Western countries, including Canada, should prepare for the possibility of an increase in cyber attacks and ransomware if the current tensions between Ukraine and Russia escalate – or even explode into open war at the start of this war. the new Year.
While Moscow would likely not sanction direct and accountable attacks on NATO members, experts say it would almost certainly use its vast cyber and disinformation capabilities to sow confusion and disagreement among closest supporters and allies. of Ukraine during a crisis.
“I think they might expect high-level cyber attacks right before Article 5, right before the war, whether or not Putin enters Ukraine,” said Matthew Schmidt, associate professor and national security expert at the University of New Haven, Connecticut. .
“It has become a constant backbone of modern warfare. It is happening now.”
Schmidt said he believed the Baltic countries, which are members of NATO, would be distinguished because of their Russian-speaking populations. Canada leads the Western Military Alliance Forward Presence Battle Groups in Latvia and has been the target of Russian cyber-disinformation and disinformation campaigns in the past.
The United States and its allies are clearly concerned about how Moscow might launch cyber attacks against Ukraine. The New York Times reported last week that the United States and Britain have sent cyber warfare teams to the Eastern European country to help it bolster its defenses and prevent attacks like this one. which destroyed much of the Ukrainian electricity grid in 2015.
Former US military leaders have warned for more than a month, since Russia began placing up to 100,000 troops on the Ukrainian border, that the opening salvo of any conflict would destabilize cyber attacks.
Targeting Ukraine is one thing. Targeting NATO countries is another, much riskier bet that some defense observers have said could potentially spark a much larger European conflict.
“Of course, Russia has the ability to threaten a NATO country, but in the context of this larger crisis, it becomes very dangerous,” said Stefanie von Hlatky, associate professor and expert in defense policy at the Queen’s University in Kingston, Ontario.
While ruling out Western troops from fighting to defend Ukraine, the Biden administration has said it is ready to send in weapons and possibly increase training efforts. There are 200 Canadian soldiers helping to train Ukrainian forces in the intricacies of combat and Canada’s top military commander has said whether or not their withdrawal will depend on the conditions on the ground at the time. Disrupting that kind of support and distracting Western leaders during such a crisis would be a key strategic objective of the Kremlin, military leaders said.
It’s not as if Russia, or its proxies, have avoided attacking Western targets before. Last spring, a major US pipeline company, Colonial Pipeline, paid hackers, who were a subsidiary of a Russian-linked cybercrime group known as DarkSide, a ransom of $ 4.4 million. to regain control of his system. In September, the European Union officially blamed Russia for its involvement in the so-called “Ghostwriter” cybercampaign, which targeted the elections and political systems of several member states. The campaign saw the social media accounts of government officials and news websites hacked in an attempt to create distrust of US and NATO forces.
Just before the war
These attacks have always landed below the threshold of provoking a NATO response, although at their summit last spring, US President Joe Biden warned that the consequences would be “devastating” if a cyberattack on states -United went back to Russia.
“I pointed out to him that we have significant cyber capacity. And he knows it,” Biden said following the June meeting.
NATO has established a new cyberspace operations center in Mons, Belgium, in part to increase cyber situational awareness of military commanders.
“A serious cyber attack could trigger Article 5, according to which an attack on an ally is treated as an attack on all,” NATO Secretary General Jens Stoltenberg said in 2019 when the center was established.
The alliance was deliberately vague about what kind of cyberattack would trigger a collective response, with Stoltenberg repeatedly saying over the years that this would be a political decision, taken on a case-by-case basis, but that retaliation “will always be measured, defensive and proportionate.”
A significant number of cyber attacks are not carried out by the state, but rather by an informal army of proxies and cybercriminal organizations.
In the context of the current crisis, avoiding “political and legal attribution” will be one of Russia’s main concerns as events unfold, as NATO countries are bound by a self-protection clause, von Hlatky said.
An attack on one is considered an attack on all, and the Western military alliance recently introduced a policy framework that governs when a cyber attack is critical enough to trigger a response in the real world.
“I think Russia always has the advantage of keeping it below that threshold in a way where attribution takes time and is more diffuse.”