Looming risk of cyber warfare from Ukraine conflict spilling over to Asia

SINGAPORE - These drew attention to a new round of offensive and destructive cyberattacks in Ukraine,
targeting the country’s digital infrastructure.

Microsoft officials immediately notified both the Ukrainian authorities as well as US cybersecurity officials of the offensive, as well as their detection of a new malware - which was named FoxBlade - that could “wipe” data on computers in a network.

Within three hours of the discovery, Microsoft had helped to block the new threat, according to a blog by the company’s president and vice-chair Brad Smith.

But with this being the latest in a series of cyberattacks in Ukraine this year, there is mounting concern over the possibility of a spillover of the ongoing cyber warfare.

Should there be one, Asia is unlikely to be spared given inadequate investment and attention in the region on cyber defence, according to experts.

They say some governments have stepped up efforts to bolster cyber security but it would make a lot of sense for all countries to have contingency plans in place.

Dr Greg Austin, who leads the Cyber, Space and Future Conflict Programme of the International Institute for Strategic Studies (IISS), told a media briefing last month that cyberattacks thus far had been “low-level harassment-type attacks”.

“In a sense, we see that what the Russians were doing was experimental... they haven’t unleashed the full destructive potential they were planning to,” he said.

The West has assessed Russia to be its “most capable hostile adversary in cyberspace”, according to an IISS report titled Great Power Offensive Cyber Campaigns, which was shared at the briefing.

While Russia has good knowledge foundations for both cyber sabotage and cyber influence operations, it has been constrained by resource availability, the report said.

Still, Moscow has undertaken cyber campaigns with higher frequency and intensity than the US, although more as a disruptor than a destroyer, it added.

“The age of cyber warfare is just beginning,” said Professor Stuart Madnick, from the MIT Sloan School of Management, in the Harvard Business Review.

“For Russia, the war with Ukraine has been likely serving as a live testing ground for its next generation of cyberweapons.

“Countries and companies watching this latest chapter unfold should remember this: The online front of the war can - and has - jumped borders,” he added

Five years ago, Ukraine’s largest airport, national bank as well as energy authority suffered devastating cyberattacks, in what was believed to have been a campaign launched by Russia.

At the heart of the attacks was the NotPetya virus that wiped data from computers.

It was not intended to spread beyond Ukraine but it did - across the globe. Total losses worldwide were estimated to have been more than US$10 billion (S$13.7 billion).

The malware hit hospitals in the US state of Pennsylvania, a chocolate factory in the Australian state of Tasmania as well as the digital systems of a number of large global companies including shipping firm Maersk and pharmaceutical giant Merck.

India topped the list of countries hit by NotPetya in the Asia-Pacific. The country’s largest container port in Mumbai was targeted.

Singapore escaped unscathed from the virus.

Wiper malware bearing similarities to the NotPetya wiper was found on Ukrainian systems in a January attack, according to the US-based think-tank Council on Foreign Relations.

“The wiper was designed to look like ransomware and offered victims what appeared to be a way to decrypt their data for a fee, although in reality, the malware wiped the system. The wiper was found on systems throughout Ukraine, including the Foreign Ministry and networks used by the Ukrainian cabinet,” it said last Friday (March 11).

Threats to cyber security have been particularly worrying for countries that have decided to initiate sanctions against Russia for its invasion of Ukraine.

The alert has gone out in a number of countries including the US, European Union, United Kingdom and Japan.

Japan’s Economy, Trade and Industry Ministry, for instance, sent out a notice urging companies to step up vigilance against cyber-attacks, The Japan News reported on Feb 28.

Files attached to e-mails should not be opened carelessly, the notice said. Data should be backed up to avoid its loss, it added.

Experts also called on people to be careful at home as well, warning that cyber attackers can sometimes manipulate household devices with weak security and use them to transmit data.

The Singapore Computer Emergency Response Team also issued an advisory note after the Russian invasion in Ukraine urging companies to strengthen their cyber-security systems and take measures to safeguard their data against cyber attacks.

“Asia is highly vulnerable,” said Dr Austin, with many nations still investing suitably in building their capabilities and because the intensity of the threat has increased.

“Singapore may be the exception,” he told The Straits Times.

A June 2021 report by the IISS assessing the cyber power of 15 countries placed only The United States in Tier 1, given its world-leading strength in several categories including, among others, strategy and doctrine, governance, command and control and cyber security and resilience.

China was the only Asian country to figure in Tier 2, together with Australia, Canada, France, Israel, Russia and the United Kingdom.

Several Asian countries - among them India, Indonesia, Japan, Malaysia, North Korea and Vietnam figured as Tier 3 countries. These countries had potential strengths in some of the categories but significant weaknesses in others.

The report said that Indonesia, for instance, had identified high-priority assets that needed the strongest protection but basic cyber defences and incident-response capability was still not highly developed.

Malaysia, on the other hand, ranks higher on cyber security but questions remained on its ability to detect and report cyber attacks as well as the level of coordination between different cyber-security actors, it said.

Mr Jeremy Jurgens, managing director and head of the World Economic Forum’s Centre for the Fourth Industrial Revolution said it was incumbent on every organisation and institution to maintain robust cyberinfrastructure.

“This should be 24/7. Attacks can happen anytime. The first step is to make sure senior leadership is aware. Companies should have backup plans, identify points of exposure. Roles and responsibilities should be very clear,” he told Straits Times.

“It is difficult to predict how the cyber conflict will evolve. But it is important to be prepared,” he added.

Shefali Rekhi

Editor & Director, Asia News Network
& ANN editor, The Straits Times