If you’re wondering what security challenges will look like in the near future study Ukraine, Russia’s testing ground for cyber war. Last week at Future In Review we heard a series of chilling predictions from one of Ukraine’s top cyber security officials, Dmytro Shymkiv, supplemented with insight from global infowar experts Bob Flores (former CTO of the CIA) and Phillip Lohaus (American Enterprise Institute). The panel has since been covered in Newsweek, The Daily Caller and Smartup.
Trust is Under Attack
Even as a child growing up in the cold war culture of movies, books and later as a teenager getting kicked out of a bar in Iron Curtain Budapest, I was shocked to hear of what lengths the Russians were going to undermine trust in Ukraine and how easily these programs could be deployed in any digital democracy.
Certainly we’ve seen a hint of things to come already in the US, France and West Germany. Trust will be under attack for the foreseeable future. Indeed, the cyber future isn’t pretty. It is right out of Orwell’s 1984, but perhaps even more sinister, beyond what Ian Fleming could imagine.
Read Newsweek coverage of Future in Review Ukraine Cyber War Panel.
It is clear that most global security teams are not prepared for what is coming. A UK security chief recently warned that a major cyber attack is imminent. One might even say it is likely to start in Ukraine and spread through increasingly digitalized systems around the world in a matters of days.
Petya was Only a Sample
Within the first hours, the top major companies in Ukraine lost almost 90% of their infrastructure.
- Jonathan Littman and Susanna Camp, Smartup, October 16, 2017
Shymkiv warned that Russia’s cyber war machine is experimenting with tools to be used in the West for a variety of purposes. We’ve experienced a few already. The Petya predatory malware attack, which spread globally in under 3 days, has been attributed to a Russian campaign to undermine confidence in the Ukrainian government. But Petya’s ability to penetrate the security stack at many global organizations is only the tip of the iceberg. We’ve also seen attacks manifest in targeted social media campaigns and against voting machines.
“You can say we are not, that we know how to filter, but with three years of working on and facing this, anybody, including myself [Shymkiv], is vulnerable to social influence on me, on my family, on my kids, on any of your friends.”
Dmytro spends much of the first half of the session talking about the kinds of attacks launched against Ukraine, including malware, augmented DDoS and targeted fake news. Panelists Bob Flores and Philip Lohaus (American Enterprise Institute) weighed in on why the situation in Ukraine is vital to strategic Western interests, including cyber security.
Even after reading about breach after breach at once trusted firms this year alone, the panel was sobering beyond measure. It feels like we’re entering our own cyber dystopia fueled by the east vs west conflict and oligarch ambitions to re-ignite a dying past propped up by natural resources and the last remaining cold war control freaks.
Shymkiv spoke of how in the last two years, Russia has been electronically spying on a wide swath of social media users comprising roughly half Ukraine’s population in a broad-based thought control program right out of Orwell’s 1984. “People say, ‘Well, that’s a science fiction.’ It’s not.
I opened the panel talking about the hard lessons of 9/11, including discovering how events in Afghanistan could affect lives in America, and how recent malware attacks had proven this new digital age had brought us even closer together. Billions in havoc and even loss of life could be caused by malicious electrons.
During the last few minutes Dmytro shared his opinion on the effectiveness of today’s security stack against malware and other advanced attacks. It was chilling to hear him say, in effect, that traditional security isn’t enough. No one on the panel disagreed as Shymkiv described how unprepared the world is for what’s brewing in Ukraine and about to spread globally.
The panel is 30 minutes long.
The latest threats, he says, are all but undetectable by traditional computer security methods. Our minds, elections and governments are being manipulated one keystroke at a time.
Newsweek did a great job of listing out the Russian hybrid attacks.
Russia’s hybrid attacks against Ukraine have included, but are not limited to:
- Using social media to shape public opinion among an adversary’s population.
- Turning commercially available computer software into a tool for espionage and cyberwarfare.
- Exploiting smartphones to spy on and wage psychological warfare against an adversary’s military forces.
- Using cyberattacks to undermine an adversary’s electoral process.
- Using pseudo-news reports to push a propaganda line that sows division within an adversary’s national culture.
Watch the 30 Minute Panel: Ukraine: On the Front Lines of Russia’s Infowar Machine
See Vidder CTO Junaid Islam interview on The New Security Stack.
Read the entire article entitled “How Ukraine’s Cyber Chief Can Help the US Beat Russia” in Smartup.
You can also read more about how cloud and digitalization are breaking the security stack and rendering existing investments irrelevant.
Learn more about Future in Review.