The new front line of Russia’s covert offensive is the allied nations.
Vladimir Putin has frequently criticized the West for fighting a “proxy” war in Ukraine by giving Kyiv the tools and training to resist against Russian forces.
But even as the president of Russia persuades himself that he is the one who is hurt, the Kremlin has been conducting its own covert conflict with Europe and its allies.
Russian-based cyberattacks on NATO members and their allies have increased recently, requiring both the public and private sectors to strengthen their defenses.
According to Pierre-Yves Jolivet, a senior cyber security executive at French defense firm Thales, who saw a major uptick in attacks at the end of last year, “Europe was dragged into a high-intensity hybrid cyber-war at a turning point in the conflict.”
According to Thales, there were 85 cyber conflict-related occurrences in EU nations last summer. Its researchers observed 86 cyber incidents in Ukraine alone within the same time frame.
According to Nicolas Quintin, a Thales cyber security analyst, “attacks have been occurring across Europe since May 2022.
“As soon as a country takes an action, like arming Ukraine or condemning Russia for its activities, they react right away and in a highly organized way.
“The Russians wanted to send the message that supporting Ukraine and blaming Russia for the invasion would have negative repercussions.”
NATO TARGETED
The front line of Russia’s new digital onslaught has been the Baltic countries, which are located on NATO’s northern border.
Since Russia’s invasion of Ukraine, according to Margus Noormaa, director general of Estonia’s national cyber security agency, his nation has “practically been in a cyber war” with Russia. Attacks against Estonia’s digital infrastructure “occur almost every day or week,” according to the report.
Attacks have evolved with time, according to Märt Hiietamm, head of the agency’s analysis and prevention division.
Hiietamm distinguishes between the military hacking units of Russia and what he refers to as “the students for hire” by saying, “This is from the people with the more professional stuff.” These are often young, technically proficient civilians who wish to infiltrate Western companies for espionage in order to make quick money.
Midway through March, the Centre for Cyber Security (CFCS) of Denmark warned that “pro-Russian groups” had been ratcheting up cyberattacks “in Denmark and the West” and had increased the country’s cyberthreat level from medium to high.
“Pro-Russian cyber activists carry out numerous attacks against varying targets that they select from a broad selection of NATO members. In the context of continued increased tensions between Russia and the West,” said CFCS in a statement.
According to industry sources, there has also been a noticeable rise in the frequency of covert Russian attempts to hack into computer networks for espionage.
Major institutions in Britain have recently been the targets of a number of high-profile cyberattacks. Particularly notable delays in Royal Mail’s foreign deliveries were caused by the ransomware gang Lockbit, which has ties to Russia.
According to Tony Adams, a senior researcher with the cyber security firm Secureworks, “We have seen indiscriminate pro-Russian hacktivism intended to cause trouble for organizations in Western nations that have publicly supported Ukraine, but we don’t consider those to be directed by the Russian state in any meaningful sense.
RUSSIAN CYBERWARFARE
Russian state-directed cyber operations have continued to concentrate on two objectives: interfering with essential services in Ukraine and spying on state-relevant companies.
In Russia, it is infamously challenging to distinguish between attacks that are and are not state-sponsored.
It was discovered last month that NTC Vulkan, a civilian Russian cyber security consultancy, has been educating Russia’s top cyber soldiers.
A number of documents that were published showed how the corporation had set up training grounds where personnel of the GRU intelligence agency’s Unit 74455, also known as Sandworm in some Western circles, could practice hacking fictitious electrical networks and even railroads in order to derail or crash trains.
The incident shows how blurred the lines are in Putin’s Russia between the public, private, and criminal spheres.
Putin is betting that these kinds of digital offensives won’t elicit the same type of response as military power might, so Moscow is ratcheting up its cyberattacks.
Earlier this month, James Babbage, the leader of Britain’s National Cyber Force, told the Economist that “cyberspace is more escalation tolerant than people tend to assume.”
It appears that Russia has come to the same conclusion and is using the rise in tolerance for its own purposes.
However, the recent strikes have prompted senior military authorities in the West to demand more digital weapons to protect the continent.
While conventional military force is necessary, according to Nato Secretary-General Jens Stoltenberg, “they are not enough.”
“Our first line of defense is strong economies and society. Therefore, Stoltenberg added, “We must secure our supply chains, essential infrastructure, and cyberspace.
The relative success of Russia’s cyberattacks has inspired copycats.
“I would say it’s primarily driven by the Russians but I think there is more awareness now – and some attacks have their origins from other states,” Estonia’s Hiietamm says.
But the Russian menace continues to dominate Western thinking. Russia’s cyber warriors are getting more confident and unafraid to attack NATO allies. The digital ramparts’ reinforcement is currently a major priority.