In the run-up to MSC23, the cyber security conference is all about the Ukraine war. The cyber war is not yet escalating, but it is likely to continue.
One year after the start of the Russian war of aggression, experts at the Munich Cyber Security Conference (MCSC) concluded that the expected major cyber war seems almost insignificant compared to bombing and shelling. However, former Estonian President Kersti Kaljulaid warned that cyberattacks by the big neighbor will outlast a peace deal for a very long time.
Immediately before the start of the Munich Security Conference , the Security Network Munich invited to the 10th Munich Cyber Security Conference. The topic of networks, software and new technologies such as AI has taken up more and more space at the “Wehrtag” in recent years.
No entry into the great cyber war
Contrary to expectations, scenarios such as a “cyber pearl harbor” or a “cyber 9/11” have not materialized a year after the invasion by Russia, said Mieke Eoyang, Deputy Assistant Secretary of Defense for Cyber Policy at the US Department of Defense. The wiper attack on Viasat parallel to the invasion disrupted Ukraine’s communications and – along with the element of surprise – brought Russia to the gates of Kiev, CrowdStrike founder Dmitri Alperovitch said. But that was not the start of the feared major cyber war.
Google’s threat intelligence arm Mandiant documents a wave of wiper attacks combined with disinformation campaigns in a recent report . According to Mandiant Vice President Sandra Joyce, Russia had been entrenched in the Ukrainian networks for several years. But the attacks have decreased with the move of Ukrainian critical infrastructure to the cloud. The cybercrime scene in Russia has also changed significantly as a result of the war, because some groups now also see Russia as a target and others have fled to other neighboring countries before the Russian army could invade.
Military Engineering 1.0 versus Team West
According to experts, one of the lessons of the Ukraine war is that the cyber weapon, which has been elevated to the fifth domain of modern warfare, is not so effective in isolation. Rather, cyber warfare is part of an overall strategy, for example as software support for weapon systems or aircraft. However, this is exactly where Russia revealed clear deficits, Alperovitch judged. The old superpower relies on traditional material.
Ukraine, on the other hand, benefited not only from a stream of arms deliveries, but also from IT hardware deliveries. Tech companies from Amazon and Google to Starlink enabled the rapid relocation and hardening of their own services and communications.
Kemba Walden, the US President’s National Cyber Director, referred to the passing on of information on cyber attacks and disinformation campaigns to Ukraine as an important contribution by the US administration in what was initially also seen as an unequal area in the cyber domain. Sharing such intelligence information marks a change in the US administration’s philosophy, the US representative underscored.
Walden acknowledged that Ukrainian President Volodymyr Zelenskyy masterfully used this information to get ahead of the wave of Russian disinformation. Selenskyj provided a taste of this at the security conference on Friday with his video contribution about “David on the Dnipro” .
Pilgrimages to Kyiv
EU Vice-President Margaritis Schinas called the Ukrainians’ demonstrated resilience impressive in an MSC panel on hybrid warfare. The first major cyber war was also expected in Brussels after the attack on Viasat.
That didn’t happen because the Ukrainians stubbornly and sometimes quite unorthodoxly, but above all quickly organized the protection of their networks. “If there is peace, we will see a lot of people making pilgrimages to Kiev,” said Schinas, wanting to learn from the experience. He calls the unbroken resistance in Kiev a model for success.
One conclusion of the EU Commission is the permanent establishment of a “solidarity platform”. This is intended to bring together European “cyber rangers” in order to quickly rush to the aid of the respective country in comparable crisis situations.
Silent war against Moldova
The Republic of Moldova already needs such rangers today. According to a report by the Moldovan Interior Minister Ana Revenco at the MSC, her country is being hit with massive attacks and drone flights near the borders have been put on alert.
There are false bomb alerts weekly, Revenco said, forcing them to close schools or airports. According to Revenco, the population is being unsettled with false summonses to court in their mailboxes and there are disinformation campaigns accusing the current government of being incompetent in the face of the current crises. Politicians who have been voted out organize protest marches. All of this serves to disavow the elected pro-Europe government, to divide the population and to fuel the conflict in Transnistria.
Transnistria, which lies along the border with Ukraine, declared its independence in 1992, but is still part of Moldova under international law. If Moscow could absorb Transnistria or all of Moldova – and Revenco is certain that Ukraine’s small neighbor is just one of several targets in the region – Russia could create a “bridgehead” into Ukraine. For the battered country that would mean a third front. Moldova has been an EU accession candidate since the middle of last year.
As its former President Kersti Kaljulaid explained in Munich, Estonia is also the target of constant cyber attacks. According to Kaljulaid, the Baltic country is defending itself, among other things, with a campaign in which the cyber security authority visits companies directly to detect weak points in their networks. Even before the war, Estonia increased its cybersecurity budget, Kaljulaid said. The country had also proposed a clause requiring NATO countries to spend a minimum percentage of their gross domestic product on cybersecurity, similar to the 2% defense budget target.
According to Kaljulaid, such proposals are not necessarily popular because there are no ribbons to be cut. However, she considers such investments to be essential. “These attacks will continue or even increase even after the end of the war,” she estimates.
