Opinion: What the war in Ukraine means for cybersecurity in Europe

Credit: Pixabay/CC0 Public domain

As bombs and missiles tragically rain down on Ukrainian cities, so does another type of weaponry: cyber weapons. This new generation of weapons replaces explosives with destructive software (malware) and missile launchers with network vulnerabilities. Cyber ​​weapons penetrate critical networks of the adversary nation, establish remote control, and wreak havoc by wiping out computers, leaking data, and causing other dangerous disruptions to essential services and critical infrastructure.

But cyber weapons are different from traditional “kinetic” weapons in one key way: they are often less likely to be targeted. In other words, when a country releases a cybernetic weapon on another, it can hit other targets than those intended by its manufacturers. As malware moves inside a target’s network, it can inadvertently spread to others. Researchers call this a “ripple” effect.

As Russia wages its war against Ukraine with cyber weapons, the risk of the spread to European countries and businesses around the world continues to rise. Microsoft has detected many Ukrainian computers affected by “wiper” malware that erases their content in ways that are difficult to recover. In recent days, Microsoft has also detected new malware (named “FoxBlade”) focused on stealing health, insurance and transportation data from Ukrainian essential services. Ongoing technical analysis will determine the likelihood of this malware spreading from outside Ukraine. But given past examples of malware spreading from Ukraine to other countries, governments around the world are issuing warnings about a possible risk of spread. We are also witnessing the emergence of suspicious timed disruptions of European systems, which could turn out to be fallout. Insulating ourselves from kinetic warfare no longer means that we are immune to the effects of war itself.

What “security” must mean for this moment in history

How should Europe prepare for and react to the collateral damage of cyber warfare? Beyond defense and technological interventions, we need to more broadly define our concept of “security” and our approaches to achieving it.

Traditionally, the concept of security has developed alongside notions of threat and force, primarily in the military. Related object and existential threats have been tied to physical realms, until the end of the last century.

In February 1998, while the United States was preparing to bomb Iraq, someone broke into military computer networks. It turned out not to be a state, but to teenagers from California. This event, known as Solar Sunrise, shone a light on the cyber domain. This has raised the political debate about the assets, vulnerabilities and capabilities that governments must govern to protect their objects and their stakeholders in cyberspace.

Developing a national cybersecurity strategy requires:

  • Define the principles, priorities and assets to govern (ranging from economic pillars to social pillars)
  • Understand technical security issues in terms of governable objects (confidentiality, availability, and data integrity) and how attackers can compromise a computer system (by manipulating threads of control, i.e. instructions on what to execute then on a computer);
  • Identify and develop defense capabilities against specific threats to the principles and priorities of the State;
  • Deploy these capabilities as a projection of broader state power.

A national cybersecurity strategy requires an approach that cuts across agencies and sectors, sets goals, and plans actions designed to improve the security and resilience of national infrastructure and services.

Cybersecurity as a public good

Security in cyberspace must move from a technical concern to a broader public good, developed by many societal actors. IT experts, legislators, regulators, social scientists, civil society groups and institutions need to cooperate. Governments should no longer be solely responsible for maintaining security and stability within their borders; other actors need to get deeply involved.

The Ukrainians and their allies have already begun to demonstrate this broader approach with:

Continuous and thorough sharing of information between private companies and relevant governments on the cyber weapons used

Use of varied and changing information channels (not just official websites) to demonstrate the persistence and stability of the Ukrainian government, despite attacks on its infrastructure
Public diplomacy based on Twitter to bring the alternative infrastructure of a private organization to Ukraine
Collaboration between civil and military groups to form cyber defense brigades and volunteer forces

Amid the current catastrophe of the war in Ukraine, European countries can and should prepare for cyber spillover by creating a broader coalition of different stakeholders. The next cyber war will not just be a technological problem; it will be everyone’s problem.

A war within a war: cyberattacks signal a powerful new approach to combat

Provided by
Bocconi University

Opinion: What the war in Ukraine means for cybersecurity in Europe (2022, March 7)
retrieved March 7, 2022
from https://techxplore.com/news/2022-03-opinion-war-ukraine-cyber-europe.html

This document is subject to copyright. Other than fair use for purposes of private study or research, no
any part may be reproduced without written permission. The content is provided for information only.