🚗 🚙 Turn your trusty old car into trustworthy journalism Learn more
Before Russia’s land invasion of Ukraine came the cyberattacks
Feb 25, 2022

Before Russia’s land invasion of Ukraine came the cyberattacks

Cybersecurity experts say Russia disrupted Ukrainian government websites before Thursday's invasion.

On Thursday, President Joe Biden announced new sanctions on Russia as punishment for the invasion and ongoing bombardment of Ukraine. The sanctions target the Russian economy and individuals who Biden said benefit from the Kremlin’s policies.

But before attacks on cities across Ukraine, cybersecurity experts say Russia disrupted or took offline Ukrainian government websites and other critical infrastructure.

These new sanctions are significant but come with a risk that Russia will retaliate with cyberattacks against the United States, said Dmitri Alperovitch, executive chairman of Silverado Policy Accelerator, a geopolitical think tank. The following is a transcript of his conversation with Marketplace’s Kimberly Adams.

Dmitri Alperovitch: President Biden was sending a message to Putin not to launch cyberattacks against us, that we’re prepared for it, that there will be retaliations for it. He wasn’t specific about what they may be, and when you look at the sanctions package, it is quite extensive. They’re targeting major financial institutions. They’re prohibiting exports of semiconductors and a range of other high-tech technologies to Russia. This will be a very severe impact to the Russian economy. So it’s not clear to me what else Vladimir Putin is going to be afraid of if he chooses to retaliate against the sanctions package with cyberattacks.

Kimberly Adams: What might those cyberattacks look like if he does take that route?

Alperovitch: Well, given that most of the sanctions are in the economic sphere, he may very well decide to retaliate reciprocally and target our financial systems, trying to go after, for example, our market settlement systems that settle stock trades on our stock exchanges. They can try to go after the [Federal Reserve] wire system that’s responsible for the wire transfers across banks. They won’t be able to have a permanent shutdown of those systems, but they can have intermittent disruptions that can last for some hours, maybe even days.

Adams: How much of a role does this cyber component play in modern warfare?

Alperovitch: Well, cyber now provides a great asymmetric weapon where you can reach far across the ocean and touch someone and attempt to destroy their network, have an economic impact on their country. So Russia has used that extensively, really over the last 35 years, when they started developing this technology back in the mid-’80s and has really perfected it as a coercion tool on many battlefields, including in Ukraine and in other countries as well.

Adams: And how resilient is Ukraine to any additional cyberattacks as this conflict continues?

Alperovitch: You know, I think when it comes to Ukraine, unfortunately, cyber is going to be the least of their concerns when they’re facing this onslaught of military assaults, and, you know, potential for decapitation of the government that the U.S. intelligence community is so afraid of. I don’t think that they’re going to be too worried about any cyber effects at the moment, given just the complete assault from all sides that their country is experiencing right now.

Adams: What about Ukraine’s allies in Europe? How much of a risk is there to their systems that these cyberattacks from Russia might affect their operations?

Alperovitch: Well, if the Russians decide to target Europe, just like they may do so against us, the Europeans are going to be very, very vulnerable to those types of attacks. They have their own, obviously, large banks and financial systems that could be targeted by the Russians. And the Russians may very well decide that they will first hit Europe in this escalation move before they go against the United States.

Adams: What resiliency measures are governments and private businesses taking in advance of this?

Alperovitch: Well, the U.S. government has been working with the private sector for a number of weeks now on this initiative that they’re calling “Shields Up,” letting the private sector know that they should be on alert, that they should be really on a maximum stage of alert, looking for any potential attacks on their networks and responding to it quickly. They provided them with some intelligence on what the Russians have done in the past that could be useful in looking for additional indicators on networks in order to respond to any potential new intrusions.

Related links: More insight from Kimberly Adams

Alperovitch mentioned the Shields Up program, where the federal government has been trying to get everyone ready for potential cyberattacks. You can learn more about it here.

We touched on this a bit here on “Marketplace Tech” back in October, when the Cybersecurity and Infrastructure Security Agency, or CISA, was warning of cyberthreats to local water and wastewater systems.

On the Shields Up page, CISA says “there are not currently any specific credible threats to the U.S. homeland,” but that the agency is “mindful” that Russia could consider escalating things. 

You can also check out Politico’s Nightly newsletter, which has a breakdown of some of the cyberattacks leveled at the Ukrainian government ahead of the Russian invasion. And Fortune has a story exploring just how much of a risk there is for a Russian cyberattack on Ukraine’s allies.

One thing the piece points out is that NATO has maintained for some time now that a cyberattack on a country could be, according to NATO “as harmful to modern societies as a conventional attack.” But NATO seemed to dial back that 2014 statement with a communique last year, saying “significant malicious cumulative cyber activities might, in certain circumstances, be considered as amounting to an armed attack.”

Because remember, under Article 5 of NATO’s founding treaty, if one NATO ally is attacked, it’s considered an attack on everyone. (Here’s a Defense One article with more on that.) Even so, NATO maintains cybersecurity is a “core task of collective defence” and that Allies will determine when a cyberattack would trigger Article 5 “on a case-by-case basis.”

The future of this podcast starts with you.

Every day, the “Marketplace Tech” team demystifies the digital economy with stories that explore more than just Big Tech. We’re committed to covering topics that matter to you and the world around us, diving deep into how technology intersects with climate change, inequity, and disinformation.

As part of a nonprofit newsroom, we’re counting on listeners like you to keep this public service paywall-free and available to all.

Support “Marketplace Tech” in any amount today and become a partner in our mission.

The team

Daniel Shin Producer
Jesús Alvarado Associate Producer