According to our findings, cyber activities do not win wars.
The current crisis in Ukraine has baffled many who expected a different outcome in the cyber realm. Analysts expected that cyber operations would be crucial to Putin's military strategy when Russia began massing soldiers near Ukraine's borders.
The Russian invasion might "redefine cyberwarfare," according to one headline. "It will be the first time a state with actual capabilities is willing to take risks and put everything on the line," former White House cyber analyst Jason Healey predicted.
Despite these forecasts, Russia's anticipated "shock and awe" cyber campaign in advance of the invasion of Ukraine never materialized. Furthermore, while the fight is clearly evolving, cyber operations do not appear to be playing a significant role on the battlefield.
Surprised? We aren't. Cyber operations, whether deployed alone or as part of conventional warfighting, are ineffective means of coercion, according to academic study.
What can we learn from previous Russian cyber operations?
According to academic study, Russia has a lengthy history of cyber activities against Ukraine. In addition to kinetic activities, Russia's 2014 takeover of Crimea featured cyber operations. For example, distributed denial of service assaults purposefully saturated Ukrainian networks, causing them to breakdown. Russia launched a cyberattack on Ukraine's power grid in 2015. In 2017, Russia released the data-erasing NotPetya virus, which was first targeted at Ukrainian servers but soon spread throughout the globe.
Experts who predicted that the present dispute would be a "Cyber Pearl Harbor" moment based on Russia's prior behavior may have been wrong. There is minimal evidence that cyber activities, let alone well synchronized combined weapons combat, gave Russia an operational advantage in 2014. And, despite the fact that the electrical system attack occurred in the dead of winter, no one was killed, and service was restored within hours.
Russia's recent cyber operations have had little effect
Many of the recent cyberattacks sought to splinter Ukrainians' belief in their government — and these information operations have plainly failed. Microsoft and other monitors revealed in mid-January that the harmful malware "WhisperGate" was aimed at Ukrainian enterprises.
Russian-linked hackers are said to have defaced 70 Ukrainian government websites in a separate operation. The US and UK governments blamed Russia for disruptive assaults in mid-February, with follow-up attacks on February 23. On the same day, the "HermeticWiper" virus was identified in a variety of commercial and government systems in Ukraine.
Hacktivists are getting involved
On both sides, hacktivists, proxy organizations, and freelancers rushed in. Ukraine, which lacks mature offensive cyber capabilities, has called on the people to assist in the formation of a "IT Army." The Ukrainian government shared a list of Russian and, later, Belarusian targets on Twitter.
Russian ransomware operators, on the other hand, offered their services, promising to retaliate against nations seeking to penalize Russia. These look to be ad hoc proxy groups rather than a coordinated effort. To oppose the pro-Russian effort, a Ukrainian member of the Russian-linked Conti ransomware gang allegedly disclosed the organization's internal conversation logs.
Why isn't cyberwarfare proving to be effective?
As evidenced by examples from Ukraine, Afghanistan, Iraq, and Syria, cyber operations in war contexts may not be as prolific or decisive as many think. Dropping "cyber bombs" on the Islamic State, for example, yielded uncertain results, according to the US military.
Instead of decisive conflicts, cyber operations are a type of modern political warfare. These activities support espionage, deception, subversion, and propaganda efforts rather than winning conflicts.
Here's why today's cyber operations aren't as simple or as effective as popular wisdom would have you believe. To begin with, the global IT sector plays a critical role in cyberdefense, with companies like Microsoft, Alphabet, and others working around the clock to uncover threats to Ukraine, patch vulnerabilities, and exchange data. In December, the United States and the United Kingdom despatched cyber defence troops to Ukraine in preparation of Russian cyber operations. According to reports, US cyber mission troops are still assisting Ukraine's cyber defense from Eastern Europe.
Second, Ukraine's resiliency may have been bolstered by preventative efforts. Ukrainians downloaded encrypted communications apps like Signal and offline maps, but the Ukrainian military depended on old-school wired connections as well.
Third, hacktivists and proxy groups can use low-cost cyber operations like denial of service attacks or website defacements to disrupt and distract rather than achieve genuine tactical advantages. On the other hand, offensive cyber operations aimed at disrupting another country's command and control or air defense systems, for example, can be difficult. To design and execute this type of complicated cyber campaign, it takes years of investment and human resources, pre-positioned access points, and a mature, well-resourced organization.
Even the most advanced offensive cyber operations can't match the effectiveness of conventional munitions. Targeting the opponent with artillery, mortars, and bombers is significantly easier than using exquisite and ephemeral cyber power. Regardless of cyber weaknesses, it is far easier for Russia to fire artillery at a power substation than it is to hack it from Moscow. The airstrikes by Russia on a Ukrainian broadcast tower could be an example.
Is there a chance that the cyber game will change?
Of course, the cyber dimension of this battle could change in the future. However, because cyber operations aren't always simple, inexpensive, or good at managing large-scale destruction, they're unlikely to generate the game-changing moment in modern warfare that many predicted.
Cyberweapons, on the other hand, can be utilized outside of the battlefield. There is still a chance that Russia would retaliate with cyberattacks against the US and its allies. Russia has most likely already pre-positioned entry points that it may use to launch disruptive strikes. Countries, including Russia, have a long history of responding in cyberspace to acts such as sanctions and indictments.
Most crucially, given the current large-scale interstate war, cyber specialists may be overlooking the forest for the trees. When contemplating the humanitarian calamity and immense toll that fighting inflicts — not to mention the risks of nuclear warfare — the success or failure of cyberwarfare theories has little bearing.