Why has “Cyber ​​Pearl Harbor” not yet taken place in Ukraine?

• “Historically, there have been very few cyberattacks that have been deployed in the context of war,” analyzes Alexis Rapin, researcher at the Observatory on Multidimensional Conflicts at the University of Montreal.

• This does not mean that nothing has happened, since we have seen various cyberattacks against Ukraine since the beginning of the conflict.

• Russia has been suspected of honing its cyber weapons against its European neighbors for more than fifteen years.

Why has the “Cyber ​​Pearl Harbor” not (yet) taken place since the start of the war in Ukraine?

If the expression originally referred to a potential cyberattack against the United States, it more generally refers to a wave of cyberattacks against American allies, and it has been particularly feared by many experts since the beginning of tensions between Russia and Ukraine.

They feared in particular that Russia would seek to paralyze Ukrainian defenses in this way, from the first days of the conflict.

However, if there have been "Russian cyberattacks since the beginning of the invasion, we have for the moment no proof that there has been anything that comes close to a Pearl Harbor" affirms at

Alexis Rapin, researcher at the Observatory on Multidimensional Conflicts at the University of Quebec in Montreal.

Mounting an effective cyberattack “takes a lot of time”

“Historically, there have been very few cyberattacks that have been deployed in the context of war, with the aim of producing a tactical or strategic impact, analyzes Alexis Rapin.

And the few times that this has happened [in 2008 in Georgia for example], the military effects have been extremely limited, if not negligible.

“Cyber ​​destabilization has not been used as much as we imagined, confirms Christine Samandel,

at the Bordeaux cybersecurity company Tehtris.

From the moment Russia entered the framework of the armed conflict on the ground, the cyberattack was no longer the main tool.

»

The cyber is indeed a very valuable tool "for carrying out hostile acts in a relatively stealthy manner, to defend one's interests while remaining below the threshold of conflict", continues Alexis Rapin.

“But once a real war breaks out and the masks have fallen, we can simply resort to drastic measures.

If we want to deprive the Ukrainians of electricity, for example, we might as well directly bomb the power stations.

Especially since mounting an effective cyberattack “takes a long time, and the effects are usually short-lived.

»

“Different Russian cyberattacks using wipers”

However, there are other possible explanations.

“One of them is that there have been significant attempts at Russian cyberattacks, but the impacts have not yet been well documented, or that the Ukrainians have cleverly managed to thwart them, because they were well prepared and resilient, says Alexis Rapin.

They received assistance shortly before the outbreak of the conflict, notably from the United States, since personnel from the US Cyber ​​Command were dispatched to Eastern Europe to support them.

»

Nor does it mean that nothing has happened on the cyber front since the beginning of the conflict.

Far from there.

“We have seen various cyberattacks unfold against Ukraine, continues Alexis Rapin.

One of the major hacks that accompanied the invasion was the cyberattack against the satellite Internet provider, ViaSat, which caused major computer malfunctions across Europe.

There have also been various Russian cyberattacks using wipers [malicious software programmed to erase computer data], which have notably targeted various Ukrainian government agencies, although we do not have much information on the extent of the damage they may have caused.

»

#Cyber ​​and Ukraine: announcements of cyberattacks follow one another at a frantic pace, where are we?

Modest inventory.

▶️ A preliminary element: it is probably necessary to distinguish the operations of the belligerents from the kind of cyber-guerrillas carried out by various proxies (1/15)

— Alexis Rapin (@alexis_rapin) March 28, 2022

Access to this content has been blocked to respect your choice of consent

By clicking on "

", you accept the deposit of cookies by external services and will thus have access to the content of our partners

I ACCEPT

And to better remunerate 20 Minutes, do not hesitate to accept all cookies, even for one day only, via our "I accept for today" button in the banner below.

More information on the Cookie Management Policy page.

Third important component, “these are the cyberattacks against various Ukrainian Internet providers, in particular Triolan and UkrTelecom, which have substantially reduced the connectivity of Ukrainian users, generally during windows of only a few hours.

»

To this must be added "a constant deluge of denial of service (DDoS) attacks,

of websites, massive data leaks, against ministries, companies or the media, especially carried out by groups of hacktivists from on both sides, especially from pro-Ukraine groups such as Anonymous.

»

When Estonia suffered the first cyberwar in the world, in 2007

However, the "cyber-Pearl Harbor" is still feared, especially since it has been more than fifteen years that Russia is suspected of honing its weapons in terms of cyber-attacks against neighboring countries.

Estonia thus suffered one of the first cyberwars in history, in 2007, following tensions in the country with the Russian community, linked to the removal to Tallinn of the "bronze statue", the statue of a soldier Russian World War II.

The country first suffered a first wave of cyberattacks, which was pure denial of service, and which targeted government sites, banks and the media.

Then there was a second big wave, emitted from around 60 countries.

For about a month, websites were flooded in this way, forcing them to close or cut off their international connection.

"This attack against Estonia was a striking element, because it was the first state-scale cyberattack," recalls Christine Samandel.

And not just any state since Estonia, at the fall of the USSR in 1991, based the functioning of its institutions on new technologies.

In this “e-Republic”, almost 100% of administrative services are digitized, and Internet access has been a right enshrined in the constitution since 2000. “There was a desire to paralyze and destabilize the country.

On the other hand, the difficulty in this kind of offensive remains to officially identify its author, especially when it is a question of a State, which can operate from other territories.

Subsequently, Georgia also suffered a cyberattack in 2008 at the time of the conflict with the separatists, and finally Ukraine, from 2014. At the end of December 2015, cyberattacks were carried out against the Ukrainian electricity network, causing power outages and depriving some 220,000 inhabitants of electricity.

However, cyber experts concluded that the damage could have been much worse, and that it was more of a show of force.

“Launching a cyberattack against a Western country would be a big mistake”

One of the other concerns today would be that Russia would launch a vast offensive against one or more Western countries.

The United States also claims to have foiled an attempted Russian cyberattack against American and European infrastructure.

However, "launching a cyberattack against a Western country would be a serious mistake and would not be to Russia's advantage, because the entire international community would react", explains Christine Samandel, who recalls that in the event cyberattack, if it has been attributed and proves to be of state origin, “self-defense in cyberspace is authorized as long as it is proportional.

»

Alexis Rapin also thinks that there is "little risk of seeing critical infrastructure or strategic entities targeted at this stage, it would present a serious risk of escalation, and at first glance, Russia's interest is that Western countries feel [little] affected by the conflict.

»

“Real risk” against Western companies

On the other hand, he believes that there is "a real risk that hovers against Western companies, with the idea of ​​saying:" you want to hit us financially with your sanctions, we will give you change in our way".

We can also imagine that Russia wants to punish Western companies that have boycotted or stopped their activities in Russia.

»

One of the major uses of cyber in the context of armed conflict remains espionage and surveillance to spy on enemy communications and observe troop movements, "cyber obviously retains all its usefulness in the conflict" from this point of view, emphasizes Alexis Rappin.

high tech

US claims to have thwarted global cyberattack from thousands of Russian malware

World

War in Ukraine: Is Russia one step ahead thanks to its arsenal of cyber-weapons?

• World

• War in Ukraine

• Cybersecurity

• Cyberattack

• Russia

• Estonia

• Georgia