Ciberguerra

A Ukrainian serviceman stands next to the antenna of a Starlink satellite-based broadband system in Bakhmut, Ukraine, on Feb. 9. (Yasuyoshi Chiba/AFP/Getty Images)

Even as fighting rages on the ground in Ukraine, Russia continues to wage a long-term battle for control of what Kremlin officials call the “information space” of internet communications.

Moscow’s campaign to throttle information is shameless. It launched its latest denunciation of the West’s supposed “coercive measures” in internet technology this month, as it was jailing Wall Street Journal reporter Evan Gershkovich on a bogus espionage charge, and sentencing democracy activist and Post contributing columnist Vladimir Kara-Murza to 25 years in prison on treason charges.

Russia knows that information is power. In addition to muzzling debate at home, it has attempted to seize the digital high ground internationally through the United Nations and its agencies.…  Seguir leyendo »

Nearly two years ago, I had the opportunity to chair the first official UN Security Council meeting on cyber-security. Almost everyone at the meeting stressed what all states have already agreed: international law, including the UN Charter in its entirety, applies in cyberspace. Russia did not.

Eight months later, Russia began its full-scale invasion of Ukraine and violated every rule in the book. For years, we had heard predictions that the next big war would be a kind of cyber-Armageddon. But instead, Russia brought back large-scale conventional war. Images of destruction from places like Bucha, where the Russian occupiers tortured and killed civilians, shocked the world.…  Seguir leyendo »

El ciberataque contra el Hospital Clínic de Barcelona, el pasado domingo, es el último episodio conocido de un fenómeno en auge constante. En un entorno cada vez más digitalizado, este fenómeno corre el riesgo de multiplicarse en los próximos años si no se actúa de forma más contundente. Lejos de ser anecdóticos, estos ataques ilustran la trampa del todo conectado y muestran que es imperativo recrear unos botones off para proteger nuestras instituciones estratégicas.

¿Por qué piratear hospitales? Durante mucho tiempo, los establecimientos sanitarios (y de forma general, las instituciones públicas) fueron menos afectados por este fenómeno, el cual se dirigía más a menudo a empresas y a particulares.…  Seguir leyendo »

Passengers wait for a train in Berlin on Oct. 8 after a major disruption on the German railway network. (John MacDougall/AFP)

“We are at war with Putin”, declared German health minister Karl Lauterbach this month. His remark caused consternation among his colleagues in government. But he’s right. Spies, hackers and mysterious saboteurs are attacking critical infrastructure around the country — and the most likely culprits are the Russians. For the first time in decades, Germans are confronting a major challenge to their national security. How will they adapt?

This month, an act of sabotage forced state-owned rail giant Deutsche Bahn to suspend all train traffic for nearly three hours across the country’s north, leaving passengers stranded. The sophistication of the attack, in which assailants simultaneously cut two sets of fiber-optic cables about 340 miles apart from each other, prompted some officials to speculate that a foreign government might be involved.…  Seguir leyendo »

It is a fallacy to say that cyber has not been a factor in the war in Ukraine. Both sides are using cyber capabilities to pursue their aims. Both sides understand the potential of integrating cyber and information confrontation with their military effort. And both sides know that they are engaged in a struggle for influence and opinion far beyond the immediate battlefield. It is a very modern digital and cyber war, as much as it is a brutal and destructive physical one.

Six months after Russia’s invasion, it is becoming clear how differing physical and virtual approaches have shaped the conflict.…  Seguir leyendo »

A quiet partnership of the world’s biggest technology companies, U.S. and NATO intelligence agencies, and Ukraine’s own nimble army of hackers has pulled off one of the surprises of the war with Russia, largely foiling the Kremlin’s brazen internet hacking operations.

Russia’s cyber-reversals haven’t resulted from lack of trying. Microsoft counts nearly 40 Russian destructive attacks between Feb. 23 and April 8, and Rob Joyce, the National Security Agency’s cybersecurity director, said the Russians had attempted an “enormous” cyber offensive. The Russians sabotaged a satellite communications network called Viasat in the opening days of the war, for example, with the damage spilling over into other European countries.…  Seguir leyendo »

As the war in Ukraine rages, a long-standing battle between Russia and the United States over cyberspace is also heating up, with a top Russian diplomat warning of “catastrophic” consequences if the United States or its allies “provoke” Russia with a cyberattack.

The “information space”, as the Kremlin likes to call it, has been a growing domain of U.S.-Russian conflict, not only in the Ukraine war, but in Russia’s hacking attacks against the presidential campaigns in 2016 and 2020 as well as the congressional elections in 2018. The two countries briefly seemed to be working together for common rules for cyberspace last year, but that cooperation has now exploded.…  Seguir leyendo »

Ukrainian special operations forces at a consumer electronics exhibition in Kyiv, September 2019. Valentyn Ogirenko / Reuters

A somewhat conventional war is underway in Ukraine, featuring organized and professional soldiers, a chain of command, advanced weapons such as drones and tanks, and state-crafted tactics and strategy. But a parallel war is also taking place, mostly in cyberspace, fueled by foreign volunteers fighting for either Russia or Ukraine. These online volunteer forces are loosely organized and don’t have a chain of command. They have grown exponentially since the war began in February—Ukrainian authorities estimate that some 400,000 hackers from numerous countries have aided the country’s digital fight so far. Several high-profile figures have offered to join the cause: the entrepreneur Elon Musk, for instance, has challenged Russian President Vladimir Putin to a “single combat” duel to decide the fate of Ukraine.…  Seguir leyendo »

A satellite view of a Russian convoy heading south, near Velykyi Burluk, Ukraine, April 8, 2022. Maxar Technologies / Reuters

During a Senate Intelligence Committee hearing in March, Senator Angus King, an independent from Maine, pressed General Paul Nakasone, the head of U.S. Cyber Command and director of the National Security Agency, about the lack of significant cyber-operations in Russia’s war in Ukraine. After all, Russia has long been known for targeting Western countries, as well as Ukraine itself, with cyberattacks. Echoing the surprise of many Western observers, King said, “I expected to see the grid go down, communications too, and that hasn’t happened”. Indeed, although President Joe Biden and members of his administration have also warned of potential Russian cyberattacks against the United States, there were remarkably few signs of such activity during the first six weeks of the war.…  Seguir leyendo »

The Myth of the Missing Cyberwar

After Russia invaded Ukraine, many observers initially expected cyberattacks to steal the limelight as a major instrument in Russia’s arsenal. But after a month of fighting, a host of prominent scholars and analysts of cyberconflict have reached the opposite conclusion. Russia’s activities in cyberspace, they claim, have been paltry or even nonexistent. They have dismissed the role of cyber-operations, variously proposing that digital preparations for the invasion in Ukraine never occurred, were haphazard or lacked any real impact, or were mere continuations of Russia’s long-term cyber-activity against Ukraine that fell below the threshold of outright war.

This is a dangerous misdiagnosis.…  Seguir leyendo »

“Cyberwar is coming!”

For decades now, we have heard this refrain from the American defense establishment. We were warned that the next big state-on-state military confrontation could start with a flash-bang cyberattack: power outages in major cities, air traffic control going haywire, fighter jets bricked.

As Russia started amassing around 100,000 troops along its western and southern borders through 2021, Ukraine seemed to be the ideal battle space for such an apocalyptic scenario. The country has already seen some of the most brazen, shrewd and costly cyberattacks in history over the past eight years: hacks and election interference in 2014 as Russia annexed Crimea, remotely caused blackouts in 2015, devastating ransomware attacks in 2017.…  Seguir leyendo »

Putin’s invasion of Ukraine didn’t rely on cyber warfare. Here’s why

The ongoing conflict in Ukraine has perplexed observers expecting to see the cyber dimension unfold differently. When Russia began to mass troops along Ukraine’s borders, analysts predicted that cyber operations would be critical to Putin’s military strategy.

One headline offered that the Russian invasion could “redefine cyberwarfare”. Former White House cyber expert Jason Healey hypothesized that, “it will be the first time a state with real capabilities is willing to take risks and put it all on the line”.

Despite these predictions, the expected “shock and awe” Russian cyber campaign in preparation of the invasion of Ukraine never emerged. Moreover, while the conflict will undoubtedly evolve, cyber operations don’t appear to be playing a decisive role on the battlefield.…  Seguir leyendo »

Cuenta el que fuera asesor de Ronald Reagan, Thomas Reed, que en 1982, en plena Guerra Fría, un ciberataque provocó una “monumental” explosión de un gasoducto transiberiano “que fue vista desde el espacio”. Lo recoge su libro En el abismo, basado en el testimonio del exconsejero de Seguridad Nacional del Gobierno de EE UU Gus Weiss. Aunque la KGB lo negó, el caso de la llamada “bomba lógica original” es comúnmente citado como la primera ciberagresión bélica de la historia.

Desde entonces, se libra online otra Guerra Fría —la cibernética— que nunca termina. Una con tácticas más sutiles, pero graves consecuencias.…  Seguir leyendo »

Que un conflicto se salga o no de control depende de la capacidad para comprender la escala de las hostilidades y comunicarse en relación con ella. Por desgracia, cuando se trata de conflictos cibernéticos, no hay un acuerdo respecto de su escala o de cómo se relacionan con las medidas militares tradicionales. Lo que algunos consideran un juego o batalla aceptables de común acuerdo puede no parecerle lo mismo al otro lado.

Hace un decenio, Estados Unidos usó acciones de cibersabotaje en vez de bombas para destruir instalaciones iraníes de enriquecimiento de uranio. Irán respondió con ciberataques que destruyeron 30 000 computadoras de Saudi Aramco y afectaron a bancos estadounidenses.…  Seguir leyendo »

Celebrations in March marking Poland's 20 years as a NATO member. Photo: Getty Images.

Under NATO’s ‘enhanced forward presence’ programme, small additional contingents from other NATO allies join the host nation’s troops in Poland and the Baltic states to bolster deterrence against any further Russian military adventurism.

These contingents have inevitably become the targets for malign Russian information activities. But so have their communities and families at home.

In the Russian view of information warfare, there is no front line and rear areas, and no non-combatants. According to Russia’s Chief of General Staff General Valeriy Gerasimov, a key feature of modern warfare in the information domain is ‘simultaneous effects to the entire depth of enemy territory’.…  Seguir leyendo »

Hace unos meses, funcionarios estadounidenses reconocieron que ciberoperaciones ofensivas de los Estados Unidos habían detenido intentos rusos de interferir en la elección legislativa de 2018. Esta clase de operaciones suele mantenerse en reserva, pero esta vez se habló de una nueva doctrina ofensiva de “combate permanente” (persistent engagement) con adversarios potenciales. ¿Funcionará?

Los partidarios del “combate permanente” lo defendieron con el argumento de que la disuasión no funciona en el ciberespacio. Pero eso es plantear una falsa antinomia: bien usada, una nueva doctrina ofensiva puede reforzar la disuasión más que reemplazarla.

Por “disuasión” (deterrence) se entiende evitar una acción del oponente convenciéndolo de que su costo superará el beneficio esperado.…  Seguir leyendo »

Tras haber presenciado las protestas populares que, desde las revoluciones de colores en la ex Unión Soviética a la Primavera Árabe, ponían en cuestión el poder de sus gobernantes, los autócratas del mundo han ido adoptando medidas legales que apuntan a incapacitar a grupos cívicos como los movimientos por la democracia y las ONG de defensa de los derechos humanos. Entre ellas, las de más amplio alcance son las que permiten a los funcionarios monitorear y castigar las iniciativas en línea de los activistas.

Aunque siguen siendo una importante preocupación las redadas abiertas de las fuerzas de seguridad, en los últimos años los regímenes autocráticos recurrido cada vez más a herramientas legales y burocráticas para obstaculizar las actividades de sus oponentes.…  Seguir leyendo »

The headquarters of Organization for the Prohibition of Chemical Weapons in The Hague. Photo: Getty Images.

The recent revelations about the cyberattacks conducted by Russian military intelligence (GRU) in several countries did not come as a surprise. The UK and its allies have been calling for public attribution of cyberattacks coupled with, when appropriate, a series of diplomatic and economic responses, and even retaliation-in-kind. The thinking behind this is that attribution, coupled with sanctions initiated by a united front of like-minded states, could create a deterring effect.

However, these revelations also play into wrangling over cyber regulation at the UN level. Russia is planning to submit two UN resolutions later this month, one on a code of conduct to regulate states behaviour in cyberspace and one on a new UN cybercrime convention.…  Seguir leyendo »

Dirigentes políticos como Leon Panetta (ex secretario de defensa de los Estados Unidos) llevan años advirtiendo del peligro de un “Pearl Harbor cibernético”. Sabemos hace algún tiempo que posibles adversarios han instalado software malicioso en nuestra red eléctrica. Existe la posibilidad de un corte de energía repentino que afecte a grandes regiones, causando trastornos económicos, caos y muertes. Rusia usó un ataque de ese tipo en diciembre de 2015 como parte de su guerra híbrida contra Ucrania, aunque sólo duró unas pocas horas. Antes de eso, en 2008, ya había usado ciberataques para obstaculizar los intentos de defensa del gobierno de Georgia contra tropas rusas.…  Seguir leyendo »

La urgencia de tomar previsiones ante posibles ciberataques

Si te preocupa el terrorismo, he aquí una amenaza más grande para perder el sueño: un ciberataque generalizado. De pronto, la oficina se queda sin electricidad. Las redes de telefonía celular y el internet también se apagan, junto con los metros y los trenes.

Los caminos están atascados porque no funcionan las luces de los semáforos. Las tarjetas de crédito son tan solo unos trozos inservibles de plástico y los cajeros automáticos no son nada más que grandes pedazos de metal. Las gasolineras no pueden bombear combustible.

Los bancos perdieron los registros de las cuentas de los depositantes. Las puertas de las presas se abren misteriosamente.…  Seguir leyendo »