Has Russia Begun Offensive Cyberspace Operations in Crimea?
By Jason Rivera |
On Saturday March 1st, the Russian Parliament approved the use of armed forces in the Crimean Peninsula of Ukraine,[1] marking the first possible major Russian military operation since the 2008 invasion of Georgia. In the 2008 Russo-Georgian war, Russia demonstrated the capacity to conduct joint kinetic and cyber operations in pursuit of its political and military objectives.[2] Now, there is evidence that Russia is pursing similar tactics in Crimea.
In 2008, Russia’s cyberwarfare strategy was premised on the objective of controlling military and government lines of communication within Georgia. Reconnaissance efforts against Georgian government sites took place as early as July 19, 2008, weeks prior to the outbreak of kinetic conflict.[3]
In Ukraine, denial of service operations may already be taking place in the Crimean Peninsula. According to the website of Ukrainian telecom provider, Ukrtelecom JSC, unknown individuals seized several Crimean communications facilities on Friday, February 28th.[4] The website also says that communications between the peninsula and the rest of Ukraine have been degraded as a result of “unknown actions [that] physically damaged several fiber optic trunk cable[s].”[5] Other media sources report that the Crimean Peninsula’s landline, Internet, and mobile services have been almost entirely shut off.[6] Jim Lewis, a former U.S. diplomat and senior fellow at the Center for Strategic and International Studies, stated that “This is Russian doctrine…This is their cook book on how to stage an intervention or military operation; [their strategy] starts with knocking out communications nodes.”[7]
In the 2008 Russo-Georgian War, Russia capitalized on the fact that Georgia did not have its own Internet exchange point (IXP) and was therefore reliant on Armenia, Turkey, and Russia for nearly 70% of its Internet exchange capacity.[8] As a result, Russia managed to exert control over Georgian web activity at a few choke points, making it easier for Russian cyber forces to target key Georgian government websites.
Ukraine’s Crimean Peninsula, while not as technically isolated, is similarly vulnerable because of the positioning of its Internet exchange points. Of the various IXPs in Ukraine, only one is located in Crimea. If this IXP were severely limited or shut down, which may have already happened, the Crimean Peninsula would be completely isolated, allowing Russia to control Internet activity in Crimea.
While it cannot yet be confirmed that Russia is, in fact, conducting cyber operations in the Crimean Peninsula, the international community should carefully monitor the situation. As the crisis develops, there are a number of indicators that would demonstrate that Russia is pursuing a cyberstrategy similar to the one it used in Georgia. First, Russia might pursue a cyber campaign that disrupts or degrades the websites of Ukraine and other Western states. In 2008, a total of thirty-eight Georgian and Western websites, including those of the Georgian President, the National Bank, the Ministry of Foreign Affairs, the Supreme Court, the Parliament, and U.S. and U.K. embassies in Georgia, were affected.[9] Second, Russia might carry out sophisticated distributed denial of service (DDoS) attacks against strategic Ukrainian targets. In 2008, the Russians incorporated Structured Query Language (SQL) injections and cross-site scripting (XSS) in order to deny service to key Georgian communications nodes.[10] Third, Russia might enlist the support of the Russian hacker population. In 2008, Russia posted potential targets on a website known as StopGeorgia.ru,[xi] allowing Russia’s patriotic hacker population to engage lower-tier, easy to hit targets within Georgian web space.
Russia has demonstrated a sophisticated capacity to conduct both overt acts of cyberwar and clandestine operations.[11] As the crisis in Ukraine unfolds, and potentially escalates, the likelihood that Russia will again turn to offensive cyberspace operations to achieve its objectives will only increase.
Jason Rivera is an M.A. candidate at Georgetown’s Security Studies Program and an active duty U.S. Army Officer currently assigned to the United States Army Cyber Command. All views and information expressed originated solely with the author and do not represent the official positions or opinions of U.S. Cyber Command or the U.S. Department of Defense.
[1] Laura Smith-Spark, et al., “Russian upper house approves use of military force in Ukraine,” CNN News, March 1, 2014, accessed March 1, 2014, http://www.cnn.com/2014/03/01/world/europe/ukraine-politics/.
[2] Andreas Hagen, “The Russo-Georgian War 2008,” in A Fierce Domain: Conflict in Cyberspace, 1986 to 2012, ed. Jason Healey, (Vienna, VA: Cyber Conflict Studies Association, 2013), 194.
[3] Ibid., 197.
[4] Ukrtelecom. “Crimean regional offices JSC “Ukrtelecom” officially reported to block unknowns several communication centers on the peninsula.” Last modified March 1, 2014. http://www.ukrtelecom.ua/presscenter/news/official?id=120327.
[5] Ibid.
[6] Associated Press, “President Obama warns Russia not to intervene militarily in Ukraine,” March 1, 2014, accessed March 1, 2014, http://www.syracuse.com/news/index.ssf/2014/03/president_obama_warns_russia_not_to_intervene_militarily_in_ukraine.html.
[7] Eli Lake and Christopher Dickey, “U.S. Spies Said No Russian Invasion of Ukraine—Putin Disagreed,” The Daily Beast, February 28, 2014, accessed March 1, 2014, http://www.thedailybeast.com/articles/2014/02/28/u-s-spies-said-no-invasion-putin-disagreed.html.
[8] Hagen, “The Russo-Georgian War 2008,” 199.
[9] Ariel Cohen and Robert Hamilton, “The Russian Military and the Georgia War: Lessons and Implications,” Strategic Studies Institute (2011), viii, accessed March 1, 2014, http://www.strategicstudiesinstitute.army.mil/pdffiles/PUB1069.pdf
[10] Hagen, “The Russo-Georgian War 2008,” 197.
[11] Ibid.
[12] For clandestine operations, see for example Karl Grindal, “Operation BUCKSHOT YANKEE,” in A Fierce Domain: Conflict in Cyberspace, 1986 to 2012, ed. Jason Healey, (Vienna, VA: Cyber Conflict Studies Association, 2013), 207.
Posts
No comments:
Post a Comment