Ukraine's cyber-war shows us the future
The age of the open internet is finished. How do we contend with a closed one?
A 19-year-old computer hacker invited me into his home in Lviv, Ukraine, ready to show off his weaponry: three large monitors from which he coordinated cyber-attacks into Russia’s increasingly closed-off internet. It was March 2022, and he wanted to strike back at Russia’s opening missile salvos. But he didn’t want to scare his parents by heading to the front lines with an assault rifle. So he signed up for Ukraine’s “IT Army” of computer nerds instead.
Amid the sound of air raid sirens and the occasional thud and rattle of distant missile strikes, the teenager proudly showed me his work defacing Russian websites, posting Ukrainian flags and targeting Russian government systems.
“I learned hacking on Google and Wikihow,” he explained. “It was pretty easy. It took a couple weeks.”
My Ukrainian hacker friend showing me the ropes of cyber-warfare. He will remain anonymous for his safety. Photo taken with his permission.
The ease with which he launched cyber-attacks was cause for hope, but also worry. Hope, because his work signaled that Ukraine was prepared. Early in the war, hackers had infected Ukrainian government networks with malware that had the ability to erase hard drives, infected supply chains for future attacks on Ukraine and NATO, and disrupted a satellite broadband internet provider. The resulting outages spread to other parts of Europe. In April, Ukraine fought off a massive cyber-attack on the power grid that could have shut down electricity, incited chaos, and ended with a colossal Russian military advance.
Despite Ukraine’s success, the age of cyber-warfare is worrisome when we look at the unpreparedness of other countries. Government systems and private companies remain vulnerable worldwide. And Ukraine has long been a bellwether for how Russia uses cyber-warfare, information operations and foreign influence in the US and EU. Imagine if Ukraine didn’t develop its responses to Russia’s cyber-threats over the past decade. It would suffer on the internet battlefield, potentially sowing confusion and defeat on the physical one.
One repeat lesson in innovation, diplomacy, geopolitics and warfare is the leveling effect of technological disruptions—of returning everyone to pretty much the same playing field. The internet allowed people all over the world to leapfrog some of the earlier technological advances and arrive at the same starting line. Cyber-warriors affiliated with Russia, China, and Iran have had decades to learn to infiltrate Americans’ data, and shut down critical infrastructure, stopping trains, tanks and even bringing down airplanes.
Democracies had misplaced hopes that internet was the incorruptible tool for the high age of globalization—that “information wants to be free,” as the hacker adage goes. Because the internet was open and unregulated, our adversaries had no problem exploiting our goodwill. Now we must contend with a fraying, fractured internet, figuring out how protect ourselves from newly incumbent cyber-warfare powers like Russia.
The Council on Foreign Relations released a report this week on “foreign policy for a fragmented internet.” As my Monday morning read, it was a clear and big-thinking summary about where the internet has been, where it’s headed, and what we should do about it.
“The increased instability of cyberspace presents a grave challenge,” the authors write. “Compared with its adversaries, the United States stands largely alone, the most connected society but with the most vulnerable data.”
Enjoy.
Thank you for bringing this to us Geoffrey. It is an interesting point that hacking ability can be acquired so quickly, but makes sense, as we are able to quickly set ourselves a part in any category if we put focused effort in for a period of time, since so few do.
It is informative how you mentioned the leveling effect of technological disruptions, with one country taking a lead here and another later taking a lead there.