A war in the digital age drastically changes the way malicious attacks are conducted, moving warfare from the battlefield to the cyberspace.
Defense requires everything from protecting the computer systems that power critical infrastructure to proactively eliminating potential threat vectors.
Such is the case in the ongoing conflict in Eastern Europe, as U.S.-based Internet provider Cogent announced it was cutting off its high-capacity network in Russia due to the invasion in Ukraine. The company said it was making the move primarily to guard against the country trying to use its network for the purpose of cyber attacks or spreading disinformation.
Cogent offers high-speed networks between cities on all six habitable continents with more than 100,000 miles of fiber optic lines.
What is the Splinternet?
While Cogent’s service cutoff to Russia doesn’t eliminate the country’s network access completely, it does spur a larger question: What does this mean for the rest of the world?
With Internet providers pulling back service, and Russia also announcing censorship of various websites and social media tools, a “splintering” of the global Internet has created concern that a difference in national rules — as well as growing sanctions due to escalating conflicts — will create a disconnected patchwork of one of man’s greatest inventions.
The means of communication between civilians, businesses, and government entities could be hampered or eliminated altogether if the “splinternet” continues fracturing.
For Internet Service Providers (ISPs), among other businesses with an online presence in Russia who’ve decided to pull back or disconnect from the country in recent weeks, the decision is one that creates a necessary defense mechanism for itself first.
As Cogent explained, its decision is to ensure its services wouldn’t be used to escalate cyber attacks or the spread of mis- and disinformation. The waterfall effect from that decision is broader, of course.
Read our recent blog to learn more about the impact of cyberwarfare during times of political unrest.
From a risk perspective, any company making this type of decision is attempting to eliminate themselves as a potential threat vector – and even a conduit – from state-sponsored cyber attacks. Ethically, companies are publicly stating they don’t want to take part or be associated with a country acting as a wartime aggressor.
However, as splintering of the World Wide Web broadens, the potential impact on a country’s innocent civilians becomes clear: they are now shielded from information and resources that could be of value, specifically during a geopolitical conflict that impacts their family, friends, and nation as a whole.
Growing Cyber Mistrust
While companies with an online presence continue to shut down or suspend operations inside Russia on a daily basis, other countries are beginning to push back on Russian-related software that has a global presence.
On Tuesday, March 15, German federal cybersecurity agency BSI released a statement warning its citizens — but also consumers at large — against the use of Russian-based Kaspersky Lab antivirus software.
From the BSI:
“The actions of military and/or intelligence forces in Russia and the threats made by Russia against the EU, NATO and the Federal Republic of Germany in the course of the current military conflict are associated with a considerable risk of a successful IT attack. A Russian IT manufacturer can carry out offensive operations itself, be forced to attack target systems against its will, or be spied on without its knowledge as a victim of cyber operation, or be misused as a tool for attacks against its own customers.”
BSI didn’t say specifically Kaspersky Lab was caught in any kind of nefarious activity, rather as a proactive approach, any Russian-based software should likely not be trusted. Nearly 60% of Kaspersky users are in Europe or the United States.
The United States banned Kaspersky’s antivirus tools from use for its federal civilian and government entities in 2017 after the software company was accused of working with Russian intelligence agencies. The ban includes a massive third-party network of U.S.-government contractors and subcontractors that have any kind of tie to federal work.
The U.S. government recently passed the ‘Strengthening American Cybersecurity Act’ to address a needed security posture for government infrastructure.
Read our blog to learn more about recently released cybersecurity best practices from agencies around the globe.