Russia’s ability to unleash devastating cyber attacks on Ukraine’s military and civilian infrastructure may have been overblown, according to a British spy chief, as Ukrainian defences prove to be resilient against some of the country’s most sophisticated assaults.
“Perhaps the concept of a ‘cyber war’ was overhyped,” said Jeremy Fleming, head of Britain’s signals intelligence agency GCHQ.
While fears of an online war have not yet materialised, dubbed by some analysts as a cyber winter, Fleming warned in a speech at the CyberUK conference on Tuesday that the threat from Russia remained real.
Fleming’s comments came as the EU, UK and the US released joint statements saying it was “almost certain” Russia was responsible for a pre-dawn cyber attack on a US-based satellite internet company that included the Ukrainian military among its clients.
The attack, which commenced in the hours before Russia’s invasion of Ukraine, affected “tens of thousands” of modems and spilled outside of Ukraine, hitting customers in central Europe.
“This is clear and shocking evidence of a deliberate and malicious attack by Russia against Ukraine which had significant consequences on ordinary people and businesses in Ukraine and across Europe,” UK foreign secretary Liz Truss said.
Some analysts have warned that Russia may be withholding its most sophisticated capabilities, which could take down power plants or disrupt other critical infrastructure, or focusing its capacities on espionage for now.
At the same time, groups of hackers, either working directly with the Russian government or pledging fealty to President Vladimir Putin and his war in Ukraine, continue to operate in the darker corners of the internet.
The British spy chief told the conference in Wales that “there’s plenty of cyber about — we’ve seen what looks like some spillover of activity affecting other countries. And we’ve seen indications that Russia’s cyber operatives continue to look for targets in countries that oppose their actions.”
His speech comes as Nato and western allies continue to brace themselves for online assaults from Russia, and which agencies such as GCHQ’s National Cyber Security Centre have pushed industry to remain vigilant against.
Cyber attacks against the UK’s private-sector critical national infrastructure have leapt by 72 per cent since the war in Ukraine began, according to a survey by cyber security services company Bridewell.
Ukraine has received both public and classified assistance from the US and UK to strengthen its cyber defences, after it spent nearly a decade as a testing ground for Russian-government hacking groups.
So far, it appears this has helped Ukraine’s defence. Over the past few months, Ukrainian government and private-sector cyber security groups have thwarted hundreds of highly sophisticated attacks.
Fleming said Russia’s invasion of Ukraine had created a rapidly evolving cyber battlefield that its western allies, including Britain, were still adapting to as the implications of a nascent cyber war and the rapid public release of classified information influenced the conflict.
“This is modern warfare influenced and shaped by the democratisation of information — and the Ukrainians are excelling at it,” he said.
“The [Ukrainians] have responded well, kept their systems up, built their systems up, with their emergency plans after being under pressure for years,” said Rob Joyce, director of cyber security at the US’s National Security Agency.
Fleming did not address the role that Chinese government-affiliated hacking groups had had on western supply chains and intellectual property, saying only that “we’re seeing China go further and faster, imbuing standards and technologies with their authoritarian, government-led values”.
He hinted that the UK’s still evolving national offensive cyber strategy, modelled partially on the US army’s Cyber Command, was showing some initial success.
The UK had taken down about 2.7mn online scams in the past year, Fleming said, while the National Cyber Force had hunted criminals online, a rare reference to the work done by the new group.