Limits of cyber warfare noted |

Limits of cyber warfare noted

Future wars might be waged online, but evidence from recent fighting between Russia and Ukraine suggests it won’t be that simple.

Russian-backed troops had the greatest capability for shutting down Ukraine’s electronic systems, but neither side has done much cyber fighting, according to a report compiled by NATO researchers in Estonia and obtained by the Tribune-Review.

Calculations about military strategy come down to costs and rewards, said Martin Libicki, a cyber security expert at Rand Corp. in Arlington, Va. He is a chapter contributor to the report, “Cyber War in Perspective: Russian Aggression Against Ukraine.”

“Maybe this [cyber] stuff isn’t all it’s cracked up to be,” Libicki told the Trib. “It might be that it’s more difficult and that there’s less reward from carrying out a cyber attack than we ever assumed.”

Many reasons exist for the lack of online conflict between Russia and Ukraine, experts said, and the incident provides some direction for American military leaders. The United States still must prepare for a complete wartime shutdown of systems for energy, communications, utilities and more — but it also should plan for more nuanced incidents.

“Modern war is a messy affair, not a clean and glittery Hollywood movie,” Sven Sakkov, director of the NATO Cooperative Cyber Defense Center of Excellence, wrote in the report’s introduction. “The emergence of cyber as a separate domain of war-fighting does not necessarily offer magic solutions and miraculous short-cuts to achieve strategic goals.”

Cyber presents some unique advantages, but it’s just one weapon in a military’s arsenal, said Jim Lewis, director of the Strategic Technologies Program at the Center for Strategic & International Studies, a Washington think tank.

“People sit back and calculate, ‘What’s the benefit to me of doing this?’ ” said Lewis, who contributed a chapter. “[The Russians] also didn’t do aerial bombardment or shoot cruise missiles. [Cyber] is another weapon, and they chose not to use it.”

NATO created a cyber defense center of excellence in Estonia after 2007 cyber attacks that overwhelmed banking and communications systems there. The attacks — which some have attributed to Russian hackers — caused widespread panic but no real damage.

The fallout drove Estonia closer to NATO and provided little military advantage, Libicki said. It’s possible that Russia learned from that experience and did not want to repeat it in Ukraine, he said.

It’s also possible that Russia feared crossing some undefined line that would have provoked the United States to retaliate, he said — or Russia did not want to appear to be more involved in the conflict than it was.

In addition, Russia had much to gain from leaving the systems intact, the NATO report says. Russia likely uses the networks for spreading propaganda and collecting espionage.

TribLIVE commenting policy

You are solely responsible for your comments and by using you agree to our Terms of Service.

We moderate comments. Our goal is to provide substantive commentary for a general readership. By screening submissions, we provide a space where readers can share intelligent and informed commentary that enhances the quality of our news and information.

While most comments will be posted if they are on-topic and not abusive, moderating decisions are subjective. We will make them as carefully and consistently as we can. Because of the volume of reader comments, we cannot review individual moderation decisions with readers.

We value thoughtful comments representing a range of views that make their point quickly and politely. We make an effort to protect discussions from repeated comments either by the same reader or different readers

We follow the same standards for taste as the daily newspaper. A few things we won't tolerate: personal attacks, obscenity, vulgarity, profanity (including expletives and letters followed by dashes), commercial promotion, impersonations, incoherence, proselytizing and SHOUTING. Don't include URLs to Web sites.

We do not edit comments. They are either approved or deleted. We reserve the right to edit a comment that is quoted or excerpted in an article. In this case, we may fix spelling and punctuation.

We welcome strong opinions and criticism of our work, but we don't want comments to become bogged down with discussions of our policies and we will moderate accordingly.

We appreciate it when readers and people quoted in articles or blog posts point out errors of fact or emphasis and will investigate all assertions. But these suggestions should be sent via e-mail. To avoid distracting other readers, we won't publish comments that suggest a correction. Instead, corrections will be made in a blog post or in an article.