Support 100 years of independent journalism.

  1. Spotlight
  2. Cyber
3 May 2022

Why Ukraine has stayed online

The conflict has shown that conventional forces are still the primary factor in war.

By Jonny Ball

In November last year, as Russian troops gathered on Ukraine’s  border, Prime Minister Boris Johnson told MPs on the defence select committee that “the old concepts of fighting big tank battles on the European land mass are over”.

“There are other, better things we should be investing in” besides tanks, said Johnson. “The future combat air system, cyber, this is how warfare in the future is going to be.”

The Prime Minister faced a heated grilling from skeptical members of his own party, including the committee chair Tobias Ellwood. He asked Johnson to “reconsider” cuts to conventional forces on land, sea and air. “What’s amassing right now on the Ukrainian border?”, asked the former soldier, before immediately answering his rhetorical question – “it’s tanks”.

The Integrated Review published by the Ministry of Defence in March last year promised a “modernisation programme that embraces the newer domains of cyber and space”. The number of British Army troops was to be cut to 10,000 below its current “established strength”, alongside reductions in previously planned fighter jets and Royal Navy ships. A National Cyber Force was announced, with headquarters in the North of England. Cyber was, said the PM, “revolutionising the way we live our lives and fight our wars, just as air power did one hundred years ago”.

Not even a year later,  Russia is conducting a decidedly old-fashioned invasion of Ukraine on a scale not seen in  Europe since the end of the Second World War, involving tens of thousands of ground troops and heavy artillery.

At the outset of the invasion, some predicted an unprecedented conflict in cyberspace. Russia’s capacities for cyber warfare were known to be extremely sophisticated. The Kremlin had already proven itself an aggressive actor, particularly against its neighbour in Kyiv after the 2014 Maidan protests toppled the pro-Russian government of Victor Yanukovych. In 2015 in Western Ukraine, unidentified hackers became the first to successfully conduct a confirmed shutdown of a power grid by hacking. Ukraine’s government immediately pointed the finger at Moscow.

Just a year later, a malware attack took down power in the Ukrainian capital — again, blame was quickly apportioned to shady groups affiliated with the Russian security services. The Kremlin issued strenuous denials. In 2017, the NotPetya ransomware attack targeted the National Bank of Ukraine and several other companies internationally (although 80 per cent of those affected were in Ukraine). Immediately prior to Russia’s invasion, Ukrainian government websites were defaced with crossed-out yellow and blue standards warning visitors to “be afraid and expect worse”.

Content from our partners
The cost-of-living crisis is hitting small businesses – Liz Truss must act
How industry is key for net zero
How to ensure net zero brings good growth and green jobs

But despite the long history of cyber operations conducted against Kyiv since it tried to exit Moscow’s post-Soviet sphere of influence, throughout the current conflict the country has remained online. Energy grids are functioning well. Communications have not broken down (at least on the Ukrainian side). And critical national infrastructure such as public transport has remained relatively unscathed.

“This is a bit of a dose of realism about the reality of cyber operations”, says Jamie MacColl, a research fellow on cyber threats and cyber security at the Royal United Services Institute, a defence think tank. “They do have effects, they do have a place. But they’re not a decisive capability. They are hard to use, they take a lot of planning, and they require a lot of resources.”

All has not been completely quiet on the cyber front, however.  Several attacks against companies and organisations in Ukraine have been reported since the conflict began, including one malware attack coinciding with the start of the invasion against Ukrainian customers of Viastat, a US provider of satellite broadband services. Other attacks have reportedly been thwarted with the help of the US and its allies – the United States Agency for International Development has pledged investment worth $38m for building Ukraine’s cyber operations since 2020.

The embattled nation also boasts its own sizeable tech sector which has pitched in with the war effort. According to Radio Free Europe, various hacktivist groups act as the Ukrainian opposites of infamous Russian-linked hackers such as Fancy Bear, Tsar Team and Grizzly Steppe. Ukrainian groups RUH8, Falcons Flame and CyberHunta (together known as the Ukrainian Cyber Alliance) use data leaks and website defacement campaigns to undermine the Kremlin and its military campaigns.

“I think in some quarters it was severely overestimated what kind of things you can do with offensive cyber operations”, MacColl tells Spotlight. “It is extremely difficult to shut off a national power grid. The cyberattacks that Russia conducted against a very small part of Ukraine’s electricity system in 2015 and 2016 required something like thirty months of planning, and they were only able to turn the power off for a few hours. So the assumptions about those kinds of capabilities have always been slightly overestimated.”

The website defacements that Russia conducted just before the war “aren’t very effective”, he says. “They’re sort of an irritant, but they don’t have much value beyond that.”

Another area in which Russia has struggled to make an impact is in the information war. Prior to the invasion, as well as using cyber attacks and leaks against those opposed to their agenda, Russian bot and troll farms were engaged in promoting pro-Kremlin content online. The extent of the influence of such operations is hotly debated, but Russia’s sway over public opinion in the West on the Ukraine invasion is virtually nil.

“I’d say that’s because of the nature of the war”, says Dr Joanna Szostek, a lecturer in political communication at the University of Glasgow and an expert in Russian disinformation in digital and social media. “I was surprised [when they invaded Ukraine] because in the past it looked like Russia valued plausible deniability. Even if many of us considered it implausible deniability, there was at least some space for them to plausibly deny what they were up to, whereas [in this current war], there’s just no space for deniability at all.”

This is a far cry from when the ‘little green men’ who appeared on the Crimean peninsula in 2014 could be waved away and claimed as local separatists. Or when post-facto referenda could be organised to ratify the secession of breakaway republics.

“All wars have their own unique dynamics”, MacColl says. “The dynamic of this war has very much been set by the complete absence of planning and preparation on the Russian side.” With better planning and preparation, he adds, things could be different. Online disinformation and cyber operations could constitute a major element of the conflict, inflicting serious damage on populations and on countries’ ability to defend themselves.

But this war has served as an ugly reminder to many that conventional military threats have not disappeared. Boosting cyber capabilities to the detriment of conventional forces is, Tobias Ellwood told MPs last year, “a bit like saying, fine, I’ve managed to get my computer with all the software on it, I’m completely protected. But I forgot to lock the front door.”

[See also: The Online Safety Bill has created a free speech culture war]

Select and enter your email address Quick and essential guide to domestic and global politics from the New Statesman's politics team. A weekly newsletter helping you fit together the pieces of the global economic slowdown. The New Statesman’s global affairs newsletter, every Monday and Friday. The best of the New Statesman, delivered to your inbox every weekday morning. The New Statesman’s weekly environment email on the politics, business and culture of the climate and nature crises - in your inbox every Thursday. Our weekly culture newsletter – from books and art to pop culture and memes – sent every Friday. A weekly round-up of some of the best articles featured in the most recent issue of the New Statesman, sent each Saturday. A newsletter showcasing the finest writing from the ideas section and the NS archive, covering political ideas, philosophy, criticism and intellectual history - sent every Wednesday. Sign up to receive information regarding NS events, subscription offers & product updates.
  • Administration / Office
  • Arts and Culture
  • Board Member
  • Business / Corporate Services
  • Client / Customer Services
  • Communications
  • Construction, Works, Engineering
  • Education, Curriculum and Teaching
  • Environment, Conservation and NRM
  • Facility / Grounds Management and Maintenance
  • Finance Management
  • Health - Medical and Nursing Management
  • HR, Training and Organisational Development
  • Information and Communications Technology
  • Information Services, Statistics, Records, Archives
  • Infrastructure Management - Transport, Utilities
  • Legal Officers and Practitioners
  • Librarians and Library Management
  • Management
  • Marketing
  • OH&S, Risk Management
  • Operations Management
  • Planning, Policy, Strategy
  • Printing, Design, Publishing, Web
  • Projects, Programs and Advisors
  • Property, Assets and Fleet Management
  • Public Relations and Media
  • Purchasing and Procurement
  • Quality Management
  • Science and Technical Research and Development
  • Security and Law Enforcement
  • Service Delivery
  • Sport and Recreation
  • Travel, Accommodation, Tourism
  • Wellbeing, Community / Social Services
I consent to New Statesman Media Group collecting my details provided via this form in accordance with the Privacy Policy
THANK YOU

Topics in this article: