Security magazine presents the latest episode of The Cybersecurity and Geopolitical Podcast — Russia: The Global Protagonist. Ian Thornton-Trump, Chief Information Security Officer (CISO) at Cyjax and Gareth Corfield, Security and Legal Correspondent at The Register, review the current conflict between Russia and Ukraine and discuss the ongoing “cyber war” in the region.
This entertaining and illuminating episode spotlights the latest challenges and intriguing flashpoints within the cybersecurity and geopolitical landscape for enterprise security and risk professionals.
Ian Thornton-Trump and Gareth Corfield begin their deep dive into the cyber and potentially physical conflict between Russia and Ukraine with an overview of recent Russian cyberattacks, such as those in Georgia and Syria. In the past, international officials have wavered on whether or not the Russian state sponsored cyberattacks, or merely allowed them to occur. According to Corfield, the current cyber threat landscape clears up this question: “These are Russian state actors carrying out operations directed by the Russian state for the Russian state’s advantage," he says.
The cyberattacks on the Ukraine have garnered attention on an international scale as cyber actors turn off the lights across the country via hacking. Thornton-Trump and Corfield detail the recent history of Russian cyberattacks, including the NotPetya malware, which originally targeted Ukraine and spread around the world. The NotPetya attack shows a relative lack of Western response, which teaches Russia that they can continue with cyberattacks, according to Corfield. Thornton-Trump continues, “Supply chain attacks all of a sudden got sexy post-Solarwinds, but supply chain attacks have been part of the textbook military operations and were responsible for launching NotPetya.” Ukraine has been the target of cyberattacks for years, according to Thornton-Trump. "They have been living under ‘cyber war’ since 2014, if not earlier,” he says.
With 100,000 troops on one Ukrainian border and an unspecified amount of Russian and Belarusian troops on another, security officials around the world are watching to see whether or not the “cyber war” will evolve into a physical one. “Interestingly enough, the folks on the ground don’t believe, or at least the government of Ukraine doesn’t believe, that war is imminent,” says Thornton-Trump. That contrasts greatly with the media coverage within the United States and United Kingdom. Corfield and Thornton-Trump discuss the likelihood of further armed conflict in the region, determining whether escalating cyberattacks are preceding physical action.
The recent WhisperGate wiper malware used against numerous government organizations in Ukraine was deployed under the guise of being ransomware: a way of testing the waters. Having been linked to Belarus, it is also clear that Russia is not yet ready to give up its attempts at plausible deniability, according to Corfield.
Thornton-Trump and Corfield discuss the possibilities of Western involvement — can another country really turn the lights off in civilian areas in retaliation for any Russian offensive against Ukraine? Putin’s cyber forces have proven themselves willing to disregard the wellbeing of other countries’ citizens, but as Corfield notes, the current geopolitical climate could preclude large-scale involvement from the United Kingdom or United States.