Ukraine at D+27: Warnings of Russian cyber escalation as its army falters.
N2K logoMar 23, 2022

As US and UK warnings of possible Russian cyberattacks continue, Russia's Foreign Ministry offers a stop-me-before-I-kill-again excursus on the risk of cybercrime.

Ukraine at D+27: Warnings of Russian cyber escalation as its army falters.

The British Ministry of Defence (MoD) continues to follow Russia's special military operation in Ukraine, and it continues to see not only a failed invasion, but a failed occupation in the limited territory Russia has been able to bring under its military control: "The Ukrainian civilian population in Russian-occupied cities continues to protest against Russian control. Russian efforts to subdue the population by manipulating the media, spreading propaganda and installing puppet, pro-Kremlin, leaders have so far failed. Russia will probably respond to these failures by employing increasingly violent and coercive measures in an attempt to suppress the Ukrainian population." That protests have continued even after Russian forces have begun to open fire on the demonstrators, as the BBC reports they did in Kherson, is striking.

As the slow reduction of Mariupol continues, the AP reports that Russian forces have blocked humanitarian aid from reaching the city. Elsewhere, the Telegraph reports, Russian forces continue to experience tactical reverses. Komsomolskaya Pravda has said it was "hacked" when it reported that Russia's Ministry of Defense had disclosed casualty figures. Task and Purpose has linked to an archive of the original story, relevant sections of which are translated as follows: "The Ministry of Defense of the Russian Federation refutes the information of the Ukrainian General Staff about the alleged large-scale losses of the RF Armed Forces in Ukraine. According to the Ministry of Defense of the Russian Federation, during the special operation in Ukraine, the Russian Armed Forces lost 9861 people killed, 16153 people were injured." It's either a hack, or a misstep into inadvertent truth-telling, or an insight into what Russia's Ministry of Defense considers "large-scale losses."

US warnings of impending Russian cyberattacks.

US President Biden's warning, Monday, that Russia was likely to engage in cyberattacks against the US, continues to draw attention. Deputy National Security Advisor Anne Neuberger clarified the President's statement: “As the president has said, the United States is not seeking confrontation with Russia. But he has also said that if Russia conducts destructive cyberattacks against critical infrastructure, we will be prepared to respond.” National Security Advisor Jake Sullivan discussed some of the implications such an attack might have for NATO's collective defense agreement: "We could see circumstances wherein which a collective response by the alliance to a cyberattack would be called by an ally. That is absolutely something we and other countries could bring capacities to bear to help a country both defend itself and respond to a particular cyberattack." The FBI reports seeing signs of battlespace preparation against US energy providers, and the US Cybersecurity and Infrastructure Security Agency (CISA) continues to recommend that organizations take appropriate precautions.

The US has emphasized the importance of taking basic steps to improve cyber defenses and organizational resilience, Federal News Networks reports. "There is evolving intelligence that Russia may be exploring options for cyberattacks against the United States, CISA Director Jen Easterly told a session with critical infrastructure operators and stakeholders yesterday. Her comments came at the beginning of a three-hour session that CISA was quick to make public. That's not, as Easterly commented, exactly shocking news, but she emphasized the importance of taking appropriate precautions against such attacks. In an apparent nod to the military proverb that those who defend everything defend nothing, she said that CISA was focusing on the "lifeline sectors," that is, communications, transportation, energy, water, and financial services. That last sector is of particular concern, Easterly said, because it seems a likely target for Russian retaliation for the heavy sanctions most of the world has imposed on Moscow for its war of aggression against Ukraine.

Thus the public US response to the Russian cyber threat (which has yet, as many observers have pointed out, appeared with the high intensity that had been widely expected) is essentially expressed by CISA's Shields Up alert.

The UK's National Cyber Security Centre (NCSC) has seconded the White House warning. "In heightened periods of international tension all organisations should be vigilant to cyber risks, and for several months the NCSC has been advising organisations to bolster their cyber security," the Centre posted. "The NCSC has already published actionable guidance for organisations to reduce their risk of cyber compromises. While the NCSC are unaware of specific, targeted threats to the U.K. resulting from Russia’s illegal invasion of Ukraine, we recommend organisations follow this advice as a priority." That published guidance has much in common with CISA's Shields Up.

Russia's response to US and UK warnings against a Russian cyber threat.

Reuters quotes Kremlin spokesperson Dmitry Peskov as saying, "The Russian Federation, unlike many Western countries, including the United States, does not engage in state-level banditry." His contention, of course, is both pro forma and absurd: Russian privateering and direct state cyberattacks have been notorious données in cyberspace for two decades.

Andrey Krutskikh, a diplomat with a background in arms control who presently serves as director of the Russian Foreign Ministry's Department of International Information Security, struck a more statesmanlike tone than did Mr. Peskov. In an interview with Newsweek, Mr. Krutskikh pointed out the way in which cyberspace had become an international commons, and the importance of all sides working together to secure its beneficial use for all. "Modern life is impossible without information and communications technologies (ICTs)," he said. "They determine our well-being, security and survival. Relying on them, we can become richer or lose all our savings. They are transboundary and almost all-mighty. Amidst this reality the main task is not to frighten each other with digital means, but to try to reach agreements before it is too late."

He said that cyberattacks were particularly likely to drive escalation of any conflict. "A cyberattack, be it accidental or intended, including [one] perpetrated under false flag, can easily trigger escalation between states, leading to a full-scale confrontation. Ensuring international information security, therefore, becomes one of the key factors that directly influence strategic stability."

Mr. Krutskikh pointed, with open-eyed innocence, at the ways in which cybercrime had contributed to international mistrust: "Hacker groups tend to target their activities at big businesses, banks and financial institutions, Traditional principles of entrepreneurship collapse. The dependence of humanity on ever evolving ICTs makes all of us vulnerable to threats of their malicious use. Further progress is impossible without ensuring cybersecurity." The difficulty of attribution induced by the anonymity so often achieved in cyberspace makes cybercrime all the more problematic for international relations. (He might have added "deniability" to "anonymity:" Russian operators have long used deniable assets to inflict damage on adversaries in cyberspace.)

"An imaginary enemy will mislead efforts to fight the real one," Mr. Krutskikh said. "In these circumstances cybercrime is frequently used to disguise attacks against critical infrastructure, undermine political and economic situation of governments. An abrupt cut in electronic communications in areas like healthcare, water, sanitation or energy is equal to an emergency situation that can entail severe consequences and even loss of people's lives." This, of course, is exactly the sort of attack Washington's recent warnings anticipate.

And, of course, he regretted the West's failure to take up the four points President Putin proposed in Geneva in 2020. "The danger is that a global ecological, anthropogenic or socio-economic disaster can be provoked in cyberspace by a political miscalculation, negligence or, as Senator J. William Fulbright once wrote, by 'arrogance of power,'" he said, adding that in 2020, "We were clear and candid with the suggestion to undertake concrete steps that would contribute to better security and trust." Alas, "there was no concrete reaction to our proposal."

Thus, whether one takes the vinegar from Mr. Peskov or the honey from Mr. Krutshkikh, either way it's all Washington's fault. And London's, too. And probably the fault of Paris, Berlin, Brussels, Rome, etc. Not the fault of Moscow.

Elsewhere, Deputy Foreign Minister Sergei Ryabkov said Tuesday that Russo-American relations were at a breaking point. “Yesterday, a note of protest was handed over to the American ambassador, noting that what was happening has put relations on the verge of breaking off.” He explained, "They," that is, the Americans, "must stop issuing threats against Russia."