What Russia’s Ongoing Cyberattacks in Ukraine Suggest About the Future of Cyber Warfare

Our society has undergone many eras of “testing” various new weapons to be utilized against targeted actors. From atomic to nuclear attacks, testing has always been an important part of making sure that harm can be implemented on desired targets. As we move deeper into the modern era of technology, it is possible to note that cyber warfare is only beginning to spread and increase in volume. Though not the only targeted state, Ukraine has been facing cyber threats and attacks from Russian hacktivists, as much evidence would show. Such attacks have included the 2015 attack against Ukraine’s critical infrastructure, including their electric power which at first only affected civilians but grew to harm financial institutions and government agencies the following year. Russian attacks against Ukraine have also included a specific malware that was aimed to completely erase Ukrainian government data, a type of cyber-attack that surpassed all others in its resulting effects. However, Ukraine is known to have been targeted because of the state’s advanced infrastructure, an element that will only continue to inspire malicious hackers to expand their cyber-attacks to a global level.
It is important to note that fortunately, Ukraine’s cyber-security was supported by the U.S., the UK, and the European Union, all of which provided resources for the targeted state to defend itself from Russia’s cyber-attacks. However, states must not wait for luck to save them from threats or attacks, as cyber-security is only becoming much more important. Due to Ukraine’s allies, it is possible that a global cyberwar occurs and states must not wait to determine the “ifs” of this event but should instead be prepared for the “when”. For state actors to be readily prepared for such an event, it is important to recognize the difference between direct/indirect attacks and how to defend against either. Direct attacks consist of targeting civilians to decrease the “desire to continue the war”, while indirect attacks target larger systems such as a state’s “power grid, supply chains, banking systems” among other sectors of critical infrastructure. To protect from direct cyber-attacks, it is vital to take certain independent measures of cyber-security, including not falling for phishing schemes, having strong and unique passwords for different accounts, and having updated software to protect against malicious viruses or malware. On the other hand, to defend against indirect cyber-attacks, states and infrastructure sectors should not only be prepared to recover from an attack, but should (ideally) also be prepared to be secure before an attack is even made. Whether a civilian or part of a larger state or private entity, every individual should be informed and prepared (as mentioned earlier) not for “if” a global cyber-war occurs but instead for “when” it does.