As a result of modern interstate conflicts and global power intervention, cyber attacks in hybrid and/or traditional conflicts have become a frequently used attack method by states. These attacks generally appear as electronic warfare, disinformation campaigns, anti-satellite attacks and the destruction of precision-guided munitions.
Behind the increasing popularity of cyber attacks, there are a number of benefits such as providing information advantage and obtaining intelligence data in the information age. In addition, the fact that all these are easier and less costly than traditional weapons makes cyber attacks attractive.
The greatest consequences of cyber attacks are usually the result of the use of precision-guided munitions to disable or destroy their targets. In addition, its effects on civilians are manifested by disrupting finance, energy, transportation and government services, subverting decision-making, and creating political instability through social turmoil. In this sense, cyber operations are often not used in a war situation, but they are also used to threaten a state and retaliate.
In Russia’s National Security Strategy for 2020, “The global information arena is intensifying. Russia’s main goal is to gain information superiority in cyberspace.” statements are included.[1] In this context, Russia has historically frequently resorted to cyber attacks as a foreign policy tool. According to the report of the International Institute for Strategic Studies in 2021, Russia shares the second place with China in the “cyber power centers” ranking, behind the United States of America (US).[2]
The Russian-Ukrainian War is the most recent example of Moscow’s use of cyber tools as an instrument of attack. Moreover, the war in question stands out as it is the first full-fledged conflict involving cyber operations. In this context, it can be considered as a turning point in terms of the understanding of cyber security, which is still the subject of deep debates in international relations. The Ukraine War sets a precedent for the coordination of cyber operations with more traditional forms of warfare.
Cyber attacks of Russian forces against Ukraine were witnessed before Russia’s declaration of “special operation” against Ukraine on February 24, 2022. After the Kremlin’s annexation of Crimea in 2014, Ukraine has been subject to frequent cyberattacks, which are considered low-level. For example, after Russia’s attack on electricity companies in December 2015, more than 225,000 people were left without electricity across Ukraine.[3]
About a month before the start of the current war, Moscow targeted Ukraine with a cyberattack designed to weaken government structures and prepare the ground for the impending attack. In this context, it can be said that this attack of the Kremlin targeting critical infrastructure was carried out in order to undermine Ukraine’s defense capacity against the upcoming invasion.
On the other hand, the attack may have been used not to disable critical infrastructure to pave the way for military action, but as part of a comprehensive strategy to reduce the target country’s capabilities without causing retaliation.
The Russian cyberattack on Estonia in 2007 was aimed at preventing the relocation of a Soviet Union-era monument, which involved the Red Army’s “rescue” of Estonia. In this context, Russia has used this technological attack not within the scope of preparation for an attack, but to infiltrate the internal affairs of the target country and weaken the hostile country by undermining the trust in democratic institutions.[4]
However, when the Estonian Minister of Defense declared that there was no evidence linking the cyber attack to the Kremlin, the accusations proved to be completely untrue and Russia dismissed any response by declaring the allegations “baseless”. In this context, attacks targeting the cyber world, which is “anonymous” by nature, are a preferable method since they do not create “blame” in a sense.
Moving from the example of Estonia, it is seen that Russia’s cyber attacks in Ukraine are used as a “war weapon”. Because one of the distinguishing features of the cyber-attacks launched by Russia is since the invasion of Ukraine is that Russia’s military and cyber attacks are used together during the war process. In this context, it is seen that cyber attacks are no longer a campaign tool but target an enemy and become an integrated tool used alongside the army.
The Ukraine War can be seen as an example of how “hybrid” or “political” war attacks should be taken more seriously around the world. Because since the beginning of the war, many cyber attacks have been carried out on the infrastructure of all kinds of sectors. Although it is thought that Ukraine has been immune to Russian cyber attacks since 2014 with the support of Western countries, especially the US, Ukraine has also become a training center for Russian cyber forces.
It would not be right to say that Moscow has achieved tangible successes in Ukraine within the scope of cyber-attack despite the many attacks already, but it is still important to carry out cyber-attacks as a positive multiplier to support its military attacks. In its simplest form, it can be used to understand the mindset and strategy of the ‘enemy’, although no perpetrators are attributed .
As cyber attacks continue to evolve and become more sophisticated, popular information weapons such as malware and distributed denial-of-service attacks will continue to be used by other countries against each other. Considering that it is impossible to prevent the cyber activities of countries in the age of information technologies and the perpetrators cannot be compared with any sanctions, it can be argued that the most logical move that can be made is to support and expand cyber security networks.
Cooperation is also vital for strong cybersecurity. Ukraine has obtained cyber support from many countries after the attacks it has been exposed to. It is also known that after the attacks experienced by Estonia in 2007, it offered a road map to Ukraine. Since the internet has no borders, it should not have national borders in cyber security.
The rise of the Internet and the growing prevalence of digital technologies mean that almost anything can be weaponized and used, from water supplies to banking services. The Russia-Ukraine War can serve to increase the efforts of countries to work on internet infrastructure systems by taking it as a guide, since it is a concrete example of this situation, and the modern battlefield covers every aspect of daily life.
[1]Dmitri Trenin, “Russia’s National Security Strategy : A Manifesto for a New Era”, Carnigie Moscow, https://carnegiemoscow.org/commentary/84893 (Date of Accession: 19.08.2022).
[2]Colin Demarest, “US Seeking to Understand Russia’s Failure to Project Cyber Power in Ukraine “, C4ISR, https://www.c4isrnet.com/cyber/2022/07/21/us-seeking-to-understand-russian-failures-to-project-cyber-power-in-ukraine/, (Date of Accession: 18.08.2022).
[3]Joe Tidy , “Ukrainian Power Grid ‘Lucky’ to Withstand Russian Cyber -Attack”, BBC, https://www.bbc.com/news/technology-61085480, (Date of Accession: 19.08.2022).
[4] Pascale Davies , https://www.euronews.com/next/2022/08/18/estonia-hit-by-most-extensive-cyberattack-since-2007-amid-tensions-with-russia-over-ukrain, Euronews , (Date of Accession: 19.08.2022).
