Geopolitics may be something a lot of us are getting a crash course in these days, given recent events, but I’ve been an amateur student of the subject for a long time. By “long time,” I mean prior to studying computer science. I took a class in high school in which we simulated geopolitical dynamics with tabletop RPG-style games. From then on, I was hooked on analyzing the world through the lens of converging interests, power, and human nature.
As you can imagine, then, I am dialed into what’s going on at the moment. The ongoing conflict in Ukraine marks only the second truly conventional war of the 21st century (the first being the war between Armenia and Azerbaijan) in which one side’s military didn’t immediately crumple.
It’s also the largest military wartime deployment of any country since the Iraq war. Along with myriad other ramifications, this means that this is the first war in which both sides can bring top-tier cyber capabilities to bear. Intelligence agencies the world over are watching very closely to see just what to plan for should their nations enter a conventional conflict.
Military wisdom has it that “the first casualty in war is the truth,” and the volume of misinformation, disinformation, and just plain spin already emerging only underscores that. Keep in mind, then, the observations on which I base my musings could be totally off-base. That said, I try to ground my speculation in reasonable dynamics, evaluating and connecting existing dynamics to see how they could interact.
In Cyberwar Anyone Can Be a Soldier, Everyone Is a Target
Unsurprisingly, Ukraine is exhorting its technical elites to strike at Russian targets from their keyboards. Considering the advantageous asymmetry of launching such attacks, why wouldn’t they? A lone individual with a single computer and the right tradecraft can compromise and disrupt whole networks, including those supporting critical infrastructure. The ransomware attack on the Colonial Pipeline illustrates this vividly.
Another element that makes hacking attacks so devastating is that they can be launched from anywhere, against any target. In this or any other conflict, what’s stopping hackers around the world from taking sides?
The hacking collective Anonymous claims to be involved, but why stop there? You can bet that nation-state hacking forces are looking at ways to tip the scale toward their preferred faction in the Russia-Ukraine hostilities. I wouldn’t be surprised if the NSA, Cybercom, and Chinese state hackers are thinking of getting involved, even if just to conduct recon.
But again, literally any hacker, even acting alone, can take up arms; and, because the conflict broke out along vastly different geopolitical and legal lines, there is little risk of one side incurring consequences from the other.
Russia and the U.S. do not have an extradition treaty. So, if a concerned American decided to strike a blow for Ukraine, say by DDoS-ing Russian e-commerce or social media platforms with a botnet, they have little to fear from the U.S. sending them to Russia to stand trial. (Please note that I am not a lawyer and am not dispensing legal advice.)
Along with a broader scope of participation, there is also a broader scope of targets. Any user who can strike a network can in turn be struck themselves. When there is all-out networked warfare, any network in a belligerent nation is going to be seen as fair game.
Civil and military infrastructure are tightly coupled, so an attack to inflict military harm will harm civilians as well. Compromising a Russian social media site will inhibit soldiers from coordinating but will prevent civilians protesting the hostilities from coordinating.
OSINT Puts Us All in the War Room
Internet-based tools for receiving real-time information provide ordinary remote observers with an unprecedented view inside the conflict. Amateur content creators worldwide are quickly proving this as they use exactly such open-source intelligence (OSINT) tools to produce analysis on conditions in Ukraine.
Probably the richest source of real-time updates are crowdsourcing apps. Google Maps’ Waze integration means we can infer refugee flows by where traffic is heaviest. There are also apps like Citizen which allow residents to alert one another to hazards by taking videos and pinning those to a time and place on a map. I would be stunned if this or a comparable app isn’t being used by Ukrainians to track and avoid the most intensive fighting.
Even online civil infrastructure tools have shed light on the state of the fighting. Flight trackers show possible spy planes circling airspace where other craft are desperately avoiding. One way Ukraine determined the extent of the fighting in the Chernobyl Exclusion Zone was by a massive elevation in radiation detected by IoT sensors there.
Between all these tools (and more), with a few of these running on a monitor anyone can have a real-time view of the conflict.
Social Media, Where All-Out Guerrilla War Meets PSYOPS
Then there’s social media. In an environment where anyone can pose as anyone to say anything, what results is a mix of fact and fiction evolving too rapidly for professionals to verify.
On Reddit, a supposed American tank mechanic dispensed advice to Ukrainian civilians on how to disable Russian armored vehicles. Deployed Russian soldiers looking to hook up via dating apps make themselves vulnerable to patriotic Ukrainian women pulling intel out of them or harming them when their guard is down.
Across numerous platforms, Ukrainian militias are posting their rallying points and Russian positions to corral fighters for a push against the enemy. Ukrainian President Volodymyr Zelenskyy himself has taken to social media to post defiant videos of his commitment to the defense of Kyiv.
While all the aforementioned efforts are plausible, whether (or to what extent) they are playing out is utterly unknowable, as everyone is an unaccountable pseudonym on the Internet, bringing rise to questions such as:
Is that observer on the ground in Ukraine a civilian or a Russian infiltrator?
When they transmit Russian troop movements, is it to guide Ukrainian units there and civilians away, or is it to misdirect the enemy to allow swift Russian advances?
Is that Ukrainian government website or social media account providing useful information on where civilians can avoid concentrated fighting, or have Russian state hackers compromised it to guide civilians into harm’s way?
They’re Called Advanced Persistent Threats for a Reason
Then, of course, there’s the nation-state “cyber” capabilities of the belligerents themselves. Russia has long been a major player among nation-state offensive hacking outfits. Russian state hacking operations are so sophisticated, in fact, that it may even take world-class intelligence agencies months or years to detect the extent of Russian activity — and for us civilians, that classified information will trickle out even more slowly.
A couple of weeks ago a deepfake video of Ukrainian president Volodymyr Zelenskyy surfaced online.
A deepfake of Ukrainian President Volodymyr Zelensky calling on his soldiers to lay down their weapons was reportedly uploaded to a hacked Ukrainian news website today, per @Shayan86 pic.twitter.com/tXLrYECGY4
— Mikael Thalen (@MikaelThalen) March 16, 2022
Although is not yet clear who created this deepfake, given how much video Zelenskyy has posted online to boost morale, how difficult would it be for Russian state hackers to run a deepfake machine learning algorithm on a supercomputer and start issuing fake videos of Zelenskyy?
Then, of course, there’s using conventional state kinetic power to influence network power. Imagine what Russia could accomplish if its soldiers seized control of major Ukrainian internet service providers?
New Kind of War
Like with the conflict itself, our understanding of the internet’s role in war is nascent. However, it turns out, though, with all the world joined together on one internet (more or less), like it or not, we’re all along for the ride.