Internet seems to work fine in Ukraine after a week of Russian invasion. In addition, cyberespionage experts are trying to decipher messages that the Russian army sends to each other over the open radio, even with conventional mobile phones. These are two surprising details for a country, Russia, which is specialized in cutting off foreign communications and protecting its own in the conflicts in which it has participated.
Russia, a world power in electronic warfare, has so far neglected this facet of its aggression against Ukraine. In the community of experts linked to cybersecurity and electronic warfare that works and investigates this activity, the main feeling is one of surprise: why has nothing happened so far?
Along with the lack of cyberattacks, the absence of a dominant role for electronic warfare provokes above all speculation. EL PAÍS has consulted half a dozen specialists and on the same social networks there are innumerable messages asking about the lack of digital protagonism in this war.
One reason why we are not seeing much cyber activity in Ukraine right now:
Cyber is a perfect weapon for gray zone conflict: the space between peace and war.Once war breaks out, cyber becomes much less useful for anything but very tactical objectives in support of kinetic ops
— Dmitri Alperovitch (@DAlperovitch) March 2, 2022
Ukraine has been a Russian digital trading yard for more than a decade: the hack of electrical infrastructure in the middle of winter 2015 and the launch of the NotPetya malware in 2017 are the two main milestones of these years. It’s as if a terrifying monster surrounds a flimsy house, cuts off the power, throws sparklers out the window, sends rats and snakes down the pipes to test its success. And suddenly, after years of those attacks, he’d break down the door and walk in. From the outside, everyone expected a thunderous peal of punishments and digital outrages. But nothing has happened. It is as if the cyber moment had already passed, now they play real bombs.
According to some specialists, the success may be due to the best local preparation. “Ukraine has been a test lab for Russian cyber operations for the last eight years,” says Nadiya Kostyuk, a professor in the College of Public Policy at Georgia Tech. “While it was not ready for cyber warfare in 2014; it has learned a lot from its western partners and has significantly improved its defense. While in 2014 Ukraine’s networks and systems were completely dependent on those of Russia, Ukraine has been working to reduce its dependency. Furthermore, the internet became decentralized due to market dynamics. Furthermore, Western partners have been preparing Ukraine’s defenses for months before the conflict. I was pleasantly surprised to see the success of Ukraine’s defenses,” she adds. But it could just as well be that Russia is reserving or has dismissed this appeal for the time being.
As if that were not enough, the Russian troops that have entered the country have presumably done so with unsophisticated communications equipment. In a war it is difficult to clarify what is happening due to the lack of evidence on the ground. But from the first days circulates the image of a walkie Chinese 20 euros. On Twitter and YouTube there are several examples of intercepted messages to alleged Russian soldiers, also made by amateurs.
More and more evidence is emerging that the Russian forces rely on civilian radios and mobile phones for their communications. Our source in one invading unit confirms this.
This photograph is said to show a civilian radio captured by Ukrainians.https://t.co/ppwYktFsaD
— CIT (en) (@CITeam_en) February 28, 2022
“I’m surprised,” says David Marugán, a security consultant specializing in radio communications. “That photo [del walkie] It has come to me a thousand times and although it could be true, I don’t know which unit it belongs to, but it is a low-cost Chinese amateur radio team. In many conflicts where irregular forces, guerrillas or poorly financed troops participate, these types of teams appear” he explains. Although the expert believes that it could be a logistical failure or a lack of adequate materials, he claimed to feel “strange” that an electronic warfare power such as Russia is supposed to “send its troops with some walkies Chinese from AliExpress of 20 euros. It could be of course, but something doesn’t add up to me. Sometimes it is true that components of armies, in principle well equipped, carry radio equipment that does not correspond to an official endowment”, he explains.
This type of material has the obvious problem that it communicates openly and its signals are easy to intercept. That is what is happening for the first time in the open on the internet, thanks to people of all kinds with radio knowledge. “Unencrypted shortwave military communications also perplexes me,” continues Marugán. “It is the first war that I know of in which an internet community is acting as a signal analyst in real time and on the internet. I had never seen anything like it. There is a community focused on the interception and translation of the alleged conversations of Russian military units, it is spectacular, ”he adds.
If all this is surprising, the almost normality with which the mobile communications of Ukrainian authorities and civilians operate is even more so. In principle, it is common to think that an invading country is interested in preventing or complicating local communications: to avoid counterattacks, negative propaganda or insurgencies. So far it hasn’t happened.
Why? The simplest answer is because it is not so easy to cover the internet of an entire country if you are not its government. When there is a revolution against the authorities of an autocratic country they have a simple solution: ask the operators to turn off the switch. But without that drastic option, everything is more limited, especially geographically.
“Disrupting mobile service in a region is not easy, although for a foreign country it is certainly feasible,” says Joerg Widmer, director of research at Imdea Networks. “Signal jammers have a certain range, say up to 10 kilometers. The military may have more powerful ones, but traveling hundreds of miles would be extremely difficult. So blocking a city is feasible, a region is already more difficult, blocking a whole country is very difficult, ”he adds.
Jan 31: Russia will do a massive cyber against Ukraine.
Feb 14: Russian cyber will explode on the internet, like NotPetya
Feb 23: this is cyber war! Attacks on some Ukrainian websites
Feb 24: …
Mar 1: why not cyber?
Mar 3: cyberwar, as we know, is useless and doesn’t exist— Thaddeus E. grugq 🌻 (@thegrugq) March 3, 2022
But the difficulty is only a hypothesis. Another is that Russia is still not interested, according to Nadiya Kostyuk. “Russia may not have an interest in shutting down the internet in Ukraine. It goes to great lengths to push its propaganda and disinformation campaigns to influence the Ukrainian population. That is why it is important to maintain the networks, ”she explains. A cost-benefit calculation could also come into play, according to Kostyuk: “It could be more difficult to destroy them than to use these networks to continue spreading messages about ‘genocide’ by the Ukrainian government,” she adds.
If instead he wanted to limit communications, for Russia it would not be a test, they have already done it. As with cyber attacks, it has also tested these attacks in 2015 in eastern Ukraine. “It seems that Russia has already used it,” says Sadia Afroz, a researcher at the ICSI (International Computer Science Institute) in Berkeley, California. “It is very easy for anyone to block the mobile network. But it usually works in a small area, as most commercial cell phone jammers have a small range,” she adds.
This is the big technical problem. To block the lane, the attacker must be close and use a lot of energy. It is about creating an additional signal that confuses communication. “It’s like standing next to two people who are talking and starting to shout so they can’t hear each other,” explains Marco Fiore, a researcher at Imdea Networks. “But it requires a lot of power and you have to be close to communication. Even if the Russian army had a lot of trucks with jammers, they need to be close and an incredible number for a big city,” he adds.
A second method of bringing down the network is to destroy the infrastructure with bombs. Russia could have done something like this in the east of the country, although it is not clear if it does not work due to direct attacks or due to lack of electricity. Today the total destruction of stations in a city is a feat. Between the 2G, 3G and 4G networks, a large European city can have thousands of such stations. In the initial versions of this technology it was easier to hack or block a station, but now the network is more distributed. And when 5G is deployed it will be even more complex.
Two more drastic options remain. “The mobile internet has weak points, but they are not in the mobile infrastructure,” says Fiore. “There is probably a data center that serves as a very important point in the network that covers a certain region. But perhaps that point is in another country. It is not impossible to know which one, but the problem is that it may be thousands of kilometers away and you have to bomb another country. Another way to achieve the greatest possible blockade of the global internet is to go underwater and cut undersea cables,” he adds, in an effort to look for weak spots.
In Ukraine, the list of most downloaded apps reflects the concern of civilians. There are encrypted messaging apps such as Signal or Threema (paid) and apps that allow you to send messages without a mobile network, such as Bridgefy, which uses Bluetooth, or applications with other purposes, such as Zello, which imitates the operation of walkie talkies. The help offered by Elon Musk and his Starlink satellite network would fall into this category of extra resources.
The great difficulty is to know why this apparent mess occurs. The speculation here is varied. In the case of communications, Marugán ventures almost all the options: “It is clear that the Russian army knows that they are being listened to. It can be due to disinformation, intoxication, distraction, laziness, psychological operations or even self-sabotage and to make the operation fail ”by the Russians themselves, he adds.
You can follow THE COUNTRY TECHNOLOGY on Facebook and Twitter or sign up here to receive our weekly newsletter.
#electronic #warfare #appeared #Ukraine