In the tenth episode of The Cybersecurity and Geopolitical Podcast from Security magazine, Ian Thornton-Trump, Chief Information Security Officer (CISO) at Cyjax, and Philip Ingram, CEO of Grey Hare Media, take a close look at the Russian invasion of Ukraine through the lens of conflict in the Middle East.
“If we want to see what’s going on in the Ukraine and the Russian conflict, we only need to look back at what has transpired between the various players in the Middle East,” said Thornton-Trump. From determining Russia’s current trajectory in Ukraine via the nation’s playbook in Syria to comparing the root of Russia’s border aggression, the security leaders draw parallels between the invasion and previous events in the Middle Eastern region.
The cyber aspect of the Russian invasion of Ukraine has been minimal compared to industry expectations, with many of the high-profile cyberattacks occurring ahead of the physical invasion.
“I think the thing that really struck me is when the mainstream media and the infosec media have been proclaiming that what is going on in the Ukraine from a physical war and a cyber war is unprecedented, and I wanted to destroy that myth,” said Thornton-Trump.
Thornton-Trump and Ingram point to the amplification of the cyber narrative throughout the press, cyber industry and security vendors, which Ingram points out have a stake in covering the potential of a cybersecurity event related to the conflict.
Learning from the Stuxnet virus
Despite this coverage, the invasion has progressed primarily on the ground, and the predictions of wide-scale cyber warfare have yet to come to fruition. Ingram notes the reasons for this development, saying that the lack of a controllable cyber weapon could have hindered cyber warfare.
He evokes the example of the Stuxnet virus, which originally targeted Iranian nuclear facilities and then spread to other industrial and energy organizations. Despite the virus not being created to spread through the internet, Stuxnet still reached unintended targets.
Sovereignty and border conflicts
Security professionals looking into the nature of the Russian invasion of Ukraine can find it reflected in conflicts in the Middle East as well. Ingram touches on the imperialist destruction of previous areas in the Middle East as borders were drawn in London and Paris, creating disputed territory and instability in the region.
Ukraine’s history includes occupation by various entities, and Russian leader Vladimir Putin’s assertion that Ukraine is not a sovereign nation connects to its previous inclusion in the Soviet Union. According to Ingram, the cultural, land and religious boundaries that were erased in the external creation of borders in the Middle East draws parallels to the complex cultural and linguistic situation involved in Ukraine, where many citizens have Russian family members and speak the language as well.
Ukraine invasion mirrors Russia’s Syria playbook
Ingram points out that the last conflict experience engaged in by Russia was in Syria, where Russia “reduced everything to rubble,” according to Thornton-Trump. The two security leaders see this happening in Ukraine as well.
“Putin, I think, expected to have the Ukrainian government toppled in 5-7 days,” said Ingram, but that goal didn’t materialize. “His next step is to do what he has done elsewhere, and that’s to start reducing everything to rubble. And the steps after that are even more dangerous because it’s chemical and potentially nuclear. That’s how he played it out in the Middle East.”
From a cybersecurity stance, the Russia-Ukraine conflict also mirrors Russia’s cyber usage in the Middle East. The cyberattacks launched since the conflict began have been mostly unsuccessful Distributed Denial of Service (DDoS) attacks, according to Ingram, in addition to the wiper malware discovered by SentinelOne and Microsoft.
The pair continues to discuss the conflict, drawing from Iran’s nuclear history with sanctions and covering China’s perspective on the Russian invasion of Ukraine. Listen to the full episode above or watch the video version via this link!