Ukraine Successfully Defends Its Cyberspace as Russia Relies on Conventional Weapons – CNET [CNET]

There’s no need to launch a cyberattack when you have bombs and guns.

This story is part of War in Ukraine, CNET’s coverage of events there and of the wider effects on the world.

Ukraine has largely prevented Russia from disrupting its cyber activities during the three-month war between the countries, security experts said Tuesday, though it remains at risk of future cyberattacks as the conventional war against it rages on.

Analysts warned that cyberwarfare would be among Russia’s prefered tactics ahead of its invasion on Feb. 24. Among the potential targets: Ukraine’s power grid and critical infrastructure. Additionally, those attacks could spread to other countries.

The cyber Armageddon, however, hasn’t played out as expected, Dimitri Alperovitch, co-founder and former chief technology officer of security company CrowdStrike, told the RSA Conference in San Francisco on Tuesday. 

“Of course, one of the big questions people have been asking since Day One of the war is ‘Where’s the cyberwar?'” Alperovitch said.

The ongoing war in Ukraine and the looming possibility of a global cyber war were among the top topics at the conference. The annual event, back in action after two years of pandemic-prompted virtual gatherings, brought together thousands of cybersecurity professionals from around the world. RSA is one of the highest-profile security gatherings of the year.

Alperovitch, who now leads the nonprofit Silverado Policy Accelerator, said forecasts that cyber would be a critical part of Russia’s strategy may have been “unnecessarily elevated” given the country’s huge military and conventional weapons.

“When you have bombs, when you have artillery, when you have missiles, you’re going to prefer to use those once you’re in an actual war rather than cyber,” Alperovitch said during a keynote address. Cyberattacks can have a “very fleeting effect,” he said.

Still, cyberattacks have been deployed, including Russian-launched data-wiping malware that crippled the Ukrainian military’s ability to communicate during the first days of the invasion.

Russia-launched cyberattacks are nothing new for Ukraine. The NotPetya attack, attributed to Russia, crippled computers across Ukraine in 2017. The malware, which also spread to unintended targets far outside Ukraine, locked up files in a manner similar to ransomware. When experts took a closer look, however, they realized that its true purpose was to destroy data rather than make money.

Ukraine has learned from that experience, Alperovitch said, noting that the country has data backups ready to go so that it can rebuild quickly if it’s hit. 

Sandra Joyce, head of intelligence operations for the cybersecurity company Mandiant, said the Ukrainians have also found success online by controlling information coming out of war zones and uploading recordings taken by Russian soldiers and drones. At the same time, they’re managing to keep their networks up through bombardments and blackout conditions. 

Ukrainian President Volodymyr Zelenskyy has also humanized the plight of his country’s people, recording internet-savvy videos that are posted to social media to win worldwide support.

“The type of resilience that the Ukrainian defenders are showing right now in the cyber domain is incredible,” Joyce said. “And it’s something, from our position at Mandiant, that we have never seen before.”