Ukraine awoke today to another assassination in the middle of the capital. A car bomb shredded a black Mercedes being driven by Col. Maksim Shapoval, chief of the Ukrainian military special-ops forces intelligence. The intelligence officer was killed immediately and the Ukrainian interior ministry denounced the bombing in downtown Kiev as an act of terrorism. Indeed, the car-bombing technique has become grimly familiar to Ukrainians and close observers of Ukrainian politics.
Yet, as it turned out, the brazen killing of a senior Ukrainian intelligence official in the middle of the country’s capital was merely the prelude to the main event: a massive, well-disciplined cyber-assault like something from a science-fiction movie that aimed to bring the Ukrainian state and society to a halt. A wide range of institutions including vast swaths of the private sector were targeted by cyber hacks, ransomware, and malware. Over the previous years, Ukraine has grown accustomed to localized hybrid warfare against infrastructure, including attacks that had knocked out electricity for long periods of time for many people, but it had yet to experience anything like the scale of today’s attacks.
What began with the cabinet of ministers in Kiev in the morning spread through multiple banks, electrical grids, and communications networks. The systematic attacks unspooled throughout the day as institution after institution came under concerted assault. “OschadBank,” a Ukrainian government bank, the PUMB, Bank Credit Agricole Ukraine, and the KyivEnergo power company all reported breaches and infections. The regional electrical power grids of the Zaporizhzhya and Dnipro regions came under cyber-attack, and three of the largest Ukrainian telecom companies saw massive infection of their computers. The presidential administration of Ukraine made it known that it was having its personal IT team fan out across the various affected government ministries.
The pension fund was hit. Soon, it became impossible to fill up one’s car with gas at two of the larger franchises of gas service stations.
The private post office service NovaPochta was put out of commission by lunch. The women working the counter at the branch across the street from my office spent half the day smoking in the middle of the street. Lines formed in front of shuttered bank branches and sparsely operating ATMs all across Ukraine’s large cities. Kiev’s main Boryspil airport reported issues and possible delays after its own computer was hacked. Social-network sites filled up with pictures of checkout counters at supermarkets stalled with cashiers staring at malware code flashing over their machines. By the evening the AP had reported that the Chernobyl’s radiation monitoring system had been affected according to a government spokeswoman. In a final—and perhaps terminally humiliating coup de grace—my wife could not get her mother an appointment with their hairdresser when the appointment system went down because of a worm.
By the end of the day, the cyber-attacks and unleashed viruses had spread to targets in Western Europe. Also affected was the Russian national oil company Rosneft, a crown jewel of Russian prestige and geopolitical power. The inclusion of Rosneft gave pause to various cyber security experts and created vibrant discussions of parallel interference or “false-flag” operations.
What these experts perhaps missed was that Putin had sold 19.5 percent of Rosneft in January to an unidentified buyer, widely rumored to be the sovereign wealth fund of Qatar—meaning that the Russian state no longer held the majority of shares in Rosneft. The targeting of Qatar’s latest mega-investment might, therefore, be interpreted as a message to the Qataris not to give in too fast to recent American and Saudi pressure—or else they could pay a substantial price to an adversary that was willing and able to apply its own kind of pressure. The timing and coordination of the physical and cyber-attacks might also be plausibly read as a message to the Americans who had already embarrassed Russia once in Syria and announced the previous day that Syria was preparing a second chemical-weapons attack, which the Americans were preparing to disrupt.
Using attacks in Ukraine to send messages to America and the Middle East is not as far-fetched as it might seem. In the years following Russia’s invasion of Ukraine and annexation of Ukrainian territory, Ukraine has served as an advanced staging arena for the testing and perfecting of a wide range of hybrid war techniques by Russia. The phenomenon of Russian-backed interference had long been known to Ukraine/Russia hands, analysts, and security experts, and has become more widely known with the publication of Andy Greenberg’s excellent article on the topic as Wired magazine’s July cover story.
The massive, systematic, and crippling assaults on Ukrainian government, military and civilian infrastructure came in the wake of renewed debates in the American media and foreign-policy circles over the extent to which the Russian government should be, or should have been punished for its systematic interference in the 2016 U.S. presidential elections, which in truth was only the visible tip of the iceberg of Russia’s massive cyber campaign targeting American institutions, which dates back at least to 2014 and which proceeded without much visible public notice—let alone punishment—from the Obama White House. Large-scale cyber-warfare has the capacity to spread and transmogrify into more-traditional forms of armed conflict. Representatives of the NATO alliance have long stipulated that government-backed cyber-attacks could act as a catalyst to trigger the Article 5 Mutual Defense Pact. Yet having wrongly established that cyber-attacks don’t merit any significant diplomatic or military state-level response, the West is now stuck between letting the increasingly devastating attacks continue, or changing the rules of a game that has clearly tilted to Russia’s advantage.
Like this article? Sign up for our Daily Digest to get Tablet Magazine’s new content in your inbox each morning.