03/04/2022

What’s The Role Of Cyber Warfare In Russia’s War With Ukraine?

14:18 minutes

an alert symbol with vague lines of code behind it
Credit: Shutterstock

When Russia invaded Ukraine a week ago, some experts predicted full-scale cyber warfare. It hasn’t happened—at least not yet. Russia did launch a few small cyber attacks against Ukraine, including malware which would have wiped Ukrainian government and bank data. It was thwarted. 

Banks in the United States are now beefing up their security in anticipation of potential Russian cyber attacks in retaliation to the recently imposed sanctions. But how worried should we be about a global cyber war? 

Jason Healey, senior research scholar at Columbia University’s School of International and Public Affairs, based in New York City, joins Ira to discuss the intricacies of Russian cyber warfare. 

Interested in bolstering your own cyber security? Healey suggests practicing standard digital security strategies, regardless of current threats. The Motherboard Guide to Not Getting Hacked and the WIRED Guide to Digital Security provide comprehensive overviews on how to keep your digital assets secure.  


Donate To Science Friday

Invest in quality science journalism by making a donation to Science Friday.

Donate

Segment Guests

Jason Healey

Jason Healey is a Senior Research Scholar at Columbia University’s School of International and Public Affairs in New York, New York.

Segment Transcript

IRA FLATOW: This is Science Friday. I’m Ira Flatow. When Russia invaded Ukraine a week ago, some experts predicted full scale cyber warfare. Well, it hasn’t happened– at least not yet. Russia did launch a few small cyber attacks against Ukraine, including malware which would have wiped Ukrainian government and bank data, but it was thwarted. And now US banks are beefing up their security in anticipation of potential Russian cyber attacks in retaliation to the recently imposed sanctions.

So how worried should we be about a global cyberwar? Is there more to come? Joining me now to help us better understand the intricacies of Russian cyber warfare is Jason Healey, Senior Research Scholar at Columbia University’s School of International and Public Affairs in New York City. Welcome back to Science Friday.

JASON HEALEY: Thank you for having me.

IRA FLATOW: Nice to have you. OK, were you surprised that predictions of a full scale cyber war have not yet materialized?

JASON HEALEY: I certainly was. From the history of what Russia has done in the past, and for as much time as they had to prepare. I think many, many of us were expecting a well orchestrated onslaught, right? Something that was just a ballet of online violence that was unleashed predominantly against Ukraine but also against the West to keep us off balance.

And what we ended up was not really an orchestration of violence but almost like a brawl, and not even a very effective brawl at that. You had this mix of attacks that didn’t seem to be particularly synchronized with anything, and frankly, not nearly as bad as we might have feared. If you would have had other of my colleagues on this show, they probably wouldn’t have been surprised at all, because they don’t think cyber is really all that useful and especially during wartime. And so, there is this large debate. Maybe they didn’t use cyber because it’s just not really that useful.

IRA FLATOW: Could it also be that they may not be as good at it as we give them credit for?

JASON HEALEY: Absolutely. We had seen so much, Russia doing so much against Ukraine and others, even during peacetime. Taking the electrical grid down in parts of Ukraine, twice during winter. Disrupting the Seoul Olympic games. Going after a French TV station, taking it offline and blaming that on– and trying to put the blame on Islamic State. That it seemed a very straight line to imagine that they would be doing these things and find them to be militarily useful when they actually invade, right? Not just in relative peace time.

IRA FLATOW: Well, is it possible that Russia is deploying cyber attacks that we’re just not aware of yet?

JASON HEALEY: I’ve been trying to go through enough, and I talked this over with my students and others yesterday, and we came up with perhaps 10 different reasons why we’re not seeing this. And that’s definitely one. That the attacks are happening and we’re either not seeing them. We’re successfully defending against them. Or that they’re happening and they’re having impact, but they’re not getting as much reporting or as much notice, because they’re relatively small given the scale of the invasion and the horror that we’re seeing. And so I think there’s definitely part of it there.

IRA FLATOW: So what types of cyber attacks have we seen Russia deploy since they invaded Ukraine? Anything?

JASON HEALEY: There’s been a little bit that happened beforehand, such as denial of service attacks on Ukrainian government and other websites. As you had mentioned, there was this wiper worm that had come in or the wiper malicious software, malware, that the Russians deployed to try and affect Ukraine. It didn’t seem like that did too much. And there’s been a few others. There’s been, for example, disruptions a couple of days ago to one of the border posts that was processing refugees out. A particularly mean spirited attack. There’s also been some disinformation that’s been happening. But maybe not quite as much as we had, again not quite as much as we’d been expecting.

IRA FLATOW: Yeah, let’s talk about this wiper malware that you just mentioned. Now, it was actually Microsoft security team that detected it and then blunted the attack, correct?

JASON HEALEY: Correct, yes.

IRA FLATOW: And why are private companies on the front lines of monitoring and intervening those that attack us?

JASON HEALEY: When we use words like cyber war, your listeners will be thinking, Well, if it’s war then surely it’s the governments that have to protect us because that’s what governments do. But conflict in cyberspace has tended to be different because the governments don’t really have the capabilities, the infrastructure, to keep us safe in the same way they can from Naval attack or from aerial bombardment or from invasion over the ground. Because they’re not the ones that have built cyberspace, that have put the infrastructure together.

So I did this history book a couple of years back. And in almost none of the major cyber conflicts had any government anywhere had a decisive role. It’s the private sector that had the subject matter expertise, the agility, the ability to bend the internet, to bend cyberspace, to actually change the geography of it, to stop attacks and to minimize conflict, as Microsoft did here.

Cyber Command in the United States, which is the part of the Department of Defense that’s most relevant here, is good at spying. They’re good at shooting back. They’re good at seeing what’s happening and telling others. But they’re not good at actually suppressing the attack in the way that Microsoft did.

IRA FLATOW: Do the Ukrainians have capabilities to mount their own cyber counteroffensive against Russia?

JASON HEALEY: Cyber can sometimes seem easy, right? We see ransomware attacks and it turns out it was just a bunch of teenagers that are doing these things. But if you want to try and have a sophisticated ability to stop attackers, to have a militarily relevant disruption at a certain place, certain time, for a certain duration, that kind of stuff takes a lot more intelligence, a lot more capabilities, to not just pull that trick once, but to pull off that trick consistently. And so I suspect the Ukrainian defenders can do some of that. So I wouldn’t want to sell the Ukrainian capability short, but they’re going to have their hands full with so much in the way that I think the American teams, the British teams, would not.

IRA FLATOW: Interesting. I know that the global hacking group Anonymous announced that they’ve gone to war against Russia. They’ve claimed responsibility for hacking into Russia state TV and the Ministry of Defense databases. What do you make of that move? Could that help bolster Ukraine’s cyber warfare capabilities or degrade Russia’s?

JASON HEALEY: It is unlikely that such attacks are going to have any interesting national security impact. They’re very easy to shrug off. However , there is the negative thing it might do. It might inflame the situation and cause some Russian hacking reaction back that might not have happened otherwise. But it’s possible that it might just do something significant and relevant. For example, if they’re really able to get some information on Putin’s regime, and share some information about how corrupt he is. Or if they’re able to work with leakers inside Russia that release military plans or information on massacres that Russia might want to keep secret.

IRA FLATOW: There have been the reports about Elon Musk sending Starlink terminals to Ukraine to create satellite internet service if the landlines go down in Ukraine. How effective do you think this strategy might be?

JASON HEALEY: I think it’s a fabulous start because it is possible that the Russians would try to shut down the internet in Ukraine. This is what they were successfully able to do with a much smaller country, Georgia, when they invaded in 2008. And one of my colleagues, Dmitri Alperovitch, really thought it might be– thought the Russians were going to face two choices– Keep the Ukrainian internet open so that way you can flood them with disinformation and cyber attacks, or try and shut the Ukrainian internet down so that they can’t get out their message. So that we don’t see videos of atrocity. So that the only message that we would hear about Ukraine would be the Russian message. And neither of those has really come to pass, but fortunately having these Starlink terminals, having these other ways for Ukrainians to get out their message is, I think, very important.

IRA FLATOW: And so how will what we’re seeing going on in Ukraine or not seeing going on in Ukraine, how will that change the future of cyber warfare, do you think?

JASON HEALEY: To you and me and most of the listeners, cyber conflict and cyber war popped up on our headlines, we only really pay attention to it when something bad has happened. And so it feels episodic. But what the US strategy has said, it’s not episodic. It’s happening really all of the time. There’s this constant contact between the cyber forces of the United States, Russia, Iran, North Korea, the Brits, the French, the Israelis. And they’re all in there in this pit, and they’re all grappling for advantage, trying to spy on one another and stop what each other are doing.

And so I can imagine that after Ukraine– well, even now with Ukraine, that the US Cyber forces are out there now trying to figure out what the Russians are doing. Even in Ukraine. They’re trying to figure out what the Russian cyber teams might be planning against the West, such as in response to sanctions. And directly trying to stop them. To cause friction, to throw sand in the gears.

IRA FLATOW: Can we anticipate retaliation against the recently imposed sanctions?

JASON HEALEY: One of the reasons why we’ve thought that cyber attacks in general haven’t gotten so bad, is because of what in academia we would say entanglement. Russia would never want to disrupt the Western economy because that’s where they’re parked their money. And so the more that we cut Russia out of the Western economy, the more that we are no longer dependent on Russian energy, the less blowback they would have to suffer if they disrupt it. That’s not a reason to keep them involved in the Western economy.

But it does mean for those of us that are watching, saying, boy, if we have decided we’re not going to deal Putin in and let him play the game anymore, then he might just decide to flip the table and disrupt Western finance and banks. To disrupt the electrical grid. To disrupt liquefied natural gas. To say, look, if you’re going to make Muscovites suffer, then I’m going to make your people suffer too.

IRA FLATOW: So we can anticipate possibly the retaliation.

JASON HEALEY: Yes, and the Washington DC has been taking this very seriously at the White House, at Cyber Command, the United States military, as well as European capitals, to look what might be coming next from Russia.

IRA FLATOW: People are worried about their money in banks. You’re speaking about banks. Are US Bank sufficiently secure enough to prevent potential Russian hacks? And even the stock market, it’s all run by, right? It’s all run by software.

JASON HEALEY: Yeah, the banks have been worried about this kind of stuff since at least the mid ’90s, if not before. Citibank got hit by a Russian hacker named Vladimir Levin for millions of dollars. And that led to real structural changes in the finance sector. They started to have chief information security officers. A few years later, 1999, they set up an Information Sharing and Analysis Center, which I used to help run. To share information across all of the banks, to make sure that they were sharing information, to make sure they were looking at threats. And so since then they’ve done nothing but continue to build their resilience for moments just like this.

Now, what Russia might choose to throw at the banks could be significantly more than we’d ever seen. The Iranians tried this almost exactly 10 years ago. And so the banks are going to be looking back at that for lessons. But I think they’re going to find that the finance sector is very tough.

IRA FLATOW: Should individual citizens be worried about their cybersecurity?

JASON HEALEY: I’ll say, Ira, we’ve got so much to worry about right now, I don’t think it’s primarily a thing that people need to fret. That said, there are some really important things that you can do. For example, making sure your software is up to date. If your Apple, if your Microsoft, if your Chrome, is saying, hey, you need to update me, please take care of that immediately.

IRA FLATOW: Put on your automatic update.

JASON HEALEY: Yes. And it might ask you to reboot the computer, don’t put that off. Putting it off right now would be a tremendous mistake. Also, if you’ve seen this thing, two-factor authentication or multifactor authentication, and you haven’t quite understood it, now is the time to understand it and take care of it. Because that is one of the most important things that you can do to help keep yourself safe and make sure that no one’s going to be taking over your banking account or other important accounts of yours.

IRA FLATOW: All right, I think that’s a great place to stop and thank you for that hopeful note.

JASON HEALEY: OK, thank you.

IRA FLATOW: Jason Healey, Senior Research Scholar at Columbia University’s School of International and Public Affairs based in New York City.

Copyright © 2022 Science Friday Initiative. All rights reserved. Science Friday transcripts are produced on a tight deadline by 3Play Media. Fidelity to the original aired/published audio or video file might vary, and text might be updated or amended in the future. For the authoritative record of Science Friday’s programming, please visit the original aired/published recording. For terms of use and more information, visit our policies pages at http://www.sciencefriday.com/about/policies/

Meet the Producers and Host

About Shoshannah Buxbaum

Shoshannah Buxbaum is a producer for Science Friday. She’s particularly drawn to stories about health, psychology, and the environment. She’s a proud New Jersey native and will happily share her opinions on why the state is deserving of a little more love.

About Ira Flatow

Ira Flatow is the host and executive producer of Science FridayHis green thumb has revived many an office plant at death’s door.

Explore More