The Russia-Ukraine war has shattered the digital wall that often separated the government’s cyber experts from the private sector, forcing a new level of transparency on potential threats and engagement on geopolitical crises.
“I think the war in Ukraine has acted as a forcing function for governments, particularly the U.S., to reconsider how they communicate and declassify cyber threat information with the private sector,” said Jason Blessing, a research fellow at the American Enterprise Institute.
It’s no secret that government agencies tend to move slower than private actors when it comes to communicating and sharing threat information, so it makes sense to join forces, he added.
“I think you’re seeing the needle move in the right direction in terms of information sharing,” he added.
Nathaniel Fick, the head of the cyber bureau at the State Department, recently said that the war has made concrete changes to how the U.S. government and the private sector work together to counter cyberattacks.
“When I was a cybersecurity CEO, public-private partnership was a feel-good buzz term,” Fick said. “It generally meant I shared my data with the government, the government classified it, and I got nothing back.”
“That is emphatically no longer the case,” he added.
Experts said the U.S. government is now more willing to declassify certain information and share it with the private sector as they come to realize the benefits of early engagement.
And the war has also pushed the U.S. military to rethink how they can better integrate cyber into conventional military operations, while public-private collaboration has also helped Ukraine counter Russian cyberattacks.
“In Ukraine … Microsoft and others were able to push updates at scale in near real time based on collaboration with the U.S. intelligence community that allowed them to blunt these attacks,” Fick said.
Last year, Microsoft said it had thwarted Russian cyberattacks targeting Ukraine and organizations in the U.S. and the European Union. The tech company said the attacks were launched by a Russian hacking group tied to Russia’s military intelligence service.
Josephine Wolff, an associate professor of cybersecurity policy at the Tufts University Fletcher School, said since the war started, she has seen a much more urgent approach to publicly sharing information on emerging threats, how to confront them, and what disruptive steps the government and the private sector are taking.
Leading up to and following the invasion of Ukraine, U.S. officials sent out several alerts warning companies, especially those in critical sectors, to prepare for potential Russian cyberattacks by strengthening their cyber defenses.
“I think that’s where we’ve seen kind of the most progress and the most change,” Wolff said.
On the private sector side, experts say that companies large and small are more aware of the cyber risks stemming from the war and are proactively taking steps to fix their vulnerabilities and secure their networks.
Companies also recognize that they can also be targets of state-sponsored cyberattacks stemming from geopolitical disputes, and can no longer sit on the sidelines.
“I think you’re seeing more and more that firms cannot take a backseat to what’s happening politically,” Blessing said.
In fact, executives and board members of various companies are now asking how the war could impact their business operations in cyberspace, said James Turgal, vice president of cyber consultancy Optiv.
“The questions I’m getting are ‘what are the geopolitical impacts of the Russia-Ukraine war, specifically, the cyber aspects?,’” Turgal said.
“‘How should we, as board of directors, now think about that?,’” he said, adding that these are conversations he’s never had with board members prior to the war.
“[The war] truly has changed how boards are thinking about cyber,” he continued.
Cyber war crimes?
The war has also sparked a global debate on whether certain Russian cyberattacks could consitute war crimes.
Earlier this year, Ukrainian officials requested that the International Criminal Court (ICC) in The Hague investigate whether destructive Russian cyberattacks could fall under war crimes.
In January, Ukraine’s chief digital transformation officer, Victor Zhora, told Politico that his country is gathering evidence of cyberattacks tied to military operations and are sharing information with the ICC in the hopes of potentially charging Russia for those crimes.
Zhora argued that since Russia used cyberattacks to support its kinetic military operations that targeted Ukraine’s critical infrastructure and civilians, the digital attacks should also be considered as war crimes against Ukrainian citizens.
Those efforts could be a game-changer in this space as cyberattacks are currently not listed as a form of war crime under the Geneva Conventions.
Declining Russia; rising China
Moving forward, experts said to expect the U.S. to shift its focus on China, as it seems that Russia’s cyber capabilities have not kept up with the West.
At the onset of the war, many experts in the industry, including lawmakers and intelligence officials, predicted that Russian forces would launch destructive cyberattacks, but that didn’t materialize as many expected.
“What I would say is if Russia’s cyber capabilities cannot overcome the combined defensive efforts of the United States and Ukraine, then their capabilities have gone down,” Wolff said.
While China is emerging as the main adversary in cyberspace, it is also watching Russia’s efforts around Ukraine and applying it to its own situation with Taiwan, said Turgal.
“The Chinese are watching how the Russians are actually utilizing the different types of [cyber] techniques,” Turgal said.
Last year, Taiwan’s presidential office and defense ministry were hit with cyberattacks amidst then-House Speaker Nancy Pelosi’s (D-Calif.) visit to the island, adding to the rising tensions over the island.
Although it is still unclear who launched the cyberattacks against Taiwan, many have speculated that China was probably behind it as retaliation for Pelosi’s visit.
“I think the conversation does not just remain about Russia-Ukraine, I think the conversation evolves into China-Taiwan,” Turgal said.