Ukraine has managed to shelter its critical infrastructure from Russian cyberattacks, and the summoned IT army counter-attacked a range of targets. But why is Russia stalling on the cyber front?
Pro-Ukrainian hacktivists obtained data from numerous Russian organizations, including its military.
"Major websites of Russian governmental and public institutions have been temporarily taken down, using tools rapidly created at the start of the war by pro-Ukrainian cyber activists that have enabled anyone with a minimum knowledge of cybertech to take part in cyberattacks," Dmytro Dubov, Head of the Information Security and Cybersecurity Department of the National Institute for Strategic Studies in Kyiv, writes.
In his latest analysis of the Russo-Ukrainian war in the cyber realm, he listed five challenges to Russia's cybersecurity and cyberwar capabilities.
"Unless addressed, these challenges will degrade Russia's ability to compete in the highly dynamic sphere of cyberspace – even as the war in Ukraine has shown the extent of its failures to deliver effects in this domain, too," Dubov said.
1. Shortage of specialists. Due to the increasing number of cyberattacks against Russia, the country's best specialists have to focus on defense, decreasing their offensive potential. Russia, facing a massive scope of cyberattacks, needs to allocate its resources and investigate what was taken from them and how far the hackers got in.
2. Limited awareness of cybersecurity. The cyberattack on the Russian Air Transport Agency (Rosaviatsiya) is a prominent example of the lack of awareness of the need for strong cybersecurity. It was forced to switch to pen and paper after losing 65TB of data.
"Successful cyberattacks on the websites of the Russian government, president, public and security services, and central bank have shown that despite attention to, and public funding of, cybersecurity, the abilities of Russian cybersecurity specialists tend to be limited," Dubov writes.
3. Weak operational skills of mid-level specialists. Dubov claims that Russian hackers have failed to show their supposed mastery in this active cyber confrontation. "Russia's responses in the current cyber conflict have been poorly thought out, and its cyberattacks against Ukraine have been partly supported by data gathered by Russian intelligence agencies through traditional means such as human espionage."
4. Withdrawal of foreign expertise. Nearly 40 cybersecurity companies have announced their withdrawal from the Russian market and have suspended service for Russian clients.
This presents long-term challenges, as many software or hardware solutions cannot be replaced by Russian-owned technologies (according to local specialists, replacement may require 6 to 12 months.)
Russia is now on a quest to create a sovereign internet. The Kremlin has actively endorsed any initiative to develop domestic digital services in place of Western competitors.
"A Presidential Decree of 30 March 2022 required all purchases of foreign software for Russian CIFs to be suspended from 31 March and prohibited the use of foreign software from 1 January 2025. Further, by the end of September 2022, the Russian government must develop a plan to replace foreign-made radio, electronic, and telecommunication devices with Russian ones," Dubov writes, doubting this is even possible to achieve.
"In any event, a ban on importing technologies will be a sham, as it will only make the existing practice of purchasing Chinese products and replacing ‘made in China’ labels with ‘from Russian manufacturers’ even more widespread," he added.
5. Brain drain. This March, a Concord group company associated with an oligarch close to Putin, Yevgeny Prigozhin, urged the government to draft a law to make it harder for IT specialists to travel abroad.
"Both the Russian Ministry of Digital Development and Kremlin spokesman Dmitry Peskov later denied this, and the information was deleted. State Duma member Alexander Khinshtein suggested establishing 'IT- joints,' similar to the Soviet-era semi- prisons where sentenced specialists worked on R&D projects, supervised by the security service. It seems that this was not a serious proposal, but as many Russian IT specialists have been arrested recently, it may have been a trial balloon intended to test the idea and to mentally prepare the Russian public," Dubov said.
More from Cybernews:
Subscribe to our newsletter