What are Ukraine's options in the event of a technical Russian invasion of its cyberspace?

“Be afraid and prepare for the worst,” is an encrypted warning left by hackers after they targeted Ukrainian state databases on January 14.

A month after this incident, a powerful cyberattack paralyzed services at two major banks and on the Ministry of Defense website.

On both occasions, Russia denied its involvement, but this was not enough to exonerate it, as this incident coincided with the presence of more than 150,000 soldiers on the border of Ukraine.

But even if Russia does not take a step on the ground by invading Ukraine, Ukraine is more vigilant against an attack of a different kind, one from a country widely known as a pioneer in digital warfare.

Ukraine is not the easy target it was when the first Russian attacks hit its electoral systems in June 2014, as the Economist reports .

The report says that Ukraine now relies on significant domestic expertise, and receives assistance from Western security services, including the US Cyber ​​Command.

Its 8 years of experience has made it a world leader in threat detection and repair.

Russia is probably keeping its most dangerous tools for prime time, says Viktor Zora, deputy Ukrainian cyber command. “They are already trying a great variety of ways to take over our networks and critical infrastructure,” he says. “Of course, it's just the tip of the iceberg."

Andrei Baranovich, a spokesman for the Ukraine Cyber ​​Alliance, an activist group, reported that his group found backdoors to critical parts of Ukraine's IT and operations management within two weeks of research in 2017.

Some of it has even been advertised on the black market: "The programs to control water canals, power plants, and even the atomic energy sector, are hacked."

The NotPetya cyber attack in 2017, considered the most damaging in Ukraine's history and attributed by the White House to Russia, disrupted the radiation monitoring system at the defunct but still highly polluted Chernobyl power plant.

Russia's intentions determine the extent of electronic destruction

The ferocity of Russia's cyber operations will depend on its broader intentions, whether the goal is to cause pain and possibly overthrow the government of Volodymyr Zelensky, support a conventional military operation, or both.

Without a missile being launched, cyber operations can have devastating psychological effects on the Ukrainian population.

“Imagine the panic in the streets of Kiev if people are not able to communicate with each other,” says Volodymyr Omelyan, Ukraine's Minister of Infrastructure from 2016-2019, adding that not enough has been done to protect mobile networks.

The biggest concern is that the Kremlin will shut down its electricity, mobile and internet networks to create chaos ahead of a possible invasion. This could create concerns about the country's 15 nuclear power plants.

And Dmitriy Alperovich, whose cybersecurity firm CrowdStrike exposed the Russian hacking campaign to the Democratic National Committee in 2015, says Moscow has the potential to do all of that.

It can effectively target dozens of data exchange points connecting Ukraine to the Internet, and use electronic warfare capabilities to jam airwaves in places, affecting cell phones and other radio-based communications.

Satellite phones are not available for purchase in Ukraine since the beginning of the year. And in the event of a bloody war, an internet outage would be especially beneficial for the Kremlin.

Ukraine is not easy fishing

Most cyber security experts find it difficult to achieve a complete disconnection in communications. They believe that disrupting broadband communications requires a risky physical process inside Ukraine.

The structure of the country's mobile phone network, with its intertwined poles, also makes it able to withstand nationwide disruptions.

“We have everything in place to protect the core network,” says Dmytro Shemkev, a former government official who is now head of the supervisory board of Kyivstar, Ukraine's largest mobile phone network. .

It could be easier to disrupt important parts of the energy and logistics infrastructure. In 2015 and 2016, Russia attacked the national grid, causing blackouts in 3 regions, and the following year, Ukrainian air traffic control was disrupted.

Andrew Grotto, who was the head of digital security for the US National Security Council at the time, says the attacks were a watershed moment: “We always assumed Russia had the capability, but to see it used against a live target. It was a big deal."

America has sent digital security teams to Kiev to learn as much as possible about emerging capabilities.

In this case, Ukraine was able to restore order by switching to manual air traffic control and power plants, which would be very difficult in America.

Ukraine's relative technological backwardness turned out to be a trump card, and this advantage is likely to continue to serve Ukraine in its current crisis.

"What the Ukrainians are seeking is to reduce the number of master switches that control electronic state systems," Grotto says. "The Russians can achieve some success, but it will not be easy.