’s government (see “Georgian Cyberattacks Traced to Russian Civilians”).
Ukraine may be something of a different case. Both Ukraine and Russia are well-known centers of international cybercrime, and both are home to talented computer engineers. But for whatever reason, this sort of mass cyberattack is not happening. “In Georgia you had cyber incidents coördinated with military operations. But the Russians haven’t done that here,” Lewis says. “If violence breaks out in the Crimea, I think they will bump it up a notch.”
The events provide a way for the United States to see what Russia’s cyberwar capabilities are, says Stewart Baker, a former policy chief at the U.S. Department of Homeland Security and now a lawyer in private practice. “From the U.S. point of view, it is an opportunity to watch one country that has integrated cyber [tactics] into their military–Russia–and see what their current doctrines suggest they do,” he said. “But it may be they have decided they don’t need to show what they’ve got, and won’t do it.”
Four years ago, Vladimir Sherstyuk, a member of Russia’s National Security Council and director of the Institute for Information Security Issues at Moscow State University, boasted of significant capacities. “Cyberweapons can affect a huge amount of people, as well as nuclear,” he said in an interview with MIT Technology Review (see “Russia’s Cyber Security Plans”). “But there is one big difference between them. Cyberweapons are very cheap—almost free of charge.”