What does "cyberwar" really mean?

Since the entry of Russian troops into Ukrainian territory, Ukraine has also been subjected to numerous cyber attacks. However, what is the real meaning of the concept of “cyberwar”, and is Russia behind it?

In January of this year, more than 79 Ukrainian websites were defaced or were disabled. Microsoft and ESET specialists have identified malware on the systems of dozens of government, non-profit and IT organizations that at first glance resembles extortionate, but is a viper. However, as the head of Mandiant Intelligence Sandra Joyce noted, “this is not only a problem of Ukraine.”

«We are sure that by attacking the elections in the USA and France, the Western media, the Olympic Games and many other targets with minimal consequences (for attackers – ed.), Russia dares to use its most aggressive cyber capabilities throughout the West“,” Joyce said.

US intelligence agencies have previously warned about hacker attacks on defense contractors and subcontractors of the US Department of Defense in order to obtain confidential information. At the same time, American and European regulators also warned about possible cyber attacks on banks.

Until now, the West’s main response to the above-mentioned threats has been official recommendations to businesses and public organizations to strengthen their cyber defense.

Although the Ukrainian cyber front has been fairly calm in recent days, Ukrainian representatives abroad, in particular, in the UK, complain about incessant cyber attacks. Perhaps in the coming days or weeks, a real cyber war will break out.

US President Joe Biden is aware of this possibility, so he recently said that the US has prepared to repel any cyber attacks on its companies and critical infrastructure.

«In addition to traditional conflict zones such as land, sea, air and space, cyberspace will become the norm. This is a new form of hybrid warfare of the 21st century. Wars on the ground using tanks, bombs and infantry will not go away, but the country’s ability to defend itself against attacks on critical infrastructure and supply chains through government and other contractors will not only increase, but will continue to be a challenge.“, – said Sam Curry, senior director of cybersecurity at Cybereason.

However, there are currently some difficulties in calling government-funded cyberattacks “cyberwar”, because from the point of view of the law, the status of this term has not yet been determined.

According to Article 5 of the NATO North Atlantic Treaty, an attack on any of the 30 member countries of the alliance is considered an attack on all of them, and in 2019 it was decided to extend the scope of this article to cyber attacks. However, how serious cyberattacks must be in order to fall under Article 5 (and potentially trigger retaliatory measures not in cyberspace, but on earth) is a big question.

It is obvious that NATO is not going to get involved in the current conflict and close the sky over Ukraine for fear of provoking even greater aggression and the outbreak of a world war. It is also unlikely that even serious cyber attacks on Ukraine would trigger a militarized NATO response.

In addition, there is a problem with attribution of cyber attacks. It is always very difficult to collect convincing evidence of the involvement of a particular country in them, even if the culprit is obvious.

«Attackers masterfully hide their tracks, some much better than others. The use of a foreign flag further complicates the task for security officers and investigators and, as a result, they need more time and resources, which they always lack. In many cases attribution is not possible at all, which leads to unclear conclusions in investigations at strategic levels“, – said Jason Steer, senior specialist in security strategies at the Recorded Future information security company.

As a result, responding to cyberattacks and at the same time not making a mistake in the goal is a very difficult task for the country.

“We have to prepare ourselves without giving in to paranoia, and remember that when it comes to cyber attacks, the noise is sometimes worse than the explosion itself,” Joyce said.