This piece is part of one of the shipments of the weekly Technology bulletin, which is sent every Friday. If you want to sign up to receive it, you can do so at this link.
Russia attacked Ukraine with bombs and missiles yesterday, February 24. We had been waiting for weeks to see if it was going to happen or not. One of the recurring issues all these days has been the alleged digital war: what was it going to be like, what new dangers was it going to add.
Two fields must first be distinguished. The digital war is played out on two fronts: disinformation and cyberattacks. First, the misinformation:
• Above all, we must understand our time. The featured tweet “Russia has invaded Ukraine” from the official @ukraine account has, at the time of writing this piece, 13,000 retweets. A couple of hours earlier, the same account had tweeted this meme: it had 250,000 retweets, almost 20 times more. Beneath the tweet was a warning: "This is not a meme, but ours and your reality right now." On days like this, a meme is worth as much as a thousand images and statements. The power of Nazism to continue marking the discourse of the leaders of Ukraine and Russia is incredible.
Miburo's 2022 Russian Propaganda & Disinformation Ecosystem chart, with new revelations and a structural update is live on Substack. Read here: https://t.co/dES3lUT96Y
– Miburo February 15, 2022
• Analyst Anna Applebaum warned of something obvious, which was also retweeted by the official Ukraine account. The best warning, almost the only one, is to be careful with what we believe. And above all, with what we want to believe. One proof is the success of the Ukrainian Twitter account memes. Where there is a good emotional message that removes any detailed and nuanced information that is difficult to understand.
Appreciation errors are not only human. The networks themselves are wrong and generate even more confusion. Twitter deleted several legitimate accounts documenting Russian military activity. The initial suspicion was that it was due to the massive complaint from fraudulent Russian users. On Twitter they were in charge of denying it: they never take action just because of a massive report of an account, precisely to prevent adversaries from taking advantage of it. It is a legend that has been circulating for a long time.
• Has the “cyber Pearl Harbor” arrived? These disinformation notices are more viewed. They've been around for years, and now they may face their biggest test: a real invasion with missiles and tanks. It is no longer an election or an assault on Capitol Hill, or even a pandemic.
But with Ukraine the real fear was the cyber war that would end all cyber wars: the famous "cyber Pearl Harbour" that would mark a before and after. But so far, nothing very noteworthy.
This quote from a Ukrainian official in an Associated Press ticker on Thursday puts things in context. The article is about the denial of service attacks that affected Ukrainian government websites yesterday Thursday morning: they are attacks that serve to prevent visiting the page or slow it down. This was the teletype: “Asked if the attacks were continuing this Thursday morning, Defense official Victor Zhora did not reply: 'Are you serious?' he wrote in a message. 'We have ballistic missiles on top of us.'”
Cyber warfare experts have long warned of the need to put the seriousness of these attacks into context. No one knows for sure what could end up happening or how, but it is known that so far it has not happened. One of the best proofs that it has not happened is that Russia has needed to enter Ukraine with tanks to achieve its presumed objectives. The attacks of all kinds launched since 2014 have had varying degrees of success, they have affected everyone, but they have not definitively advanced their cause.
That said, is there any country out there with its finger on a button that would launch a cyberattack that would leave an entire country unresponsive? It is difficult but possible. So far no one has seen it.
This extensive article by two cybersecurity experts tries to put some evidence in this field given to great headlines, more so in days of tension like the ones we have pending from Ukraine:
The evidence suggests that the threat is exaggerated. Russia has been trying for eight years to get Ukraine to abandon its pro-European Union and NATO foreign policy through a combination of diplomacy, coercion and subversion that included multiple cyber operations. Those efforts failed. And that is why Russia has switched to a more costly and risky instrument of power, but also more powerful: military force.
Cyber operations are not irrelevant, nor are surprise cyber attacks impossible. But in assessing its threat we should distinguish between what is possible in theory and what is feasible and therefore probable in practice. And there the evidence clearly indicates that it is likely that cyber operations will not be able to replace the use of force, nor to significantly improve military effectiveness.
There is a derived option that can have unforeseen consequences. In addition to the denial of service attack, in the last two days a wiper, a malicious program that erases the content of the computers it attacks, has destroyed computer systems of key Ukrainian defense centers, not only within the country, but also in Lithuania. and Latvia.
This apparent internationalization of the conflict has led to fears of what would happen if a new NotPetya occurred, an attack against systems within the country that spread throughout the world and caused great damage to several global companies. These types of attacks can occur by will, by chance or by mistake. What would be the response if systems suddenly start going down in London or Munich? What should be the answer? In this field, everything depends a lot on everything: it depends on the attack, it depends on whether it is very clear who the attacker was, it depends on its real consequences, it depends on those affected. It is a very thorny territory.
“There is no winning bullet available to the West. To speak of cyber as "the deterrent missile of our age is madness," writes Oxford University professor Ciaran Martin. “The cyber domain can influence, but it will not decide this crisis. I'm not saying this to underestimate the horror, nor the importance of the cyber dimension. But realism helps us prepare better. In the West, caution and preparation without panic are the proper posture in cybersecurity,” he adds.
You can follow EL PAÍS TECNOLOGÍA on Facebook and Twitter or sign up here to receive our weekly newsletter.
