Why hasn't Russia unleashed a cyber attack on Ukraine?

That the fragile cease-fire in Ukraine collapsed in the first dark hours of July should not surprise observers; Russia has pursued low-level cyber hostilities against Kiev nearly since the onset of the crisis, and certainly during the recent short-lived peace offensive. Nor should we be startled by reports that cyber warriors sought to sabotage May's presidential election in Ukraine with bogus vote tallies and came close to gifting far-right, pro-Moscow candidate Dmytro Yarosh with 37 percent when he really got less than 1 percent.

More instructive is the fact that the Kremlin has not upped the stakes with an overt cyber-attack on Ukraine's critical infrastructure.

An assault that cripples Kiev's military command and control, civilian fiscal and energy systems, even air traffic control and broadcasting is believed feasible, but remains tucked away, unexploited, in a sealed folder on a Russian general's desk. That speaks volumes about the unpredictability of cyber weapons. The effects of their first use in an all-out offensive are highly debatable.

Low-level cyber skirmishes occur all the time, not only between hostile powers but putative allies, governments and private operators, and nonaligned hacktivists. Besides the reported tries at election tampering, the Russia-Ukraine conflict featured crude distributed denial-of-service (DDoS) attacks on state websites by both sides in the run-up to the March referendum on the fate of Crimea. Propaganda in digital social media is another form of cyber weapon, and the Russians have certainly uncorked that too. But the genie of full-on cyber assault remains firmly in its bottle.

Why? Some suggest cyber conflict might present a less costly and less violent means of settling international scores compared to conventional, kinetic warfare.

But wiser heads - and there are plenty in the Kremlin - know a brazen cyber attack would open a Pandora's Box of unknown outcomes.

When the world was introduced to nuclear weapons in 1945, it was with immediate awful proof of their power, in Hiroshima and Nagasaki. The initial examples were cautionary; the terrible outcomes, all too well understood. With relative speed the world's nuclear powers drew up protocols and norms, individually and jointly, which effectively prevented sequels.

Today's military strategists approach cyber weapons from the opposite end of the comprehension spectrum. There is so much we don't know, and no analogue to Hiroshima to serve as a case study.

Far from presenting a less pestilential alternative to conventional war, a cyber attack on Ukraine could well escalate into one. Every government must consider how it would respond to a cyber assault that paralyzes transit, empties citizen bank accounts, disables credit cards, locks down oil refineries, or knocks out the power grid. If that happened to the United States and a culprit was firmly identified, would a retaliatory military strike be on the president's menu of options? Of course. And it would be tempting.

Russian hacker charged in $100 million cyber scheme

Another concern: metaphorically speaking, serious cyber weapons may be unguided missiles. Their trajectories and knock-on effects cannot be plotted with certainty; at this high, ominous level there is too little instructive data. But in our densely connected digital world it is perfectly plausible to think a targeted attack on a Ukrainian bank might accidentally darken ATMs along the Volga back in Moscow.

No matter their effect, a first use of cyber weapons would almost certainly make other powers less leery about using them. Abolishing the current taboo is also something to worry about. Undoubtedly Russia hesitates to be the first power to go after an enemy's key assets, including civilian assets, with keystrokes and mouse clicks, in part for fear of who might go second.

Finally, a frontal cyber attack by Russia, the introductory Hiroshima of the cyber warfare era, would present revealing data about the extent of Russia's cyber capabilities - in all likelihood, more than it cares to share. It is the view of Western intelligence services that Russia has pre-planted sleeping malware deep within the computer networks of its adversaries, ready to spark mayhem upon remote activation; that methodology is thought to be behind the May election shenanigans. But beyond that its capabilities are hard to quantify. There is strategic advantage in keeping the rest of the world guessing; actually using the weapons would end a lot of guesswork.

We are amid a risky and uncertain period. Any number of nations large and small, and many more private proxies or stateless troublemakers, can be formidable cyber powers; the technology is a great equalizer. The increasing commonality of cyber weapons suggests they will more frequently be brandished. The more common the attack capability grows, the greater the chance that some capable rogue will not appreciate the virtues of restraint.

For the time being Russia, though linked to less sophisticated cyber 'hack attacks" on Estonia in 2007 and Georgia in 2008, and now more of the same in Ukraine, has kept serious cyber weapons off the chessboard. We, and the Ukrainians, may be glad Moscow apparently judges their perils outweigh their advantages. But that judgment may not last long; we are after all living through the fierce dawn of the cyber era, and what it holds remains a puzzle.

Dr. Jarno Limnéll is Director of Cyber Security for McAfee, a division of Intel Security, and holds a Doctor of Military Science degree from Finland's National Defense University. He can be followed on twitter at @JarnoLim.

f

We and our partners use cookies to understand how you use our site, improve your experience and serve you personalized content and advertising. Read about how we use cookies in our cookie policy and how you can control them by clicking Manage Settings. By continuing to use this site, you accept these cookies.