The Lessons From Cyberwar, Cyber-in-War and Ukraine

The war in Ukraine is the first major conflagration between two technologically advanced powers in the age of cyber. It prompts us to question the nature of modern warfare and the role of cyber in its operation. Here we will look at the use of cyber in the years leading to the kinetic war, and the use of cyber technology on the modern kinetic battlefield.

We need to understand the meaning of cyber and the meaning of war, to question whether the two concepts can be separated, and to ask ourselves if we are ever not at war.

‘Cyber’ derives from ‘cybernetics’, a word coined by US mathematician Norbert Wiener in 1948, taken from the Greek ‘kybernetes’. Ultimately, it involves the concepts of guiding by control. For Wiener it is the study of communication and control.

By the 1990s, with the combination of the internet (communication) and computers (control), the single word cyber began to denote the non-physical digital world, and became a prefix for compound words in the digital space — such as cybersecurity, or more directly here, cyberwar.

If we break down the word cyberwar, we have three components: computers + communications + war. In cybersecurity terms, cyberwar refers to the use of computers and communications from one party to attack the computers and communications of another party — most commonly aimed at degrading the adversary’s critical infrastructure. It is a term used as something distinct from kinetic warfare, but is nevertheless most usually associated with attacks by nation states.

As we progress, we will see it is difficult to understand what is and what is not cyberwar. In this article we will describe all criminal cyber activity as ‘cyberattack’, and for reasons that will hopefully become clear, we will describe all nation state cyber activity as ‘cyberwar’.

If we look more specifically at the word ‘war’, we have the concept of one party attempting to exert power over another party. Kinetic activity – that is, the force of arms on the battlefield – is just one phase in the operation of a war. Economics is more usually successful. For example, the old Soviet Union was not dismantled by NATO force of arms, but more by global economics. The rise of Putin’s Russia is predicated on improved Russian economics based on its newfound oil and gas wealth. Sanctions are an economic weapon of war, aimed at reversing this.

Today, it is believed that future strength will be based on an economy itself based on technology – having the most powerful quantum computers and the most efficient artificial intelligence, for example. Much of cyberwar is aimed at achieving this, largely through the theft of IP, espionage against military capabilities and plans, and critical infrastructure surveillance that seeks weaknesses that could be exploited.

History tells us that the winner in any war is the side possessing the better technology. England’s medieval wars were won because the longbow outgunned its enemy’s weapons. This is a basic truism of all wars. Technological superiority is what ultimately wins wars.

Linked to technology is information warfare. Understanding the enemy’s technology and knowing its strengths and weaknesses and how and where it is likely to be used is essential. So too is planting false information about one’s own technology, and false information about where, when, and how it will be used.

Psychological warfare is also an important part of war. It includes and extends propaganda. “Cyber-driven propaganda typically falls within two categories,” comments Samuel Kinch, director of technical account management at Tanium. “The first is the ability to influence open-source or publicly available media, and secondly, military specific environments. In open-source or publicly available media, misinformation creates chaos in what is and isn’t true.” Psychological warfare is the active application of propaganda.

This attempts to destroy the morale of both the enemy’s military forces and the enemy’s underlying civilian population. Since both parties will be engaged in this, psychological warfare also requires boosting one’s own military and civilian morale in the face of enemy attacks against it. Once again, we come back to cybernetics, but here more specifically control over communication.

The reason for this short discourse is to demonstrate a simple but often unseen reality: cyberwar, economic war, psychological war, information war and kinetic war are all inextricably linked, each continuously jockeying for that advantage that can win wars. Kinetic activity is just one aspect of war – and the whole world is already at war in one way or another. It is only the effect of psychological defensive warfare that tells us differently.

In the following sections we will examine how cyberwar is used over many years, sometimes as a preparation for kinetic war, but also in the hope to avoid the need for kinetic war. Finally, we will look at the use of cyber on the modern battlefield.

There is a tendency for people to consider events in isolation. This is almost always wrong. Let us assume for the sake of argument that Putin’s overriding objective has always been to return Russia to his perceived glory days of the Soviet Union. 

Ukraine becomes pivotal in this. If it joins NATO, Russia becomes hemmed in by its ‘enemy’ – so control over Ukraine is seen by Russia as almost existential. Putin effectively began the Ukraine war in 2014 with the kinetic annexation of Crimea. He seemed to stop there (apart from continuous political activity in Eastern Ukraine).

However, 2014 coincided with and was immediately followed by increasing mis- and malinformation cyber and political campaign aimed at the US and European populace in both in and around the US 2016 elections and the UK Brexit vote (psychological/information warfare). We shouldn’t see this as separate to Crimea and Putin’s desire to restore the glory of the Soviet Union. Nor, then, should it be separated from the current kinetic activity in Ukraine.

Russia’s misinformation political meddling was designed to weaken the will and resolve of both the western populations, and the western political leaders. The calculation was that by the time of the 2022 invasion, the West (that is, NATO) would not have the will to object. Had Putin been completely successful in promoting an ‘America First’ doctrine, Europe would have been left entirely defenseless against the economic (oil and gas) and military power of Russia. As it is, the EU is weakened by the UK’s exit, and riven internally by far-right parties that have been promoted in one way or another by Moscow.

Viewed in this light, digital cyberwarfare should not be thought of as something separate from kinetic warfare – it is primarily a jockeying for position prior to and readying for kinetic war – and all nations are forced to take part. Psychological warfare was a precursor to the Russian invasion of Ukraine in 2022 – an invasion that hasn’t immediately gone to plan because of Trump’s failure to win a second term as president. His America First approach – which would inevitably have weakened if not destroyed NATO – was replaced by Biden’s globalism and a strong and united NATO.

The first thing to stress is that we may believe we know what is currently going on in Ukraine, but we do not. This is because of the psychological and information elements of warfare – both of which are based on cyber technologies.

Consider the claims of Russian war crimes. War crimes happen in war. Think back to all the accusations against the US, such as Chelsea Manning (formerly Bradley Manning) and the Iraq war – so, they’re likely to be true. However, if NATO’s peoples believe that Russia is heinous, NATO’s resolve can be strengthened – it may be true, but is hyped as part of psychological/information warfare.

But you can go too far. On January 9, 2023, Politico reported, “Victor Zhora, chief digital transformation officer at the State Service of Special Communication and Information Protection (SSSCIP) of Ukraine, said Russia has launched cyberattacks in coordination with kinetic military attacks as part of its invasion of Ukraine, arguing the digital warfare is part of what Kyiv considers war crimes committed against its citizens.”

Lukasz Olejnik, a visiting fellow at the Geneva Academy of International Humanitarian Law and Human Rights, responded, “It would be difficult to prove. The bar is high. Perhaps when part of a wider event. But cyberattacks on their own? Maybe not. Sorry for being the devil’s advocate here.”

As a result, we are left with the clear impression that Ukraine is pushing the idea of Russian war crimes as hard as possible. The same goes for reports on Putin’s illness. He probably is ill, but his demise may not be as close as we in the west are led to believe or hope.

This battle for the hearts and minds of the people is waged by both sides. Ukraine reported a strike against Russian barracks in Makiyivka, claiming 400 fatalities. Russia admitted 89 deaths, and blamed its own soldiers for using mobile phones that allowed Ukraine to pinpoint the target – something that may or may not be wholly or partly true.

Russia retaliated by claiming a strike against Ukrainian barracks at Kramatorsk, claiming more than 600 Ukrainian military deaths. Ukraine replied that Russia missed the target, and no soldiers were killed. The precise accuracy of claims and denials cannot be determined in a time of war – but they are certainly part of the psychological war.

There is little doubt – certainly since the introduction of HIMARS (high mobility artillery rocket system) that Ukraine has had an edge over Russian technology. The value of the HIMARS system is its mobility (making it easier to relocate and hide); the speed of delivery (2.5 times the speed of sound, making it almost impossible to detect and destroy in flight); and the precision of its strike (using GPS coordinates for pinpoint accuracy).

Noticeably, neither Russia nor NATO countries have (at the time of writing) employed their most technologically advanced weapons in Ukraine. There could be many reasons – but one could simply be a preference to avoid escalation of the war beyond Ukraine’s borders. Both sides appear to be relaxing this stance, with Russia releasing its newer tanks, and the UK considering the supply of Challenger tanks. Pressure on Germany to either supply or allow NATO allies to supply German Leopard tanks is also growing. Challenger and Leopard are two of the three most advanced tanks in the world; the third being the US Abrams.

What this tells us, however, is that the Ukraine war can only give an indication of what might happen in any future all-out war between major parties. This is a constrained war – its expansion is incremental. Any future all-out war will be less constrained.

Another example is in the use of satellites for communications. Simultaneous with the February 2022 invasion, Russia delivered a cyberwar attack against Viasat to reduce Ukrainian military communications. It also took down the major Ukrainian ISP, Triolan. This could be expected – classic nation state cyberattacks to support a kinetic attack.

Elon Musk stepped in and offered Ukraine the use of the Starlink satellite communications system. Russia does not seem to have made any serious attempts to eliminate Starlink – and again this is probably down to a reluctance to escalate the war. But in an all-out war, satellites would soon be physically eliminated. “In a battlefield in the future, those satellites are going to get knocked out of the sky real quick,” comments Helder Figueira, founder at Incrypteon. “Starlink will not survive. There are capabilities now in terms of the deployment of micro nuclear or electromagnetic pulse (EMP) weapons.”

While Starlink is invaluable in providing the internet and war news to the Ukrainian people, it is unlikely to be used for military communication – if only because Starlink communications can be intercepted by Russia. Troops on the ground use various radio frequencies, from a control as close to the enemy as possible. These too can be intercepted – but the message is encrypted (not with commercial encryption, which is not viewed as trustworthy) to delay understanding; while the proximity allows a strike before the enemy can respond.

This explains the number of videos we receive from Ukrainian drones. The drone is used as a close-range spotter, which locates and pinpoints a target, calls in a rapid strike, and films the effect. Cyber technology is used in the conduct of kinetics, and subsequent propaganda.

“Modern combat involves a lot of communications, with radios in most installations, many individual combatants, and aboard each vehicle,” says Mike Parkin, senior technical engineer at Vulcan Cyber. “The communications are encrypted if they’re doing it right, but each one is a source that can be located and targeted. With individual combatants carrying normal cell phones into the field, it’s easy to identify and track them as long as they are operating in ‘the other side’s’ cellular network space – which is exactly what we’re seeing in the Ukraine conflict.”

There have also been suggestions that Ukraine is using a more ‘advanced’ form of target discovery. The UK’s Express newspaper reported (December 25, 2022): “Palantir’s MetaConstellation software relies on intelligence gathered on enemy troop positions by commercial satellites, heat sensors and reconnaissance drones, as well as spies working behind enemy lines. The software then uses AI to transform the data into a map highlighting the likely positions of Russian artillery, tanks, and troops.”

On December 30, 2022, Palantir CEO Alex Karp seemed to confirm the generalities if not the specifics of this in an open letter. “Those using our platforms in the defense and intelligence context, for reconnaissance, targeting, and other purposes, require the best weapons that we can build,” he wrote. “And we have never been inclined to wait on the sidelines while others risk their lives.”

Andy Patel, researcher at WithSecure, points to the State of AI Report published in October 2022. According to this report, he said, “Current efforts to infuse defensive products with AI technologies appear to concentrate on using AI for UAV control, anti-drone systems, and for surveillance and reconnaissance purposes.” But he also notes the report’s description of Ukraine’s own GIS Arta software.