What security professionals can learn from the war in Ukraine

March 17, 2022
The awareness raised from experts touting the importance of cybersecurity during these times is a long-awaited wake-up call

The Russian-Ukrainian conflict has brought cybersecurity concerns all the way to the front lines. With many high-profile companies and individuals pitching in to extend tech and internet resources to troops in Ukraine, strict adherence to cybersecurity measures is necessary to keep people and information safe.

Here’s what readers need to know about cybersecurity during tense times like this.

The Russian-Ukrainian Conflict Will Push the Boundaries of Cyber Warfare

The hard reality is that cyber warfare is already here, and cyber will become a major part of all global conflicts moving forward. The war in Ukraine will be noteworthy to watch as professionals across the globe learn to understand exactly how cybersecurity will play into warfare in the future. This is especially interesting with Russia on one side of the conflict. For years, military experts have been watching Russian cybersecurity concerns carefully.

An unexpected twist in the conflict: big hacker groups like Anonymous have turned their attention toward Russia. This is not something we’ve seen before, with hackers causing chaos using their cyber powers to take a side in a major conflict like this. Neutral and normally self-interested hacker groups joining wars extend the battlespace way beyond clear boundaries and borders. Streaming services and TV news along with the Kremlin’s official website have already been hacked.

Cybersecurity in space is also new to the current conflict, and again considering Russia’s role on one side of the conflict, this will be a vast area to watch with deep future implications. Russia and other NATO countries, particularly the U.S., have kept longstanding space program neutrality since after the Cold War. Space programs work together on the International Space Station, but we could see tensions rise in space when it comes to cybersecurity. The process of hacking satellites in space will be a major area to watch in the weeks ahead – cybersecurity in space is the next frontier of cyber warfare, so current actions will make a significant impact on future conflicts.

Operational Security Should be Ongoing

Experts know that governments, companies and individuals alike should always take ongoing operational security measures, in peacetime and wartime. However, systems administrators need to be on heightened alert during this conflict. Phishing emails, wireless network connections and mysterious hyperlinks are an even bigger threat to network security – one missed detail could open a big hole into a previously secure network.

In recent years, companies – particularly those storing sensitive information – have taken big steps forward to deepen security measures, but a lot still have not gone far enough to keep networks safe. Across the board, organizations should really step up their security in the wake of the current global conflict. Adding more layers of security, testing and training employees to protect the business’s digital front lines is critical at this time.

Within the current conflict, tech providers that are providing access and resources to Ukrainian civilians and troops should take extra care with security measures – if a device can connect to the internet, it can also be hacked. For example, Elon Musk made news for quickly enabling Starlink service in Ukraine to provide additional internet access capabilities in case other cellular or other Ukrainian systems go down. This is likely to happen. but it is still the responsibility of Ukrainians connecting to Starlink to ensure their information is secure.

Military and Defense Forces are Prepared

Within the defense sector, steps are already in place to ensure cybersecurity is extra tight during these tense times. Military systems have multiple levels of defense based on the level of sensitivity of the data. These systems, with many stopgaps, ensure that if a system does get hacked, hackers can’t see the full picture. There are many cyber tools available that enable secure encrypted ways to send information from anywhere, whether via an app on a mobile device or a hotspot, which protects information. This is an additional way defense forces prevent hacking or identify that sensitive information is being transmitted.

As is the case for civilians, the most secure cyber defense is simply not turning it on or plugging it into the internet. In some cases, the risk level may be so high that this defense tactic must be taken, and business must stop; in other cases, this isn’t possible. Defense organizations continue as best they can whether they’re conducting operations from a command station or on the battlefield, making tough risk-based decisions based on the situation and finding the sweet spot between the successful execution of a plan and secure communications.

What Does the Future Hold for Cyber Warfare?

While the war in Ukraine is extremely tense and worrisome for the entire world, defense forces and civilian organizations alike, there are some positive aspects to remember. The need for operational security is receiving global attention, and this conflict reminds everyone just how important constant cybersecurity is to the protection of an organization, and even a nation. The awareness raised from experts touting the importance of cybersecurity during these times is the wake-up call organizations need to raise their cybersecurity measures. Civilians have been reminded of the importance of processes like multi-factor authentication, changing passwords often and limiting credentialed access to information. It only takes one person’s mistake to break an entire network's security.

The world also is unifying against Russia, a nation that has long flown under the radar for unscrupulous cyber practices. This brings our world one step closer to realizing how serious cybersecurity is to modern warfare and defense. Hopefully, with such attention to Russia, world governments and peacekeeping organizations will wake up to other problematic countries where cybersecurity may be the next big threat to peace and democracy.

About the author: Tim Redfearn is an accomplished senior information technology leader offering 30 years of demonstrated career success developing and executing operational strategies to promote organizational growth and optimal utilization of emerging technologies. He is currently the C5ISR category manager at ADS, Inc., a military equipment supplier that provides tactical equipment, procurement, logistics, government contracts and supply chain solutions. Prior to this role, he was the Chief Information Officer and Senior Vice President at Navy Exchange Services Command (NEXCOM). He has previously held information technology roles at Clark Nexsen, Cox Auto Trader, Swimways, LifeNet and NorShipCo.