News

Canada should beware of cyberattack escalation in Ukraine despite small part it has played so far: analysts


CSE said it was ‘not aware of any current specific threats to Canadian organizations’ but there had been an historical pattern of cyber attacks on Ukraine having international consequences.

Article content

Since the Russian invasion began last week, Canada has been among the Western countries providing cyber support to Ukraine, while the Ukrainian government has mobilized a volunteer “IT army” and groups like Anonymous have declared cyber war.

Advertisement

Article content

Analysts say that so far, cyber attacks haven’t played a large role in the war – but that could escalate and Canada should be on guard.

Michael Daniel, CEO of the Cyber Threat Alliance who was previously cyber security coordinator under former U.S. president Barack Obama, said “there’s quite an extensive effort” from both governments and private sector companies to provide help for Ukraine, which is aimed at shoring up the country’s critical infrastructure.

“That is very different than the call to arms that the Ukrainian government has issued or that others have taken up on their behalf to conduct offensive operations against the Russians,” he said.

The Ukrainian government’s call for volunteers to join its IT army, who were asked to launch distributed denial of service attacks against Russian government, business and bank websites, was an extension of “what has been happening in the physical realm for quite some time when governments call upon their citizens, when you’re in… emergency situations to assist,” he said.

Advertisement

Article content

So far, cyber attacks have played a minor role in the Ukrainian conflict, said Lennart Maschmeyer, a senior researcher at the Center for Security Studies at ETH Zurich. There have been website defacements, DDoS attacks that have temporarily disrupted access to websites, as well as wiper attacks that can delete data, whose impact is still unknown.

“I think we can be fairly confident at least that nothing really major has happened, at least compared to the actual military invasion,” said Maschmeyer.

There could be any number of reasons for that.

Daniel said Russia could have been counting on the invasion being over quickly, and didn’t want to be stuck immediately repairing the damage they caused, or they may have wanted to avoid giving Western countries pretext for even more intervention.

Advertisement

Article content

Lennart noted that Russia had been waging cyber warfare in Ukraine since 2014, “but they haven’t provided the payoff that they were looking for, evidently.”

Both pointed out that major attacks were not easy to pull off. “Gaining access to a given network to steal information is one thing,” Daniel said, but gaining access to a network to be able to exercise “the level of control that you need to have exactly the effect that you want” is “actually quite challenging.”

Lennart said an attack like sabotaging a power grid takes months or years of preparation. In contrast, once you’ve launched a military operation, “it’s much easier to destroy critical infrastructure with rockets.”

Part of Canada’s effort to help Ukraine has included cyber support. Asked for more information about the scope of those efforts, the office of National Defence Minister Anita Anand referred the question to the Canadian Security Establishment.

Advertisement

Article content

CSE said it was “sharing valuable cyber threat intelligence with key partners in Ukraine,” and continued to “work with the Canadian Armed Forces (CAF) in support of Ukraine, including intelligence sharing, cyber security, and cyber operations.”

Cybersecurity researcher and consultant Lukasz Olejnik, previously cyberwarfare advisor at International Committee of the Red Cross, said it looked like “there’s no use for strategic cyber attacks in this conflict,” and predicted there was unlikely to be “high-profile” attacks.

Maschmeyer said cyber operations were not really tools of war but more mechanisms of subversion, used as part of intelligence operations. He said there was “definitely a chance” of Russia turning its eyes to Western countries in response to economic sanctions. Asked what the likely targets of such attacks could be, Maschmeyer said they tended to be opportunistic. “You depend on some vulnerability in some kind of target that helps you produce an effect.”

Advertisement

Article content

CSE said in its emailed statement that given “Russia’s ongoing, unjustified military offensive in Ukraine” it strongly encouraged “all Canadian organizations to take immediate action and bolster their online cyber defenses.”

“Russia has significant cyber capabilities and a demonstrated history of using them irresponsibly,” CSE noted. It said that while it was “not aware of any current specific threats to Canadian organizations” in relation to events in and around Ukraine, there had been an historical pattern of cyber attacks on Ukraine having international consequences.

Daniel argued the danger of groups like Anonymous getting involved was that the “potential for hitting the wrong target, the potential for causing unintended damage, the possibility of escalation, all of that really gets heightened.”

Advertisement

Article content

One reason countries could be holding back on using their full cyber attack capabilities was deterrence – the fear that if they were used, the other side would implement a “proportional response,” he noted.

Daniel said there was “every potential for the situation to change.” The Russians could decide that cyberattacks were “the way to try to gain some additional leverage if operations on the ground, don’t move faster.” Russia could also decide that the sanctions that have been levied against them have begun to have significant impacts and could “decide to try to retaliate for that.”

“There’s any number of triggers that could happen,” he said.

Advertisement

Comments

Postmedia is committed to maintaining a lively but civil forum for discussion and encourage all readers to share their views on our articles. Comments may take up to an hour for moderation before appearing on the site. We ask you to keep your comments relevant and respectful. We have enabled email notifications—you will now receive an email if you receive a reply to your comment, there is an update to a comment thread you follow or if a user you follow comments. Visit our Community Guidelines for more information and details on how to adjust your email settings.



Source link

Leave a Reply

Your email address will not be published.