Russia’s cyber offensive against Ukraine has, so far, consisted of denial of service (DDoS) attacks and “wiper” malware. DDoS attacks have been used to spread confusion by bringing down Ukrainian government websites while “Wiper” hits the financial sector.
Cyber Operations are unlikely to seriously escalate the situation because they are limited. They will be used to support further aggression - and we should be prepared – but not panicked.
Although cyber conflict has existed for years, the strategic uses of cyber operations is unclear. Cyber operations can be used both in warfare and low intensity conflict, however what we have seen so far is that cyber-operations have been instruments of subversion, rather than forceful aggression.
Cyber-operations hold great strategic promise but have so far fallen short in practice. This is not not to underplay the seriousness of the cyber dimension of the conflict. Some of Russia’s cyber attacks on Ukraine have had serious consequences, going as far back as 2014.
Ukraine may seek to use cyber capabilities against Russia, however this will most likely not be for the “element of surprise” which is one of the strong selling points of cyberweapons, but to disrupt and demoralise the Russian military and people.
Will we see a cyber-conflict with the West? It is possible but far from certain. Russia could strike back for sanctions. Escalation is always unpredictable. The Kremlin is likely to treat cyber-escalation in the same way it weighs up other instruments of aggression. As such, the launch a major disruptive cyber-offensive against the West will most likely only happen if Russia is ready for escalation.