Russia is developing and testing military grade Cyber
War weapons on real targets, and finding out what works and what needs
improvement. The problems with this is that most of the testing is
conducted on weaker neighbors Russia is not getting along with.
For
example in late 2015 a large part of western Ukraine suffered a power
blackout. Some 1.4 million homes and businesses went dark for several
hours because of a computer virus (BlackEnergy) believed to be Russian
and deliberately deployed against Ukraine to disrupt a power plants and
the electrical distribution system. From the beginning Ukraine suspected
that this was a Cyber War attack that was carried out by Russia as it
was the kind of attack that had no monetary reward but was the sort of
thing one nation would use on an enemy in wartime. Russia denied any
involvement but the Russians always say that even when there is a pile
of evidence proving otherwise.
NATO Cyber War advisers immediately went to work helping Ukraine
sort out how the attack was carried out and how to protect against
future attacks. The investigation concluded that the attacker had first
got access to the networks of three small energy companies using
spear-fishing attacks (official looking emails that had an attachment
which, when opened, secretly installed software that gave the attackers
access to the company network.) After that several other specialized
bits of malware (hacker software) were used to map the compromised
networks and then carry out crippling attacks. NATO Cyber War
investigators found clear evidence of a professional style attack on the
energy company networks including careful reconnaissance of the target
network to see what items had to be disabled to cause the most damage.
The NATO experts gave Ukraine a long list of changes that would have to
be made to government and corporate networks associated with all utility
(power, water, and so on) and industrial networks.
The forerunner of this Ukraine attacks hit tiny Estonia (population
1.3 million) as early as 2007. In response Estonia, a member of NATO,
made a lot of changes and in 2015 formed a Cyber War militia. All this
because Russia keeps threatening another major Cyber War offensive.
Despite its small size Estonia is the most technically advanced (on a
per-capita basis) nation in East Europe and was able to recruit several
hundred skilled volunteers who are hard at work pooling their knowledge
and skills to better handle more Cyber War aggression from Russia.
Ukraine, despite being the largest East European nation is much less
well prepared form another Russian Cyber War attack.
Estonia borders Russia and is a member of NATO. That last bit makes
Russia reluctant to come in with tanks to take over like they did twice
in the 1940s. Instead Russia made a major effort to crush Estonia via
major Internet based attacks in 2007. Estonia survived that “invasion”
but admitted that this sort of Russian aggression caused great financial
damage. In the wake of these Russian Cyber War attacks Estonia demanded
that the UN and NATO declare this sort of thing terrorism and dealt
with accordingly. NATO tried to be helpful, but that wasn’t enough. The
UN was even less helpful as the UN has a hard time getting anything done
when Russia is involved because Russia is one of the handful of
founding members that has a veto over such decisions.
NATO did make an effort and in 2008 established a Cyber Defense
Center in Estonia. This was the most tangible NATO response to Estonian
calls for NATO to declare Cyber War on Russia. NATO agreed to discuss
the issue but never took any action against Russia. The Cyber Defense
Center was a consolation prize and studies Cyber War techniques and
incidents and attempts to coordinate efforts by other NATO members to
create Cyber War defenses and offensive weapons. NATO say that this
appears to have deterred Russia from making another Cyber War attack.
The Estonians are not so sure as Russia went ahead and invaded Georgia
(a nation of four million in the Caucasus) in 2008 and Ukraine in 2014
and still makes very public threats against Estonia. But the Cyber
Defense Center in Estonia has proved to be a valuable resource for other
nations looking to improve their Cyber War defenses, especially against
Russia.
Cyber Wars have actually been going on since the late 1990s and they
are getting worse. It started in the 1990s as individuals attacked the
web sites in other nations because of diplomatic disputes. This was
usually stirred up by some international incident. India and Pakistan
went at it several times, and Arabs and Israelis have been trashing each
other’s web sites for years. The Arabs backed off at first, mainly
because the Israeli hackers are much more effective. But in the last few
years the Arabs have acquired more skills and are back at it. Chinese
and Taiwanese hackers go at each other periodically, and in 2001,
Chinese and American hackers clashed because of a collision off the
Chinese coast between an American reconnaissance aircraft and a Chinese
fighter. That was just the beginning for China, which now regularly
makes major hacking attacks on the U.S. and other NATO members.
Since 2005 these Cyber Wars have escalated from web site defacing
and shutting down sites with massive amounts of junk traffic (DDOS
attacks), to elaborate espionage efforts against American military
networks. The attackers are believed to be Chinese, and some American
military commanders are calling for a more active defense (namely, a
counterattack) to deal with the matter.
The Russian attacks against Estonia were the result of Estonia
moving a statue, honoring Russian World War II soldiers, from the center
of the capital, to a military cemetery in the countryside. The
Estonians always saw the statue as a reminder of half a century of
Russian occupation and oppression. Russia saw the statue move as an
insult to the efforts of Russian soldiers to liberate Estonia and enable
the Russians to occupy the place for half a century. The basic problem
here is that most Russians don't see their Soviet era ancestors as evil
people, despite the millions of Russians and non-Russians killed by the
Soviet secret police. The Russians are very proud of their defeat of
Nazi Germany in World War II, ignoring the fact that the Soviet
government was just biding its time before it launched its own invasion
of Germany and Europe in general. All this means little to anyone from
outside East Europe, but for any nations neighboring Russia these
Russian resentments have to be carefully monitored.
While many Russians would have backed a military attack on Estonia
to retaliate for the insult by an ungrateful neighbor, this approach was
seen as imprudent. Estonia is part of NATO and an attack on one NATO
member is considered an attack on all. It's because of this Russian
threat that Estonia was so eager to get into NATO. The Russians,
however, believe that massive Cyber War attacks will not trigger a NATO
response. They were so sure of this that some of the early DDOS attacks
were easily traced back to computers owned by the Russian government.
When that got out, the attacks stopped for a few days, and then resumed
from what appear to be illegal botnets. Maybe some legal botnets as
well. Russian language message boards were full of useful information on
how to join the holy war against evil Estonia. There's no indication
that any Russians are afraid of a visit from the Russian cyber-police
for any damage they might do to Estonia. And the damage has been
significant, amounting to millions of dollars. While no one has been
injured, Estonia is insisting that this attack, by Russia, should
trigger the mutual defense provisions of the NATO treaty. It didn't, but
it was a reminder to all that Cyber War is very real except when it
comes time to fight back.