Why Ukraine Has Already Lost The Cyber War, Too
Patrick Tucker in the April 28, 2014 DefenseOne.com, writes, “don’t wait for cyber war between Ukraine and Russia to break out ahead of [any] the actual shooting” — because, Kiev has already lost that option. He adds that “Russia may already have unfettered access into Ukraine telecommunication systems” — according to several experts. “It’s access that Russia can use to watch Ukrainian opposition leadership, or, in the event of [military] escalation in the conflict, possibly cut off telecommunications with Ukraine.” For the full article, go to DefenseOne.com.
While there has been killing in the streets of Kiev, Russia-Ukraine cyber space has been relatively calm Mr. Tucker writes — with minor incidents such as taking down a website/s and Distributed Denial of Service DDoS) attacks, which flood sites with phony traffic — rendering the sites inaccessible.
“There is no need to attack that which they already own,” according to a panoply of experts that Mr. Tucker interviewed. “Russia already had access [to the Ukrainian telecommunications infrastructure] for years. That’s true for almost all the Commonwealth of Independent States. They all rely, at some point, on Russian technology,” said Jeffrey Carr, CEO of the cyber security firm Taia Global, and the author of “Inside Cyber Warfare: Mapping The Cyber Underworld,” in an interview with DefenseOne.
Mr. Tucker adds that “Russia’s access stems from two factors. The first: Ukraine’s communications intercept system, which allows the Ukrainian government tap into civilian electronic communications, very closely resembles the Russian intercept system called SORM. SORM was developed by the Russian KGB as a means to surveil electronic communications. Think of the [NSA] PRISM Program, but far more robust in terms of capability; and, with far fewer legal restrictions on its use. SORM 3 allows the Russian Federal Security Service, or FSB, backdoor access into landline, mobile and communications.”
“Ukraine has its own SORM system modeled after Russia’s but, as Russian journalist Andei Soldatov and Irina Borogan explained in Wired in 2012, Russian companies such as IsKratel manufacture equipment that Ukraine uses to maintain its system. Other manufacturers of SORM equipment include Juniper Networks, Huawei, Cisco, and Alcatel-Lucent out of France. The simple fact that SORM equipment manufacturing firms are a matter of public record — suggests vulnerability to hacking. The same technology that allows Ukraine’s Intelligence Service to eavesdrop in Ukraine may give Russia the amount of access into Ukrainian communications,” added Mr. Tucker.
“With local Ukrainian media sources reporting Ukrtelekom, outages, it is unclear what reach Russia has into the Ukraine, due to its use of the SORM standard. While multiple additional pieces of information are necessary to definitely conclude Russia has a backdoor into the Ukraine telecom system, it is clear the telecom equipment and layout are quite familiar to the Russian military and intelligence officials operating in the cyber arena. Ukrtelekom is the primary landline phone operator in Ukraine, servicing 80 percent of the users,” said Scott Donnelly, Open Source Analyst with Recorded Future
“Additionally, Russian telecom firms Vimpelcom and MTS do considerable mobile business in Ukraine. MTS reportedly has 22.4M subscribers in the country as of September 2013, making it the second largest mobile player,” wrote Mr. Tucker. “It’s Russian companies that are providing mobile services. That gives the Russian’s an avenue in,” said James Lewis, Director, and Senior Fellow of the Strategic Technologies Program, at the Center for Strategic and International Studies,” told DefenseOne. “There’s an advantage to having ownership, having insight, knowing the legacy system and having relationships, and being physically present in adjacent areas. That all makes it easier for them,” added Mr. Lewis. “Russian dominance into the Ukrainian mobile space was on full display back in January when protestors taking part in street demonstrations against the pro-Russian regime of then-President Viktor Yanukovich received ominous test messages reading, “Dear subscriber, you are a registered participant in a mass disturbance,” according to the New York Times.
“These companies invested in Ukraine to make money. But now, if their friends from the FSB show up, say, “Can you give us a hand? Tell us about the networks you invested in. Give us some of the technical details or specifications? [The companies aren’t well-placed to say not to that request. The companies did this for commercial reasons, but because [the companies] are subject to Russian control, that means that at any moment when it is in Russia’s interest to extend that control, they can do so,” said Andrews.
“Does unfettered Russian access over the communications space in Ukraine necessarily mean that Russia could stage a telecom blackout?” asks Mr. Tucker.
The company Renesys, which monitors Internet services globally, has called the possibility of a fast Russian takedown of Ukrainian telecommunications and infrastructure unlikely. John Bumgarner, Chief Technology Officer at the U.S. Cyber Consequences Unit agrees, “Ukraine has approximately six [trunk lines] running through the country. Most of the telecommunications points were going through Kiev.”
Some leading cyber security experts are arguing that Russia is holding back on offensive cyber operations against Ukraine, at least in-part because there is a wealth of cyber talent that Ukraine could use to retaliate against Moscow. Others argue that Russia already has intelligence information dominance over Ukraine and an escalation in this area isn’t necessary; and, could also be counterproductive. The bottom line is that if Russia sees a need to escalate the conflict with Ukraine, they could wreak havoc with Ukraine’s entire telecommunications infrastructure. V/R, RCP