Conflict, Military Battlefield and Cyberwarfare

"The scope and severity of cyber operations related to the Russian invasion of Ukraine has almost certainly been more sophisticated and widespread than has been reported in open sources."

"[Russia is] in the process of developing cyber capabilities against targets [in the EU and NATO, including Canada]."

"[Since Russia's invasion of Ukraine CSE has alerted Canada's critical infrastructure to] reinforce the need to enhance vigilance and follow Cyber Centre advice."

"[The threats include spying by Russian-backed actors who have] almost certainly increased cyber-espionage targeting of North Atlantic Treaty Organization countries in response to NATO's support for Ukraine."

"[Russia has] sought to degrade, disrupt, destroy or discredit Ukrainian government, military and economic functions, secure footholds in critical infrastructure, and to reduce the Ukrainian public's access to information."

Communications Security Establishment Canadian Centre for Cybersecurity

Canada’s Communications Security Establishment (CSE) warned Canadian banks, power utilities and other major firms that day “to take immediate action and bolster (your) online cyber defences.”

"Anyone who has critical infrastructure under their control, or is interfacing with it, needs to take what they're [CSE] saying seriously. They're not in the habit of trying to spook Canadians."

"Obviously, Canada is involved, not directly, but very closely and adjacently, to the hostilities between Ukraine and Russia at the moment, so it remains unclear to me what exactly CSE's formal risk assessment is at the moment."

"Is it batten down the hatches?"

Christopher Parsons, senior researcher, Citizen Lab, University of Toronto

"CSE is trying to flag wave here to a certain extent and show that there is an increased risk in Canadian infrastructure."

"They [Russia] want to know what our plans are. They want to know our diplomatic coordination. They want to know if more sanctions are coming. They want to know what military equipment we're talking about sending Ukraine and they want to know our discussions with Ukraine as well."

Stephanie Carvin, assistant professor of international relations, Carleton University

The message is that Russian cyber operations are being underestimated. NATO nations are understandably primarily focused on the conflict, the war being waged caused by Russia's invasion of its neighbour and Ukraine's response. An unequal contest in terms of military personnel, types and numbers of military materiel between the two, an inequality that NATO is trying to bridge in providing Ukraine with more up-to-date and powerful defensive weaponry. Even as Ukraine's resolve and its military's courage in the confrontation have proven superior to the military acumen and performance of their Russian attackers.

The Canadian Centre for Cybersecurity issued a threat bulletin on Thursday pointing out the lack of awareness surrounding Russia's potential for cyber attacks and that it is steadily gearing up to not only penetrate security to mine information, but to cause as much internal damage to Canadian infrastructure as possible, given new modes of conflict in a wired world. 

Before the Kremlin sent its troops into Ukraine, breaking the long built-up suspense when it massed its war machinery and troops at the ready on the border between Russia and Ukraine, the CSE had issued a warning of the potential for Russia to target Canadian critical infrastructure. Its cybersecurity centre since that time has reminded sectors in Canada of the need to refine vigilance and at the same time reinforce security of critical infrastructure.

That reminder follows on the recent massive shut down of service to millions of individuals, banks, businesses and government offices occasioned by an interruption in service by one of Canada's largest internet service providers that lasted several days. And while the service provider in question ultimately messaged that a technical mishap had been the cause, the second such incident in a matter of months, there may be reason to believe that outside interference in the form of a cyberattack was the culprit.

It is then timely as a reminder of the threats CSE identified Thursday that include Russian-backed actors spying on Canada's most vulnerable yet critical sectors in infrastructure within the country, to lose their complacency and continue to upgrade security. Two years earlier CSE divulged the likelihood of state-sponsored actors developing capabilities to enable them to disrupt critical Canadian infrastructure, the electricity supply cited as an example. 

 

There was no active conflict at the time, so it was held to be unlikely cyber criminals would "intentionally seek to disrupt Canadian critical infrastructure and cause major damage or loss of life in the absence of international hostilities".That has changed, as Dr.Carvin noted that "short of conflict, they didn't think it would be likely, but the fact is, there's now a conflict. "

Local people surveying destroyed buildings in Lysychansk on Sunday. Analysts say Russian forces are four miles south-east of the city. Photograph: Oleksandr Ratushniak/EPA