Where are the (serious) Russian cyberattacks?

Sure, HermeticWiper and IssacWiper are bad, but they're not BAD in capital letters


Column I'm heartsick over Russia's invasion of Ukraine. But, before it began, I'd been really worried about Russian cyberattacks, which would overrun Ukraine and flood into the West's infrastructure. 

I foresaw the Russian GRU Sandworm hacking group launching a cyber attack that would ruin the European Union's power grid or wreck major US internet sites such as Google, Facebook, and Microsoft – or stop cellular services in their tracks. 

I was wrong. So far, anyway. 

Oh certainly HermeticWiper and IssacWiper – which will wipe all your data and your software and operating system for good measure – will ruin your day, but even together neither will make whole companies or countries miserable. And, to no-one's surprise Russia and its puppets have launched Distributed Denial of Service (DDoS) attacks on Ukrainian sites. 

But, where are those massive attacks? Why is Ukraine's electrical system still up and running – except for damaged nuclear reactors? Why, instead of shutting down Ukraine's TV networks with cyber attacks, did they have to blow up a Kyiv TV tower? Did we just let paranoia overrule our common sense? 

I wish. 

It's not paranoia when Russian president Vladimir Putin really is out to get Ukraine – and, from the way he talks, maybe all the rest of us as well. Just ask Bulgaria, the Czech Republic, Estonia, Latvia, Lithuania, Poland, Romania, and Slovakia. These countries believe their "territorial integrity, political independence or security" is threatened. 

They have good reasons to feel that way. And, maybe that's one key to why we haven't seen a massive Russian cyberattack yet.

It's clear that Putin thought he'd easily overrun Ukraine. He was wrong. Russia is still winning the war, but it's costing more in time, blood, and economic damage than its leaders ever dreamed.

But, let's take a walk back in time. In 2014, Russia easily seized Crimea from Ukraine. This time, on February 24, Russia had approximately 900,000 troops in its active military compared to Ukraine's 200,000 active soldiers. Russia has about 1,328 military planes versus Ukraine's 146. If all you looked at were recent history and numbers, Russia looked forward to a complete walkover. 

Statistics don't count the value of the human heart and bravery. There, Ukraine's people are far stronger than the Russian conscripts being thrown into war's furnace. 

But, what does that have to do with technology and cyberwar? Everything. 

I'm sure that Putin thought the war would be all over except for the mopping up by now. Why reveal what was up his e-war sleeve if he didn't have to? 

Well, some of it, to give credit where it's due, is because we knew cyberattacks were coming. On January 18, the US Cybersecurity and Infrastructure Security Agency (CISA) warned critical infrastructure operators that they should take "urgent, near-term steps" against cyber threats.

Besides this, both Ukraine and its allies already knew what was coming and had built up sturdy cyberdefenses. Ukraine's friends aren't just governments. Its comrades in this fight also include top technology companies. For example, when Microsoft's Threat Intelligence Center (MSTIC) detected offensive and destructive cyberattacks against Ukraine, "We immediately advised the Ukrainian government about the situation, including our identification of the use of a new malware package (which we denominated FoxBlade), and provided technical advice on steps to prevent the malware's success."

Brad Smith, Microsoft's president, prefaced this news with: "We are a company and not a government or a country." But, "our efforts have involved constant and close coordination with the Ukrainian government, as well as with the European Union, European nations, the US government, NATO and the United Nations." Russia isn't just fighting Ukraine, it's fighting Microsoft and hacker groups like Anonymous too.

Anonymous and Microsoft on the same side? Who'd ever predict that?

That said, I fear Russia still has a cache of zero-day vulnerabilities and new malware to make life miserable for Ukraine and everyone else. So, why not roll it out now that things haven't gone as smoothly as Putin dreamed in his new Russian Empire fantasy? 

My bet is his advisors know that cyberattacks don't respect borders. A malware attack aimed at Ukraine would quickly hit the UK and US as well. And, as US president Biden said in his January 19 news conference, the US could respond to future Russian cyberattacks against Ukraine with its own cyberwar resources. 

One reason we've yet to have a nuclear war is the old idea of Mutually Assured Destruction (MAD). Once nukes start flying, everyone loses. In a much less deadly way, this is also true of an all-out internet war. No one sane wants to go there.

Ay, there's the rub. Putin has already threatened the West with the nuclear option. Putin may not be insane, but you can see the asylum from his head. By comparison, a full-scale cyber war is much "safer." 

Hang in there, folks. Keep your cyber defenses up and hope that the worst that can happen is our internet economy is knocked out for a few weeks. You see, as bad as it would be, it's far from the worst that could happen. ®

Narrower topics


Other stories you might like

Biting the hand that feeds IT © 1998–2022