Interviewing a cybersecurity expert: «Compared to traditional tactics, cyber warfare is a sideshow»
Cybersecurity expert at ETH Zurich Kevin Kohler is here to explain what cyber warfare is and what influence it has on the war in Ukraine.
There’s a war going on in Ukraine. Russia has invaded its neighbouring country and is now trying with all its might to bring the country under control. For a while now, war hasn’t just taken place on the ground, in the air or on water – but also digitally. Kevin Kohler, cybersecurity expert at ETH Zurich, talked about how important cyber attacks are for the current conflict in the digitec podcast. Check out the most important questions and even more exciting answers right here.
The interview starts at 46 minutes and 55 seconds.
What’s cyber warfare?
It’s a controversial term in academic circles. The war in Ukraine certainly possesses a cyber aspect, which includes hacking attacks. But there are also many cyber activities that take place during peacetime. The cyberspace involves users based in NATO countries. Which is why you have to be careful when using the term war. It’s difficult to say at what point it’s cyber warfare and when it’s «just» a hack.
What elements go along with cyber warfare?
Basically, there are three main dimensions: one is intelligence, that is, wiretapping. For example, the U.S. is providing a lot of intel to Ukraine. The Russians, in turn, have been trying to mine data from the Ukrainian Internet. The second dimension is propaganda: the goal is to spread their own worldview through media in the West, Ukraine, but also in Russia. The third is attacks: there are less destructive tactics, such as DDoS attacks, where servers or services are temporarily paralysed by flooding them with requests. In more serious attacks, data is stolen, deleted or published. Or infrastructure is hacked. In Russia, for example, the railroad network was attacked several times.
Which of these three dimensions is the most important?
Medially, the third is certainly the most popular because it has the greatest potential for escalation. So far, surprisingly little has occurred in this vein. In principle, Russia would have the capability for serious attacks and has demonstrated this in the past. So far, Western targets have got off lightly.
The potential for destruction from hacks are huge. Practically everything is networked these days. What is actually possible?
In truth, a whole host of things. However, is this the easiest way to achieve your goal? In Ukraine, Russia already has air and ground superiority. Therefore, instead of hacking nuclear power plants, they can secure them with tanks if they want to take an area off the grid. That doesn’t mean that something like this won’t happen in the long term. Until now, some critical infrastructure was off-limits. Whether this’ll continue with Putin in power is uncertain.
So far, Russia has refrained from grave cyberattacks on critical infrastructure.
How does this kind of government hacking look? Are they sitting in an open plan office somewhere, taking orders from the Trello board?
Interestingly, many actually have an office job. In this conflict, however, many independent groups are also involved. There are fewer clear hierarchies there.
What’s the status of cyber warfare next to classical warfare?
Compared to traditional tactics, cyber warfare is a sideshow. This week, a children’s hospital in Mariupol was bombed. We haven’t yet seen a digital equivalent to such a horrifying attack. In essence, cyber activity is increasing in parallel with real-life attacks. We record five to seven notable incidents every day. In peacetime, cyber warfare has a higher profile than now, when troops are marching through Ukraine.
How can Ukraine stand against Russia?
What fascinates me is how Ukraine is using crowdsourcing. Through various Telegram channels, civilians receive commands from the military, such as for jamming certain Russian frequencies. What civilians accomplish here is amazing. Russian propaganda outlets are spammed with messages around the clock. Channels such as Russia Today are hacked to show other content. Even stock exchanges and banks were inaccessible at times.
So is the Ukrainian government not active on its own, but instead sending third parties into the digital battlefield?
Exactly. However, such activities allow Russia to classify individuals outside of Ukraine as combatants, causing them to lose their neutrality. And if Russia finds out that someone from Switzerland, for example, is part of such an IT army, they can contact Switzerland. By invoking the duty of prevention, they could demand that these attacks be stopped.
So cyberwarriors have more consequences to fear from their own government than from Russia?
They probably don’t have to expect legal consequences, but authorities would certainly try to stop these activities in order to comply with neutrality laws. However, Switzerland has already levied strong sanctions against Russia and was subsequently placed on the list of unfriendly states. Therefore, it’s unlikely to violate the law of neutrality through the activity of volunteer hackers.
What Anonymous is doing won’t decide the war.
Anonymous is the most well-known volunteer hacker collective. How effective are they in the case of Ukraine?
There are many such groupings, some more capable than others. Some attack the rail network, while others are mainly engaged in information warfare. However, Anonymous has actually already been able to break through and stop pro-Russian activities. For example, the well-known ransomware group Conti has threatened to attack Western infrastructure, only to be hacked itself afterwards. Since then, nothing more has been heard from them. What Anonymous is doing, however, certainly won’t decide the war.
Is there still an unused weapon in cyber warfare? Something that could still influence the course of the war?
What is possible are serious attacks on critical infrastructure such as hospitals, transport or energy supplies. It’s assumed that the U.S., as well as Russia, have such capabilities. The most realistic scenario probably concerns economic warfare. A widespread attack that affects many companies and spreads independently. Something similar already happened in 2017 through the Petya Trojan software, which caused tens of billions of dollars worth of damages in the West. However, NATO is aware of digital dangers, and the U.S. and UK have already threatened to retaliate against severe attacks. That’s why it isn’t in Russia’s interest to overstep this threshold.
I assume this threshold is probably always just high enough to avoid countries from actively intervening in the war?
It’s not clear where this line lies. If it’s just a single cyberattack, it’d need a real-life effect. Something would need to be destroyed. Which would be possible, for example, by overloading a power grid. As smaller attacks have always occurred in the past, this threshold slowly started to be met in 2021.
How prepared is Switzerland for cyber attacks? In the past, there was a lot of criticism for our lack of infrastructure.
Switzerland has been the target of several hacking attacks attributed to Russians. Among the victims were weapons manufacturer Ruag, the Spiez Laboratory, the Swiss specialist centre for protection against NBC attacks – but also various companies during the Petya Trojan attack. There’s still an increased risk in Switzerland. In response, readiness has been increased in recent years. The Swiss intelligence service has received more resources in its fight against cyber attacks. The army is also expanding its capabilities. The NCSC, the Swiss Center for Cybersecurity, is also a body that helps companies better equip themselves against attacks.
We’ve only talked about attacks so far. Are there also peacemaking cyber measures?
By spreading facts, propaganda can be limited. There are also dialogue formats used to ease communication between states. And the same means used for espionage activities can also be used to bring about a cease-fire. As an individual, however, this is certainly more difficult than joining common attacks.
The whole interview is available in the newest episode of the digitec podcast.
You can also watch the podcast as a video on YouTube or subscribe via any podcast app such as Spotify, Pocketcasts or Apple Podcast.
33 people like this article
Philipp Rüegg
Senior Editor
Philipp.Rueegg@digitecgalaxus.chBeing the game and gadget geek that I am, working at digitec and Galaxus makes me feel like a kid in a candy shop – but it does take its toll on my wallet. I enjoy tinkering with my PC in Tim Taylor fashion and talking about games on my podcast http://www.onemorelevel.ch. To satisfy my need for speed, I get on my full suspension mountain bike and set out to find some nice trails. My thirst for culture is quenched by deep conversations over a couple of cold ones at the mostly frustrating games of FC Winterthur.
