Cyber forces heat up the Crimean ‘Cold War’: Will our ‘dykes’ hold out?
There’s no escaping the growing tensions in Ukraine. A conflict on many levels has taken a violent, military turn. The digital dimension took center stage during previous conflicts involving Russia in the former Soviet space, such as with Estonia and Georgia: these conflicts are also referred to as representing the birth of cyberwar. Consequently, they have played a key role in the formation of the current cyber doctrines and the digital forces in the U.S. and in this country.
Russia and Ukraine have long been front-runners in cyberwar and cybercrime activities. It is, given the current tensions – especially with the earlier digital escalation of Moscow’s political disputes with Tbilisi and Tallinn in mind – therefore very likely that cyber-battles are already raging. Yet the cyber dimension has so far been virtually absent from the reporting to date. With the current logic of cyber warfare as a key conflict domain, and given the capabilities of these two cyber heavyweights, something should be going on. That could mean one of two things: either cyber conflict falls through the cracks of the news cycle, or there is simply no cyber dimension, at least for the moment.
What can be learned after further investigation is that actual cyber-attacks are occurring, but don’t yet seem to be in full effect. U.S. military researchers at the U.S. Army Cyber ??Command view current events as a sophisticated build-up towards a knock out. The question for the Netherlands is whether the cyber conflict will spread. The power struggle between Kiev and Moscow may develop further, yet both parties seem to have no appetite for old-fashioned, all-out war. Its the digital dimension that offers a path, alongside the diplomatic maneuvering, for targeted operations to hurt opponents.
Current indications point to Anonymous operations responsible for temporarily knocking out Ukrainian and Russian government websites and leaking documents in an attempt to embarrass Putin. Simultaneously, an obscure movement against the new power in Ukraine moves to depict them as Nazi’s and Fascist’s. They aim to sabotage the online networks of action groups formed from the Maidan square protests. Spill-over towards the West is already visible from this movement, going under the name Anonymous Ukraine, with attacks on Polish systems.
NATO territory therefore is embroiled in the encounter, albeit on a limited, virtual scale. It is plausible that if the crisis drags on, the operations in the cyber domain may follow a more state-centric and devastating scenario. If they don’t, we’ll have learned something about the control the Kremlin exercises over its hacker population.
In many areas this confrontation will affect innocent bystanders. That might even be you and your infrastructure. Nonetheless, some time to prepare exists. In the cyber domain a rule-of-thumb holds that you don’t need comprehensive security, just sufficient security to out-perform your neighbours. This axiom does not hold up when an Advanced Persistent Threat (APT) enters the equation. Industrial systems processed by Supervisory Control and Data Acquisition systems (SCADAs) are one example of valuable but vulnerable targets easily exploited and remotely controlled by a well-equipped attacker. When such determined efforts to attack an opponent transpire, it may sent shock waves of collateral damage over connected businesses and infrastructures.
It would be more than wise to have an eye on Dutch interests in this risk-filled, continuously changing digital sphere. Many government budgets are kept afloat by the promise of doing something with cyber security, so, quite reasonably, a return on investment for this public money is expected. Primarily, we’d expect the National Coordinator for Counter-Terrorism and Security (NCTV) to inform of threats and coordinate a response, in this case by means of the cyber watchdog, the National Cyber Security Centrum. However, the current level of advice has not moved beyond airing concerns over getting a supported Windows version. Yet their mission statement reads that providing security advice to governmental bodies and vital industries is a priority. Dutch society may wonder what insurance that gives when a sudden escalation takes place. Who, actually, is vitally important enough to hear about it in time?
Perhaps the Netherlands can take solace in that its NATO involvement guards against invasive action. Then again, the ambitiously-phrased Dutch cyber programme has only just gone operational. A symbolic declaration of war by pro-Russian hackers has not been met by a response from NATO – this remains outside of NATO competences. To this day, in crisis situations an institutional ‘see no evil, hear no evil’ mode of operations seems to prevail. National and, even more so, multinational organizations are left to their own devices.
Our banks have already felt the effects of sophisticated malware employed by rogue actors from Eastern Europe, operating with near-immunity from their respective governments as long as they don’t damage national interests. When the notorious Russian Business Network is deployed against our ‘digital dykes’ in a swooping offensive against Western resources, is the latest version of Windows going to protect our assets? Virtually all industries stand to make great losses in both tangible and intangible currencies. Information gives knowledge, knowledge gives power, but when the former is taken away only blind and futile resistance remains.
Therefore the ‘dykes’ will have to be monitored by private efforts. Better yet, build your own dyke, and scale it in accordance with realistic levels of risk. Prevention is key, but you need Situational Awareness to take appropriate measures tailored to your context. It’s the twenty-first century, and temperatures and sea levels are rising. Don’t wait until the boiling point for any alarms to ring.