How Russia’s cyber arsenal was frustrated in Ukraine
A quiet partnership of the world’s biggest technology companies, U.S. and NATO intelligence agencies, and Ukraine’s own nimble army of hackers has pulled off one of the surprises of the war with Russia, largely foiling the Kremlin’s brazen internet hacking operations.
Russia’s cyber-reversals haven’t resulted from lack of trying. Microsoft counts nearly 40 Russian destructive attacks between Feb. 23 and April 8, and Rob Joyce, the National Security Agency’s cybersecurity director, said the Russians had attempted an “enormous” cyber offensive. The Russians sabotaged a satellite communications network called Viasat in the opening days of the war, for example, with the damage spilling over into other European countries.
But Ukraine, working with private tech companies, Western intelligence and its own expert software engineers, has quickly fixed most of the damage. “The Ukrainians have gotten really good at repairing networks,” says Dmitri Alperovitch, a Russian-born cybersecurity expert who co-founded CrowdStrike. “When a network gets wiped, they rebuild it in several hours.”
The close partnerships that have emerged between
U.S. technology companies and Western cybersecurity agencies is one of the unheralded stories of the war. The public-private rift in the tech world that followed Edward Snowden’s revelations in 2013 appears largely to be over — because of the backlash against Russia’s attacks on the 2016 and 2020 U.S. presidential elections and, now, its unprovoked invasion of Ukraine.
The tech world’s sympathies lie with the underdog, Ukraine. That applies to giant firms such as Microsoft and Google. It even extends to a Ukrainian hacker insider the Russian ransomware gang known as “Conti,” who leaked a “massive” amount of source code and other malware information, according to the White House official.
Ukraine’s cybersecurity defense benefited from an early start. U.S. Cyber Command experts went to Ukraine months before the war started, according to its commander, Gen. Paul Nakasone. Microsoft and Google became involved even earlier.
Microsoft began monitoring Russian phishing attacks against Ukrainian military networks in early 2021, and through the rest of last year observed increasingly aggressive hacks by six attackers linked to Russia’s three intelligence services, the GRU, SVR and FSB, according to a Microsoft report released in April. Microsoft has spent a total of $239 million on financial and technical assistance to Ukraine, a company official said.
Google, a part of Alphabet,
has also helped
Ukraine fend off threats. Back in 2014, prompted by Russia’s use of DDOS (“distributed denial-of-service”) malware in its seizure of Crimea and eastern Ukraine, Google began what it called “Project Shield.” Software protected news sites, human rights groups and election sites against crippling DDOS floods of junk internet messages. Today, Project Shield is used by 200 sites in Ukraine and 2,300 others in 140 countries around the world, according to Jared Cohen, the chief executive of Google’s Jigsaw unit.
Open communications channels are one of the most effective weapons against closed societies such as Russia, and here, again, private companies are playing a key role. Google is sharing software known as “Outline,” which allows Russians and others to create private cloud servers that provide the equivalent of virtual private networks. Elon Musk’s SpaceX has provided satellite internet connections to Ukraine via its “Starlink” network.