What war in Ukraine means for cyber security in Europe
OPINION |

What war in Ukraine means for cyber security in Europe

THE NEW KIND OF WARFARE DEPLOYED BY RUSSIA THROUGH CYBER ATTACKS IS LIKELY TO AFFECT EUROPEAN COUNTRIES AND COMPANIES AROUND THE WORLD. MALWARE, IN FACT, CAN SPREAD BEYOND ESTABLISHED TARGETS

by Greta Nasi (Department of Social and political science) and Colin MacArthur (Department of Management and technology)

As bombs and missiles tragically rain on Ukrainian cities, so do another kind of armament: cyber weapons. This new generation of weaponry replaces explosives with destructive software (malware) and missile launchers with network vulnerabilities. Cyberweapons break into adversary country’s essential networks, establish remote control, and wreak havoc by erasing computers, leaking data and causing other dangerous disruptions to essential services and critical infrastructures.
 
But cyber weapons are different to traditional “kinetic” weapons in a key way: they are often less targetable. In other words, when a country releases a cyber weapon on another, it may hit other targets than its makers intend. As the malware moves inside a target’s network, it can inadvertently spill into others. Researchers call this a “spillover’ effect.
 
As Russia wages its war against Ukraine with cyber weapons, the risk of spillover to European countries and firms all over the world continues to increase. Microsoft has detected many Ukrainian computers affected by “wiper” malware that erases their contents in a difficult-to-recover way. In recent days, Microsoft also detected a new malware (named “FoxBlade”) focused on stealing health, insurance, and transportation data from Ukrainian essential services. Ongoing technical analysis will determine how likely these malwares are to spillover from outside Ukraine. But given past examples of malware spillover from Ukraine to other countries, governments around the world are issuing warnings about possible spillover risk. There are also emerging suspiciously timed disruptions to European systems, that may turn out to be spillover. Isolating ourselves from kinetic warfare no longer means we are safe from the effects of the war itself.
 

What ‘security’ must mean for this moment in history

 
How should Europe prepare and respond to collateral damage of cyberwar? Beyond technological defense and interventions, we must more broadly define our concept of “security” and our approaches to achieving it.
 
Traditionally, the concept of security developed along with the notions of threat and force, primarily in the military. The related object and the existential threats have been related to physical domains, until the end of the last century.
 
In February 1998, while the US was preparing the bombing attack on Iraq, someone breached into military computer networks.  It turned out it was not a state, but some teenagers out of California.  This event, known as Solar Sunrise, shed light on the cyber domain. It raised the policy debate about the assets, vulnerabilities, and capabilities governments have to govern to protect their objects and their stakeholders in the cyberspace.
 
Drafting a national cybersecurity strategy requires:
  • Defining the principles, priorities, and assets to govern (ranging from economic to social pillars)
  • Understanding the technical security issues in terms of objects to govern (confidentiality, availability, and integrity of data) and how the attackers may compromise a computer system (by manipulating the threads of control, namely the instructions on what to run next on a computer);
  • Identifying and developing capabilities to defend against specific threats to the state’s principles and priorities;
  • Deploying those capabilities as a projection of broader state power.
 
A national cybersecurity strategy requires an approach that cuts across agencies and sectors, defines goals, and plans actions designed to improve the security and resilience of national infrastructures and services.
 

Cybersecurity as a public good

 
Security in cyberspace must go from being a technical concern to a broader public good, developed by many societal actors. IT experts, lawmakers, regulators, social scientists, civil society groups and institutions need to cooperate.  Governments must no longer be solely responsible for maintaining security and stability within their borders; other actors must become deeply involved.
 
Ukrainians and their allies have already begun to demonstrate this broader approach with:  
Amid the ongoing catastrophe of war in Ukraine, European countries can and should prepare themselves for the cyber spillover by building a broader coalition of different stakeholders. The next cyberwar will not just be a technology problem; it will be everyone’s problem.
 

Latest Articles Opinion

Go to archive
  • Occupational Downgrading Puts Mental Health at Risk

    Immigrants tend to be overqualified for the lowskilled, highrisk occupations that they tend to take up. A research study shows that this fact increases the risk of psychological disorders

  • With Increasingly Flexible Work, the Old Stakes Are of Little Use

    New work time arrangements and forms require new ways of management and new protections. And therefore, new forms of labor relations and union organizations

  • Trust That Can Be Trusted

    There is social trust and institutional trust. And if the former is more stable to external shocks, the latter is more sensitive to them. The two can also diverge, as during the pandemic, when mistrust in US institutions towards emergency management corresponded to an increase in social trust

Browse the magazine in digital format.

View previous issues of Via Sarfatti 25

BROWSE THE MAGAZINE

Events

Mon Tue Wed Thu Fri Sat Sun
        1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30 31