Russia is reportedly ramping up its virtual war against Ukraine, even as some of its real-world efforts to capture key territory have begun to wane.
The acting deputy head of the Security Service of Ukraine’s (SSU) Cybersecurity Department said Wednesday that Moscow was responsible for almost 1,200 cyberattacks and other critical cyber incidents through the first three months of 2023.
At that pace, Russia is set to launch 4,800 attacks for the year, about 300 more than those that Ukraine attributed to Russian cyber actors for 2022.
"We are facing every day a great number of cyberattacks or critical cybersecurity incidents,” the SSU’s Ivan Kalabashkin told a webinar hosted by The Cipher Brief’s Cyber Initiatives Group, cautioning the cyberattacks were just part of Russia’s online assault.
“We are also dealing with the Russian special psychological operations,” he said. “One thousand per month.”
Kalabashkin’s comments came as Western officials reported that Russia’s military efforts have stalled.
Britain’s Defense Ministry on Wednesday said Russian assaults on Bakhmut, the scene of intense fighting, were “at a reduced level compared to recent weeks.”
And during testimony in Washington, U.S. General Mark Milley, chairman of the Joint Chiefs of Staff, described Bakhmut as a “slaughterfest” for Russian troops.
"For about the last 20, 21 days, the Russians have not made any progress whatsoever in and around Bakhmut,” he said.
Still, few U.S. or Western officials are predicting Russia’s leadership is ready to concede defeat, warning instead that President Vladimir Putin will likely aim to prolong the war with Ukraine, calculating that support for Ukraine will eventually waver.
U.S. cyber and intelligence agencies have likewise warned that Ukraine’s success in fending off or mitigating many of Russia’s cyberattacks is unlikely to dampen the Kremlin’s enthusiasm for cyberwarfare.
“The weight of this conflict remains significant,” a spokesperson for U.S. Cyber Command told VOA this month, sharing information on the condition of anonymity because of the nature of the fight. “We anticipate their cyber activities may become bolder and look at broader targets.”
Kalabashkin on Wednesday said there were signs that Russia’s cyber tactics had begun to evolve.
“It all started as mostly opportunistic attacks … trying to destroy as many of our critical infrastructure as possible,” he said. “Now we do understand that they have moved a little bit to another approach. It is an intelligence-based, intelligence target approach.”
“They are trying to collect intelligence about our political leadership … how decisions are made and suchlike things,” Kalabashkin said, adding that Russia was also “trying to get the information about … international cooperation and assistance.”
Other, older tactics have also intensified, he said, noting Russia’s use of cyberattacks in combination with missile strikes.
Kalabashkin said that in one incident near Kyiv this month, Russia launched a cyberattack against a power plant and followed up with a missile strike shortly after the Ukrainian cyber response team arrived.
The debris fell “just 300 feet [from] that power plant, so you can understand how difficult it is,” he said.
Yet there may be some indications that Russia’s abilities in cyberspace, like its capabilities on the ground, are hurting as its effort to capture more territory drags on.
“They still have their proxy actors that are out there. But like anything, right, if a proxy actor is being called to the front line, they're not in front of the keyboard,” Colonel Candice Frost, commander of U.S. Cyber Command’s Joint Intelligence Operations Center, told the Cyber Initiatives Group.
“But at the end of the day, never discount Russia,” Frost cautioned. “History has absolutely taught us: When you think that this country has reached its limits, it absolutely hasn't.”