The increased dependence on communications and information technology has meant that the online sphere has become of great interest to nefarious actors, giving rise to categorisations such as ‘cyberattacks’, ‘cyber warfare’ and ‘cyberterrorism’.
NATO has recognized cyberspace as the 5th battlespace at the Warsaw Summit in 2016 and a cyberattack as a potential Article 5 case which stipulates that an attack on one member is an attack on all. Currently Article 5 refers to a kinetic armed attack and is lacking a compatible cyber definition. Therefore, it will be up to the 30 NATO member states to define what amounts to a cyberwar after a cyberattack of sufficient strength.
The unfolding crisis in Ukraine has called for greater focus on cyberattacks. Globally the number of cyberattacks has increased substantially over the last decade. It remains to be seen how extensively cyberattacks will be used in the current Ukrainian war.
Ukraine has experienced persistent cyberattacks over the last decade, with many of the attack being attributed to Russia. In 2020, it faced 397,000 attacks and around 280,000 attacks in the first ten months of 2021. The attacks were so extensive that the EU sent a Cyber Rapid Response Team to provide support.
The increasing use of cyberattacks can be a leading indicator of something nefarious is being planned. For instance, in January 2022, as diplomatic efforts were being retched up, Ukraine experienced a widespread cyberattack on several government departments.
The attack took the form of a message saying “Ukrainians! … All information about you has become public. Be afraid and expect the worse. It’s your past, present and future.” The message included a reproduction of the Ukraine flag and a cross out map with a reference to “historical land”.
Notably, soon after this attack, the Ministry of Defense came under DDoS attack, as did PrivatBank and Oschadbank, although the attack they faced was more about disinformation, claiming that their ATMs were not working. The intention could have been to cause further panic.
Past high profile attacks in the Ukraine include NotPetya, CrushOverride, Cyclop Blink.
The current war in Ukraine is likely to see cyberattacks become more prevalent. Ukrainian government has trained volunteer hackers to target Russia. Anonymous has also stated its intention to target Russia. If the conflict is not unfolding as Russia had hoped, and it perceives the supply of weapons by European countries to Ukraine as hostile, it may order Russian hackers to extend their reach and look to cyberattacks to paralyse those opposing Russian efforts.
The impact of cyberattacks can be much broader than their targets, spilling over into other countries. For example, while NotPetya targeted Ukraine, its effect was felt in the USA, UK, and Australia.
Because of the increasing use of cyberattacks there is a need for the global community to improve the definitions of what constitutes cyber warfare, cyberterrorism or cyberattacks. The effects of this are profound as it will influence whether groups come under terrorist legislation, or whether an act of war has been declared. It is currently unclear, for example, under what circumstances would a cyberattack on a NATO member constitute an act of cyber warfare?
This excerpt is taken from IEP briefing series Ukraine Russia Crisis – Terrorism Briefing available for free download.