Justin Sherman
Russia’s full-scale invasion of Ukraine in February 2022 challenged much of the common Western understanding of Russia. How can the world better understand Russia? What are the steps forward for Western policy? The Eurasia Center’s new “Russia Tomorrow” series seeks to reevaluate conceptions of Russia today and better prepare for its future tomorrow.
When the Russian government launched its full-scale invasion of Ukraine on February 24, 2022, many Western observers braced for digital impact—expecting Russian military and security forces to unleash all-out cyberattacks on Ukraine. Weeks before Moscow’s full-scale war began, Politico wrote that the “Russian invasion of Ukraine could redefine cyber warfare.” The US Cybersecurity and Infrastructure Security Agency (CISA) worried that past Russian malware deployments, such as NotPetya and WannaCry, could find themselves mirrored in new wartime operations—where the impacts would spill quickly and globally across companies and infrastructure. Many other headlines and stories asked questions about how, exactly, Russia would use cyber operations in modern warfare to wreak havoc on Ukraine. Some of these questions were fair, others clearly leaned into the hype, and all were circulated online, in the press, and in the DC policy bubble ahead of that fateful February 24 invasion.
As the Putin regime’s illegal war unfolded, however, it quickly belied these hypotheses and collapsed many Western assumptions about Russia’s cyber power. Russia didn’t deliver the expected cyber “kill strike” (instantly plummeting Ukraine into darkness). Ukrainian and NATO defenses (insofar as NATO has spent considerable time and energy to support Ukraine on cyber defense over the years) were sufficient to (mainly) withstand the most disruptive Russian cyber operations, compared at least to pre-February 2022 expectations. And Moscow showed serious incompetencies in coordinating cyber activities with battlefield kinetic operations. Flurries of operational activity, nonetheless, continue to this day from all parties involved in the war—as Russia remains a persistent and serious cyber threat to the United States, Ukraine, and the West. Russia’s continued cyber activity and major gaps between wartime cyber expectations and reality demand a Western rethink of years-old assumptions about Russia and cyber power—and of outdated ways of confronting the threats ahead.
No comments:
Post a Comment