Is a Russian cyberwar imminent?
Despite these predictions, the anticipated “shock and awe” Russian cyber campaign in preparation for the invasion of Ukraine never saw the light of day. Moreover, while the conflict will undoubtedly evolve, cyber operations do not seem to play a decisive role on the battlefield.
Surprised? Were not. Academic research explains why cyber operations are poor tools of coercion, whether used independently or as part of conventional warfare.
What clues do previous Russian cyber operations give?
Scientific research details the long history of Russian cyber operations against Ukraine. Russia’s annexation of Crimea in 2014 included cyber operations alongside kinetic operations. Distributed denial of service attacks, for example, have strategically flooded Ukrainian networks to block operations. In 2015, Russia carried out a cyberattack on Ukraine’s electricity grid. And in 2017, Russia launched the data-erasing NotPetya virus, malware that initially targeted Ukrainian servers but quickly spread around the world.
Yet experts who inferred from past Russian behavior that the current conflict would be a “Cyber Pearl Harbor” moment may have learned the wrong lesson. There is little evidence that cyber operations provided Russia with an operational advantage in 2014 – let alone highly synchronized combined arms warfare. And the attack on the electrical network – in the middle of winter – did not cause any fatalities and the service was restored in a few hours.
Russia’s current cyber efforts have had little impact
Many of the recent cyberattacks were aimed at fragmenting Ukrainians’ trust in their government – and these information operations have clearly not been effective. In mid-January, Microsoft and other observers reported that destructive malware, “WhisperGate”, was targeting organizations in Ukraine.
Hacktivists, proxy groups and freelancers moved in quickly – on both sides. Ukraine, which lacks mature offensive cyber capabilities, called on the public to help gather a “computer army”. The Ukrainian government took to Twitter to share a list of Russian targets after that, Belarusian targets.
But Russian ransomware operators also offered their services, threatening retaliation against governments that sought to punish Russia. These seem to be loosely controlled proxy groups, not a unified effort. A Ukrainian member of the Russia-linked Conti ransomware group, for example, reportedly leaked the group’s internal chat logs to counter the pro-Russian effort.
Why is cyber warfare not decisive?
Cyber operations in combat contexts may not be as prolific or decisive as many believe, as demonstrated by evidence not only from Ukraine, but also from Afghanistan, Iraq and Syria. The US military, for example, found that dropping “cyberbombs” on the Islamic State had produced ambiguous results.
Here’s why today’s cyber operations aren’t as simple or as effective as conventional wisdom suggests. First, the global tech sector plays a major role in cyber defense, with companies such as Microsoft, Alphabet and others working overtime to identify threats to Ukraine, patch vulnerabilities and share information. Additionally, in anticipation of Russian cyber action, the US and UK sent cyber defense teams to Ukraine in December. Reports suggest that US cyber mission teams continue to support Ukraine’s cyber defense from Eastern Europe.
Second, preventive actions may have strengthened Ukraine’s resilience. Ukrainians downloaded encrypted communications apps such as Signal and offline maps, but the Ukrainian military also relied on old-fashioned wired communications.
Third, low-cost cyber operations readily available to hacktivists and proxy groups—such as denial-of-service attacks or website defacements—disrupt and distract more than they create tangible battlefield gains. . By contrast, offensive cyber operations designed to shut down another country’s command and control or air defense systems, for example, can be challenging. It takes years of investment and human capital, pre-positioned access points, and a mature, well-resourced organization to plan and execute this type of complex cyber campaign.
And even the most sophisticated offensive cyber operations cannot compete with conventional munitions. It is much easier to target the enemy with artillery, mortars, and bombers than with exquisite, fleeting cyberpower. Cyber vulnerabilities notwithstanding, it is much easier for Russia to launch an artillery barrage at an electrical substation than to hack it from Moscow. Perhaps an example is the Russian airstrikes on a Ukrainian television tower.
Could cyber gaming change?
The cyber dimension of this conflict may yet change, of course. But the fact that cyber operations are not always easy, cheap or effective in managing large-scale destruction means they are unlikely to produce the watershed moment in modern warfare that many anticipated.
However, cyber weapons can be used outside the battlefield. There is always a risk that Russia will carry out retaliatory cyberattacks against the United States and its allies. Russia has likely already pre-positioned access it could exploit to carry out disruptive attacks. There is a long history of countries – including Russia – reacting in cyberspace to actions such as sanctions and indictments.
More importantly, cyber experts might miss the forest for the trees, given the large-scale interstate war that is currently unfolding. The success or failure of cyber warfare theories is of minimal relevance given the humanitarian catastrophe and heavy toll the fight inflicts – not to mention the risks of nuclear war.
Erica D. Lonergan (née Borghard) is an assistant professor at the Army Cyber Institute and a research fellow at Columbia University’s Saltzman Institute of War and Peace Studies.
Shawn W. Lonergan is a U.S. Army Reserve officer assigned to the 75th Innovation Command.
Brandon Valeriano is a senior fellow at the Cato Institute and a distinguished senior fellow at Marine Corps University.
Benjamin Jensen is Professor of Strategic Studies at Marine Corps University’s School of Advanced Warfighting and Senior Fellow for Future War, Gaming, and Strategy at the Center for Strategic and International Studies (CSIS).