Why hasn’t “Cyber Pearl Harbor” been done (yet) since the start of the war in Ukraine? If the term originally referred to a possible cyberattack against the United States, then it generally refers to a wave of cyberattacks against American allies, and many experts have been particularly concerned since the beginning of the tensions between Russia and Ukraine. They feared in particular that Russia would seek to cripple Ukrainian defenses in this way, from the early days of the conflict.
However, if there have indeed been “Russian cyberattacks since the beginning of the invasion, we currently have no evidence of anything approaching Pearl Harbor”. 20 minutes Alexis Rabin is a researcher at the Multidimensional Conflict Observatory at the University of Quebec in Montreal.
Launching an effective cyber attack ‘takes a lot of time’
“Historically, there have been very few cyberattacks deployed in the course of war, with the intent of making a tactical or strategic impact, Alexis Rapin analyzes. And it has happened the few times [en 2008 en Géorgie par exemple], the military effects were very limited, if not insignificant. “Cyber destabilization hasn’t been used as often as we can imagine,” Christine Samandel confirms, Foreman Within the cybersecurity firm Tehtris in Bordeaux. From the moment Russia entered the framework of the armed conflict on the ground, cyber-attack is no longer the main tool. »
The Internet is in fact a very valuable tool “to carry out hostilities in a relatively covert manner, to defend one’s interests while remaining below the threshold of conflict,” continues Alexis Rapin. But once a real war breaks out and the masks fall off, we can simply use drastic measures. If we want to deprive Ukrainians of electricity, for example, we can also directly bomb power plants. Especially since launching an effective cyber attack “takes a long time, and its effects are usually short-lived.”
“Various Russian cyberattacks using spaces”
However, there are other possible explanations. One is that there have been major attempts at Russian cyberattacks, but the effects are not yet well documented, or that the Ukrainians have been cleverly thwarted, because they were well-prepared and resilient. They received help shortly before the outbreak of the conflict, in particular From the United States, where personnel from the US Cyber Command were sent to Eastern Europe to support them.”
Nor does it mean that nothing has happened on the electronic front since the beginning of the conflict. Away from this. “We have seen many cyberattacks against Ukraine,” Alexis Rapin continues. One of the major hacks that accompanied the invasion was the cyber attack on the satellite internet provider, ViaSat, which caused major computer failures across Europe as a multiplying consequence. There have also been various Russian cyberattacks using spaces [des logiciels malveillants programmés pour effacer les données d’un ordinateur], which notably targeted various Ukrainian government agencies, although we don’t have much information about the extent of the damage they may have caused. »
The third important component, “These are cyber attacks against many Ukrainian Internet providers, in particular Triolan and UkrTelecom, which significantly reduced the connection of Ukrainian users, generally within windows that only last a few hours.”
Add to this a constant barrage of Denial of Service (DDoS) attacks, distortion Websites, massive data leaks, against ministries, companies or the media, particularly by groups of hacking activists on both sides, particularly by pro-Ukraine groups like Anonymous. »
When Estonia experienced the world’s first electronic war, in 2007
However, there is still a fear of “Cyber Pearl Harbor”, especially since it has been more than fifteen years since Russia has been suspected of sharpening its weapons in terms of cyberattacks against neighboring countries. Thus Estonia suffered one of the first cyberwars in history, in 2007, in the wake of the country’s tensions with Russian society, linked to the removal of the “Bronze Statue” in Tallinn, a statue of a Russian soldier in World War II.
The country initially suffered a first wave of cyber attacks, which were pure denial of service, targeting government websites, banks and the media. Then there was a second great wave, emanating from about 60 countries. For about a month, websites were inundated in this way, forcing it to shut down or cut off its international connection.
“This attack on Estonia was a striking element, because it was the first nationwide cyber attack,” recalls Kristin Samandel. And not just any country since Estonia, upon the fall of the Soviet Union in 1991, has relied on the work of its institutions on new technologies. In this “electronic republic”, almost 100% of administrative services have been digitized, and access to the Internet has been a right enshrined in the Constitution since 2000. “There was a desire to paralyze and destabilize the country. On the other hand, the difficulty of this kind of The attack is in the formal identification of its author, especially when it comes to a country that can operate from other regions.
Subsequently, Georgia also suffered from a cyber attack in 2008 at the time of the conflict with the separatists, and finally Ukraine, from 2014. At the end of December 2015, cyber attacks were launched on the Ukrainian power grid, causing blackouts and depriving about 220, 000 residents of electricity. However, Internet experts concluded that the damage could have been much worse, and that it was a show of force.
“A cyber attack on a Western country would be a big mistake.”
Another fear today is that Russia will launch a massive offensive against one or more Western countries. The US also claims that it recently thwarted an attempted Russian cyber attack against US and European infrastructure. However, “launching a cyberattack on a Western country would be a huge mistake and would not be in the interest of Russia, because the entire international community would react,” Kristine Samandil puts into perspective, noting that in the event of a cyberattack, if it happens it is attributed and proven to be out of State, “Self-defense in cyberspace is permitted as long as it is relative.”
Alexis Rapin also believes that there is “little risk of seeing critical infrastructure or strategic entities targeted at this point, it could present a serious risk of escalation, and at first glance, Russia’s interest is for Western countries to feel [peu] involved in the conflict. »
A “real danger” against Western companies
On the other hand, he believes, there is “a real risk hovering against Western companies, with the idea of saying: ‘You want to hurt us financially with your sanctions, we will change our way.’ We can also imagine that Russia wants to punish Western companies that have boycotted or halted their activities in Russia.” »
One of the main uses of the Internet in the context of armed conflict remains espionage and surveillance To spy on enemy communications and monitor troop movements, “the Internet obviously retains all its usefulness in conflict” from this point of view, Alexis Rabin asserts.