Ukraine’s telecommunications system has been cyber attacked, according to the head of the country’s security service.
Internet and telephone services between the Crimea region and the rest of Ukraine were cut after Russian forces seized control of Crimea, but now the mobile phones of members of the Ukrainian parliament are being targeted. The main government website was also down for almost 72 hours.
Russian authorities deny direct involvement, saying they have no control over “patriotic hackers.” However, Russia has a history of using these nationalist cyber mercenaries as proxies to launch sophisticated cyber attacks at foreign countries.
In 2007, Russia launched a three-week-long massive cyber attack on the Estonian government and the private sector—such as banks, ministries, and media—over an argument the two countries had about the removal of a Soviet war memorial from the Estonian capital.
In 2008, Russia, for the first time in its history, used large-scale cyber attacks to support the military operations during its war with Georgia. Russia attacked Georgian government websites, including those of the president, the parliament, and the supreme court, as well as U.S. and British embassies in Tbilisi.
So far, Russia has not launched the type of large-scale cyber attack it launched in Georgia and Estonia, but the potential for escalation remains. Additionally, Ukraine is not without cyber defenses and has its own set of “patriotic hackers” capable of retaliating. Already, Russia Today, a Russian English-language news site, was briefly hacked with the word Nazi being swapped into headlines to describe Russian forces.
It is important to prevent the current cyber attacks between Russia and Ukraine from escalating. Russia was willing to cyber attack a NATO member country in the case of Estonia. Therefore, the U.S. and its NATO allies should communicate with the Russian government to make sure that Russia does not mistakenly attribute cyber attacks from Ukrainian sympathizers to actions by a NATO member.
This sensitive situation only goes to show the limits of the United States’ current approach to international cybersecurity, which has allowed bad cyber actors like Russia to go undeterred. The U.S. should take the lead on international cybersecurity by causing those bad actors to experience diplomatic and economic pain in order to deter future cyber aggression.
To do that, the U.S. should establish and work with a broad multinational coalition of nations that support Internet freedom and want to crack down on international cyber crime. This coalition can send a message that cyber aggression will not be tolerated and will be punished through diplomatic naming and shaming, business and visa restrictions for parties connected to cyber crime, and legal consequences in both coalition nations and international organizations.
Russian aggression, in both the physical and cyber worlds, is a threat to Ukraine and nations around the world. Failure to take a stand against such belligerence will only encourage further cyber attacks, espionage, and aggression from Russia, China, and other state and non-state actors.
Jared Ferris and Stanislav Miachkov is currently a member of the Young Leaders Program at The Heritage Foundation. For more information on interning at Heritage, please click here.