Anatomy of multi-pronged hybrid war: case of Ukraine

West fears global financial network may crash if Swift system comes under cyber-attack


Faran Mahmood March 21, 2022
A Reuters file image

print-news
ISLAMABAD:

When we think of hybrid warfare, our mind often wanders into imagining advanced surveillance technologies from TV series such as ‘Mission Impossible’ or ‘Spycraft’ – depicting intriguing instances of espionage and reconnaissance. So, the current debate on hybrid warfare is also somewhat contained by this tendency of Hollywood to portray it as the use of cutting-edge technologies by Kremlin agents or CIA spies.

The truth, however, is that the lines of modern-day hybrid warfare are very much blurred and nuanced. Hybrid warfare now deploys the “full spectrum” of modern warfare to achieve social, political, geostrategic and economic goals by the governments, non-state actors and even large private corporations. Besides electronic surveillance, cyber-attacks, and ransomware, it also involves subjecting the masses to a seamless theatre of disinformation even in the period of low-intensity conflicts.

For example, Russia is known to break into the computers of Germany’s lower parliament in 2015 while Russian cyber professionals attacked email servers of the Democratic Congressional Campaign Committee and the Democratic National Committee during the 2016 elections in the United States. Besides cyber-attacks, Russian Internet Research Agency created fake social media pages to spread false stories about the Democrat nominee Hilary Clinton.

The Russian propaganda machine targeted Trump’s supporters with anti-immigration messages and black voters with such messages to discourage them from voting at all. This multi-pronged approach to hybrid warfare makes it a geostrategic weapon of choice for influencing democracies in favour of a pro-Moscow regime. Similarly, before Moscow declared war on Ukraine, it had been engaged in a “disinformation” campaign for decades – not to mention the use of cyber-attacks on state infrastructure every now and then.

However, if we compare the 2014 Russian annexation of Crimea with the current situation in Ukraine, we can say that Russia played its hybrid warfare cards perfectly back then but now its actions are not that effective anymore. In 2014, Russia fuelled the Euromaidan crisis to overthrow President Victor Yanukovych’s government and the incoming pro-Russian politician conducted a referendum on whether Crimea should be part of Russia.

At the same time, a series of cyber-attacks kept the Ukrainian security establishment preoccupied and in 2015 a major cyber-attack took out Ukraine’s electricity grid, leading to widespread outages. Using the referendum as a pretext, the annexation of Crimea was one of the smoothest invasions in modern times – thanks to the hybrid tactics. In 2017 again, Russia deployed the NotPetya malware into the Ukrainian accounting software, which spread worldwide, causing damages of billions of dollars. FBI also believes that a Russian espionage operation is behind the SolarWinds attack in 2020, which granted Russia access to more than 30,000 public and private organisations running the Orion software.

Now in January 2022, before igniting the conflict with Ukraine, Russia used wiper malware to delete the data stored in the Ukrainian government computers, but Microsoft took no time to identify the newly engineered malware and shared the information with the US government. Moreover, it seems that, this time around, Ukraine and its allies are very much aware of such hybrid tactics, and Russia could not clinch a smooth victory like it did in 2015.

But what the West fears is an organised cyber-attack on the Swift system, which enables the transfer of payments across borders, and if that happens, the entire global financial system could crash. Such attacks on Swift are not hypothetical and as recently as in 2016, the hackers robbed the Bangladesh central bank of more than $80 million by exploiting vulnerabilities in the Swift system. Amid fears of such an attack, many Russian banks are being taken off the Swift. VTB and Promsvyazbank have been removed from the Swift system but Sberbank, Russia’s largest bank, is still on it for the sake of making oil and gas payments to Russia.

This shows that despite the launch of a full-scale invasion and amid fears of cyberattacks on the global financial system, the West is still reluctant to respond – which is still a win for the hybrid strategists. However, the golden era for the disinformation machine is over. Most people in western countries are now suspicious of the seemingly fake content and less vulnerable to the hybrid warfare. The other tools in the hybrid arsenal are, however, as effective as ever and the hybrid threat remains as real as it gets.

THE WRITER IS A CAMBRIDGE GRADUATE AND IS WORKING AS A STRATEGY CONSULTANT

COMMENTS

Replying to X

Comments are moderated and generally will be posted if they are on-topic and not abusive.

For more information, please see our Comments FAQ