Technical data

Reviews | Big Tech, Western Intelligence and Ukrainian Hackers Beat Russia in Cyber ​​War

Placeholder while loading article actions

A quiet partnership between the world’s biggest tech companies, US and NATO intelligence agencies and Ukraine’s own nimble hacker army pulled off one of the surprises of the war with Russia, largely foiling operations of brazen Internet hacking from the Kremlin.

Russia’s cyber reversals are not the result of a lack of testing. Microsoft counts nearly 40 destructive Russian attacks between February 23 and April 8, and Rob Joyce, director of cybersecurity for the National Security Agency, said the Russians attempted a “huge” cyber offensive. The Russians sabotaged a satellite communications network called Viasat in the early days of the war, for example, with the damage spreading to other European countries.

But Ukraine, working with private tech companies, Western intelligence services and its own expert software engineers, quickly repaired most of the damage. “The Ukrainians have become very good at fixing networks,” says Dmitri Alperovitch, a Russian-born cybersecurity expert who co-founded CrowdStrike. “When a network is erased, they rebuild it within hours.”

One of the untold stories of the war is the close partnerships that have emerged between American tech companies and Western cybersecurity agencies. The public-private divide in the tech world that followed the Edward Snowden revelations in 2013 seems largely over – due to the backlash against Russia’s attacks on the 2016 and 2020 US presidential elections and, now , of his unprovoked invasion of Ukraine.

Follow David Ignatiusthe opinions ofFollow

“Cyber ​​responses must be based on greater public and private collaboration,” argues Microsoft President Brad Smith in a new study to be released Wednesday on Microsoft’s “lessons learned” from the cyber conflict in Ukraine.

A White House cyber official explains the new cooperative approach thus: “Where companies see destructive attacks, it has led to partnerships with the intelligence community and other government agencies to see how we can better share information. information to protect infrastructure around the world”.

The tech world’s sympathies are with the underdog, Ukraine. This applies to giant companies such as Microsoft and Google. This even extends to a Ukrainian hacker within the Russian ransomware gang known as ‘Conti’, who leaked a ‘huge’ amount of source code and other malware information, the official says. of the White House.

Ukraine’s cybersecurity defense got an early start. Experts from the US Cyber ​​Command visited Ukraine months before the war started, according to its commander, General Paul Nakasone. Microsoft and Google got involved even earlier.

According to a Microsoft report released in April. Microsoft has spent a total of $239 million on financial and technical assistance to Ukraine, a company official said.

“Microsoft security teams worked closely with Ukrainian government officials … to identify and remediate threat activity against Ukrainian networks,” the April report noted, adding, “We have kept the U.S. government informed relevant information and have established communications with NATO and the EU responsible for communicating any evidence of threat actor activity spreading beyond Ukraine.

One example of this cooperation came the day before the February 24 Russian invasion, according to the White House cyber official. Microsoft has detected Russian “wiper” software designed to destroy all data on government drives. He quickly developed a fix and also notified the US government, so the threat warning could be shared as soon as possible, the official said.

Google, which is part of Alphabet, has also helped Ukraine fend off threats. In 2014, prompted by Russia’s use of DDOS (“distributed denial of service”) malware in its seizure of Crimea and eastern Ukraine, Google launched what it called ” Project Shield”. The software has protected news sites, human rights groups, and election sites from crippling DDOS floods of unwanted Internet messages. Today, Project Shield is used by 200 sites in Ukraine and another 2,300 in 140 countries around the world, according to Jared Cohen, managing director of Google’s Jigsaw unit.

Open communication channels are one of the most effective weapons against closed societies like Russia, and here again private companies play a key role. Google shares software known as “Outline,” which allows Russians and others to create private cloud servers that provide the equivalent of virtual private networks. Elon Musk’s SpaceX has provided satellite internet connections to Ukraine through its “Starlink” network.

Ukraine’s internet expertise could be the X factor. The country was a notorious center for hackers two decades ago, with some of the earliest credit card fraudsters (known as “carders”) operating there. This digital know-how has turned into a powerful element of Ukraine’s defense against Russia. Ukraine also benefits, in a perverse way, from the experience it has acquired in eight years of war against Russia and its proxies.

Here is a perverse advantage of this terrible war: given Russia’s reliance on Western technology, even for its cyberattacks, Ukraine could turn against the Kremlin in a way that will persist for years. The longer the conflict lasts, the less effective Russia’s vaunted cyber capability is likely to become.