In the stand-off between Russia and the West over Ukraine, hackers have upped the ante with cyberattacks and disinformation targeting the eastern European country.
The question for Western security officials is this: What exactly are we dealing with — and how do we respond?
In one attack on Friday, hackers posted messages on government websites, disrupting the sites of the Ministry of Foreign Affairs and other ministries and causing them to go down. In other incidents starting Thursday, Microsoft spotted new malware attacks on Ukrainian networks, reminiscent of the 2017 outbreak of NotPetya malware that wreaked havoc across the world.
These incidents are far from armed attacks; there were no reported casualties and no serious harm was done. And yet they present Western security officials with a range of tough questions on how to respond to this type of “hybrid” conflict, where states seek strategic gains by using tools that cause societal disruption and shake up internal affairs of adversaries.
The latest attacks on Ukraine “could be signaling. It could be the attempt to implant specific narratives. It could certainly be seen as low-level escalation,” said Lukasz Olejnik, a cybersecurity researcher and former cyberwarfare advisor at the International Committee of the Red Cross.
“If a state actor is behind them, perhaps we may reasonably consider them violations of state sovereignty, or violation of international law,” he said. “However, we may not consider it warfare.”
That message has been repeated over and over by cybersecurity experts: Don’t call it “cyber war.”
“Cyber warfare doesn’t exist, it’s nonsense. There is no war in cyberspace — cyber is just a part, an essential tool of states’ capabilities,” said Bart Groothuis, member of the European Parliament and former chief cyber policy official at the Dutch defense ministry.