Undefined Lines: Cybersecurity and the Situation in Ukraine

By Dan Martinez, M.A. Candidate in Intelligence and National Security, Norman Paterson School of International Affairs.

The situation which has unfolded over the past few weeks in the Crimea has been grabbing headlines in Western media, and for good reason. Russia’s bold deployment onto the peninsula caught many by surprise (particularly considering how rapidly events developed on the heels of Sochi) and the media quickly seized on the opportunity to report on a militarized form of realpolitik we rarely see on this scale in Europe. While there are many aspects of this situation which easily warrant a standalone blog post, one worthy topic of discussion is the issue of flashpoints—i.e.: events with the potential to incite escalation in the conflict.

In this respect, much attention has been focused on the potential for actual physical confrontation between security forces on opposing sides. This is important because, as we should not forget, there is a human element to this story with thousands of young soldiers involved in the tense stand-off throughout the Crimean Peninsula while the geopolitics of this situation are played out in capitals around the world. Furthermore, the potential for escalation also arises with continuing news of provocative incursions onto Ukrainian territory outside the Crimea. But while it is relatively straightforward to focus on attempting to track movement of security forces across perceived lines in the sand, there is another possible front which is much less defined: cyberspace.

The issue of cyber-attacks is important because we have seen them used as tactics by Russia in the past suggesting, at worst, the emergence of a new doctrine for Russia in dealing with regional conflicts and, at best, a worrying trend we should at least be aware if. A clear example is the 2007 spat between Russian and Estonia in which tensions were accompanied by sustained cyber-attacks against Estonian government websites hosted from Russia. Another example is the 2008 Russian invasion of Georgia which was preceded by distributed denial-of-service (DDOS) attacks (also discovered to have been launched from Russia).

In the current conflict in Ukraine, too, we have seen Russia accused of engaging in offensive cyber tactics. Russia has been accused of knocking out civilian communications infrastructure through cyber-attacks and of hosting smaller-scale attacks aimed at vandalizing news and social media websites with nationalist messages. The fact that civilian networks were targeted suggests, in my opinion, that these attacks were aimed at more than just neutralizing military command and control capabilities but rather serve propagandistic purposes more consistent with information warfare goals. More recently, as well, Russia has also been accused of unleashing a cyber “snake” known as Ouroborous which has been wreaking havoc on Ukrainian government systems.

The problem, of course, is attribution. Although these attacks were hosted in Russia (as is reported by each source above), these attacks have yet to be attributed to the Russian state in the international legal sense. Without attribution, all we have is a series of provocative and/or actually harmful attacks which are at least broadly consistent with Russian interests in undermining the interim Ukrainian government but cannot form the basis of justification for retaliation. It should also be noted, furthermore, that international legal experts have only begun to address conceptual issues in this area in the past few years—the closest thing we have to an authoritative statement by international jurists is the Tallinn Manual (2012)—and that there is no preliminary (much less settled) law governing acts of “cyber-warfare”.

The Canadian Perspective

Canada should care about these developments for two reasons:

First, Canada should care because, as a NATO member state, we have military interests on the geographic periphery of this conflict (particularly in the Baltic States and Poland). As mentioned above, Estonia has already allegedly been the target of Russian cyber-attacks and we cannot rule out the possibility that other allies may be targeted in the future. Since we are bound by mutual defence obligations through the North Atlantic Treaty (1949), Canada should take note of alleged Russian tactics in Ukraine and start thinking seriously about what it considers an act of “cyber-aggression” which could trigger Article 5 obligations. The attacks in 2007 certainly caught NATO by surprise, but there will be no excuse for not having a developed response if it happens again in the future.

Secondly, Canada should care because geographic boundaries are not a factor in deterring cyber-attacks. Simply put, Canada should be concerned with any display of increasing tendencies to engage in cyber-attacks as a tool of foreign policy because oceans do not guard against cyber-attackers, as we learned in 2011. While there is absolutely a world of difference between Ukraine and Canada geostrategically, this does not give us license to ignore emerging patterns in threats.

In all, the situation in Ukraine is fascinating from a security studies perspective for many reasons, but we should not be fooled by the illusion of distance because innovations in cyberspace continue to collapse barriers of space and time.

Categories: Uncategorized

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s