By Michael Cruickshank

During the Ukrainian Revolution and the escalating events since, one thing has been absent – armed combat between state actors. Despite this, the “war” has been raging in the realms of cyberspace.

Opening Shots

On the 8th of March, Ukrainian government assets came under attack. Not their vastly outnumbered physical positions in Crimea, but rather their government’s presence in cyberspace. First, the national news agency’s primary website went down in a DoS (Denial of Service) attack, then telecommunications networks began to fail across Crimea. Indeed so much of the network became inaccessible; the Ukrainian defence establishment was forced to admit in a statement to Reuters that attacks indeed had been taking place.

“There was a massive DoS-attack on communication channels of the National Security and Defence Council of Ukraine, which was apparently aimed at hindering a response to the challenges faced by our state,” the Security and Defence Council said.

These were not the first attacks in what is beginning to seem like an all-out cyber offensive by Russia against Ukrainian internet infrastructure. Just days prior, members of the newly formed Rada (Ukrainian Parliament) began to report that their mobile phones were becoming difficult to use, if not downright inoperable due to something Ukrainian security services referred to as an “IP telephonic attack”.

Uroboros – A Russian Stuxnet?

Despite the sophisticated nature of some of these attacks, it is as yet unknown if they have been undertaken by the RussianState, or by pro-Russian hackers motivated by patriotism.

Dr. Sandro Gaycken, a cybersecurity expert from the Berlin Freie Universität, remarks:

“The attacks are certainly in the strategic interest of the government, but we have also seen a lot genuine hacktivism by patriotic hackers. It could be both. The attacks themselves do not exhibit any definite criterion to pinpoint one of these groups.”

There has however been a recent discovery which could change all that.

On the 28th of February, just days after the revolution in Ukraine, researchers from G-Data, a German company specializing in anti-virus security, went public about the discovery of a virus which they called Uroboros. The virus, they claim, is highly sophisticated and – in a similar way to the famous Stuxnet virus – bares the hallmarks of creation by a well-resourced, state-backed team. It is designed to infect research and government facilities for the purpose of stealing sensitive data.

BAE Systems, a British defense company, has reported that it has detected at least 14 instances of the virus present in Ukrainian computer systems in 2014. While this is not a complete smoking gun proving the Russian Intelligence is behind these attacks on Crimea, it does lend some credence to speculation.

Anonymous Joins The Fray

As with most conflicts of course, this cyber war has not been one-sided. Groups of hackers under the ‘Anonymous’ moniker have formed what they call OpRussia, a collective designed to disrupt and disable Russian computer systems. In an online statement they warn:

“By opening fire in Crimea, you also opened fire on the idea of Anonymous — and for that, we shall return an equal, if not, more powerful volley on a consistent spree of attacks from now until something is done about your “empire’s” thirst for world domination.”

Over the course of the last weeks, they have targeted multiple government agencies within Russia. These include: the RT news network whose main website was defaced, the Russian Ministry of Culture, nuclear research agencies, and escalations today in the form of attacks against the Kremlin and the Reserve Bank of Russia.

Escalation Potential

With the situation in Ukraine and the Crimean Peninsula so tense, there is a very real risk that further and more damaging cyber attacks could be used as a pretext or justification for hot war. When asked of the likelihood of this, cyberwarfare expert Dr. Sandro Gaycken stated:

“This would depend on the kind, the scale and the impact of the cyber attack, but cyber attacks are generally very useful when it comes to this. Serious cyber attacks certainly add a lot of tension to existing conflicts and tend to be overrated by politics. They can also be easily instrumented as a justification for something.”

This being said, there is no existing precedent for a nation to use a cyber attacks as a pretext for an actual armed reprisal. Iran, despite have its nuclear enrichment program crippled by the Stuxnet virus, did not take obvious action against the US or Israel – the main parties postulated to be responsible.

“The law of armed conflict likely wouldn’t justify abusing a cyber attack as an excuse for a physical attack, but this – of course – would be more of a political than of a legal decision.” Dr Gaycken continues.

*******

As Crimea moves towards its union with Russia, as well as troops build up on the border with Eastern Ukrainian, there is every chance that armed conflict could re-erupt. Should it do so, we should expect to see more intense and escalating cyber attacks.

By Michael Cruickshank

A special thanks to the users of /r/UkrainianConflict who helped me crowdsource data for this story.