![The success of Ukraine in recent months shows that countries can prepare for cyber conflict against Russia, say cybersecurity experts. [Negative Space/Pexels]](/cnmi_ca/images/2022/06/09/35709-hackers-739_416.webp)
Several European heads of military cyber defence forces agreed on Wednesday (June 8) that Russia has been far less effective than expected in employing digital combat capabilities in their offensive against Ukraine.
Since Russia invaded Ukraine February, it has been unable to meet its goals, including a rapid conquest of Kyiv.
"Among cybersecurity experts we were pretty sure that there would be a cyber Pearl Harbor based on past experience of Russian behaviour and capabilities," said Gen. Karol Molenda, director of Poland's National Cyber Security Centre.
But Ukraine was prepared and "withstood attacks from Russia", Molenda told a meeting of the International Cybersecurity Forum held in Lille, France.
![Employees talk in front of screens at the Ukrainian Security Service headquarters (SBU) in Kyiv on March 6, 2019, during the joint EU-Ukraine cybersecurity drills. [Sergei Supinsky/AFP]](/cnmi_ca/images/2022/06/09/35708-000_1eq8zi-739_416.webp)
Employees talk in front of screens at the Ukrainian Security Service headquarters (SBU) in Kyiv on March 6, 2019, during the joint EU-Ukraine cybersecurity drills. [Sergei Supinsky/AFP]
This showed, he added, that you can prepare for cyber conflict against Russia, which he said was "good at offensive capabilities but not so good at defence".
Russia vulnerable to attacks
He cited multiple cyber-attacks that had hit the country, the work mainly of independent hackers.
The Washington Post reported that a Russian radio station’s news bulletin was interrupted Wednesday by the Ukrainian anthem and antiwar songs, in the latest example of Russian media outlets apparently being targeted by antiwar hackers.
On May 9, hackers blocked Victory Day propaganda on Russian users' smart TVs and posted a pro-Ukrainian message: "The blood of thousands of Ukrainians and hundreds of murdered children is on your hands. TV and the authorities are lying. No to war."
In April, a group of hackers leaked more than 900,000 emails from the All-Russia State Television and Radio Broadcasting Co. The emails extended back more than 20 years.
In March, hackers released more than 360,000 files from the Bashkortostan office of the Russian censorship agency.
No co-ordination in Ukraine
Russia is "not ready to wage co-ordinated cyber and kinetic war", said Lithuania's chief of cybersecurity, Col. Romualdas Petkevicius.
There are cyber activities everywhere in Ukraine, "thousands of them," he told AFP. "But I don’t think they are very well planned".
Gen. Didier Tisseyre, commander of France's cyber defence force, made a similar observation about a disconnect between computer attacks and Russia's military offensive on the ground.
"Maybe they didn't manage to organise it the way they wanted to", and their capacities "are not as strong as we imagine", he said.
But the analysis of the conflict is complicated by the entry of independent hacker groups into the battle, while companies such as Microsoft and Starlink have also come to Ukraine's aid, he pointed out.
The current conflict in cyberspace "is like a rugby world cup "where all the teams are on the field without their distinctive jerseys. The public is on the field too, and you have to prevent tries from being scored".
History of attacks
Months ago analysts were warning that the Kremlin was setting up flag operations, waging cyber-attacks, and spreading disinformation as part of a campaign to prepare the groundwork for a potential invasion.
For years Moscow has engaged in hybrid warfare around the world.
Some of the most drastic cyber-attacks over the past decade have been attributed to Russian attacks on Ukraine, and then repeated elsewhere, according to US intelligence.
For example, a Russian military spyware strain first identified in a hack of Ukraine's Central Elections Commission in 2014 was found in the server of the Democratic [Party] National Committee in the United States in 2016, The New York Times reported.
Last October, the US government charged six GRU officers in absentia with carrying out cyber-attacks on Ukraine's power grid, the 2017 French elections and the 2018 Winter Olympics. The GRU is Russia's military intelligence agency.
The six Russian agents were also accused of staging a 2017 malware attack called "NotPetya" that started in Ukraine and later infected computers of businesses worldwide, causing almost $1 billion in losses to three US companies alone.
Cyberwarfare co-operation
In recent years, Ukraine has significantly strengthened its ability to counter cyberthreats, thanks in part to assistance from and co-operation with the United States and European Union (EU), Oleksii Baranovskyi, president of the Kyiv chapter of the ISACA, an international association that works in the field of information system security, told Caravanserai in February.
NATO responded quickly after the January attack by announcing a cyberwarfare co-operation deal with Kyiv. The EU said it was mobilising "all its resources" to help Ukraine at the time.
Late last year, the United States and the United Kingdom sent cyberwarfare experts to help Ukraine prepare to defend itself from potential attacks from Russian state actors and private proxies committing cybercrimes on the Kremlin's behalf.
The US Civilian Research and Development Foundation and the US Agency for International Development both are implementing US-funded projects designed "to support and improve the efficiency of cybersecurity in Ukraine", Baranovskyi noted.
In February, officials from US intelligence and national security agencies met to discuss cyberthreats from Russia and the assistance the United States can provide to Ukraine to counter large-scale attacks.
