Could MH17 sanctions push Russia to cyber warfare?

A leading cyber security academic has warned the US and European governments that tougher sanctions on Russia relating to the MH17 airplane crash could result in the start of cyber warfare.

Criminals get hold of 'Russian state malware'
Criminals get hold of 'Russian state malware'

Following the Malaysia Airline MH17 airplane crash which saw 298 people lose their lives –  believed to be at the hands of Russian separatists, Russian president Vladimir Putin has been the focal point of much media attention, with US President Barack Obama and UK Prime Minister David Cameron calling for deep sanctions against the country if it is shown to be behind the tragedy.

However, in a statement issued earlier today, one UK cyber security academic warned that any sanctions could see Russia retaliate with cyber warfare.

Professor Mike Jackson – computer security expert at Birmingham University– said that countries have typically responded to sanctions by preventing the supply of certain products (a possibility for Russia, which is a big provider of gas to European countries), but suggested that such actions could take place in the cyber world too.

“As EU governments discuss ways in which they can toughen up sanctions against Russia today, they need to be mindful of the ways in which Russia could retaliate,” Jackson said by email.

“Traditionally the response to sanctions has been the denial of essential supplies to those imposing the sanctions (for example ceasing to supply oil to Germany). In today's electronic age the response might be to electronically disrupt the workings of government and industry.

“Over the last few years a group of cyber spies has functioned in Eastern Europe. They are thought to be sponsored by the Russian Government, although this has not been definitely shown to be the case. The group has infiltrated computers in many western government departments and major defence companies. It is thought that primarily they are fishing for secrets but there is no reason why their networks could not be used to disable IT operations and cripple government functions.

“If Russia is pushed too far will they choose to deploy cyber warfare?”

Quizzed by SCMagazineUK.com shortly afterwards, Jackson admitted that such claims would ‘probably not stand up in a court of law' but said that ‘digital fingerprints' left by the hackers would be enough for GCHQ, MI5 and other powers to investigate.

He said that the same group behind attacks on defence companies took an interest in Ukraine six months ago and warned that it could launch a large botnet attack against UK and European computer systems, particularly if they felt the sanctions proposed were too strong.

“That would certainly have an economic effect,” said Jackson of the potential attacks, pointing to Russia's alleged cyber-attack against the Estonian government in 2008 as evidence of cyber warfare.

He said, ultimately, that the ‘threat' of cyber warfare would carry a far bigger deterrent – much like nuclear weapons in the Cold War.

“The threat of it may be enough to shift opinion,” said Jackson, adding that Russia's cyber capabilities would be well-noted and may be enough to loosen sanctions on the Russian government.

Dan Solomon, head of cyber risk and security services with Optimal Risk Management, added that Russia's cyber capabilities are well known but suggested that any cyber-attack in retaliation to any proposed sanctions could result in ‘unwanted escalation' on both sides.

“There is no doubt that this is a capability that Russia has, and it has shown repeatedly that it is prepared to use it. Against weaker countries there would be a higher probability that Russia could follow this route, but against larger countries, there is a much lower probability.”

“The concept of a UK cyber capability sufficient to deter Russian attack will not be convincing to  Russia, and there is no clear understanding as to how a ‘counter-attack' would be launched and with what objectives.

“Russia knows that there is a very low likelihood that the UK or NATO would respond to such a cyber-attack with a cyber-attack, or anything ‘military' in nature. This is new ‘ground' as far as doctrine is concerned.”

But Jackson's comments were questioned by Thomas Rid, professor of security studies at King's College London, who said that there is a lot of ‘hype' on such claims, adding that there is no evidence of cyber warfare brewing.

“If anything, it is remarkable how little cyber-attack activity we have seen in Ukraine. I mean Russia is the El Dorado of cyber-crime. And they can't even pull off a cyber-attack worth mentioning?” Rid told SC.

“It's safe to say that there's significant frustration from inside the intelligence community because there is so much hype, and so many people overstating what's happening,” adding that there is money to be made by such hype.

Rid said that DDoS attacks and defaced websites have been the most popular type of attacks since the Crimea, and says that – bar the Stuxnet incident that saw Iranian centrifuges damaged – there haven't been any notable acts of cyber warfare since the US Air Force spoke on cyber threats in 2006.

Instead, Rid said that most activity was on ‘covert' operations, such as the intelligence operations uncovered by former CIA contractor Edward Snowden.

Sign up to our newsletters