Skip to main content

Russia's cyber capabilities, explained

EVANSTON, Ill. — V.S. Subrahmanian, a Northwestern Buffett Faculty Fellow and a global cybersecurity expert, said that Ukraine may already be vulnerable to a cyber first strike from Russia, and that it will likely be combined with a coordinated misinformation campaign.

The New York Times reported earlier today that the U.S. is aware of a Russian plan to produce a fake video alleging an attack by the Ukrainian military on Russian territory or against Russian-speaking people in eastern Ukraine. 

Professor Subrahmanian is available to explain Russia’s cyber capabilities to media. He can be reached by contacting Mohamed Abdelfattah at

What do we know about Russia’s cyber capability, especially versus Ukraine?
Said Subrahmanian: “For years, Russia’s military and intelligence establishment has been honing their skills in cyber warfare. They have carried out numerous quasi-military cyber operations against a number of states (Ukraine, George, Estonia and the U.S.). At the same time, they seem to enjoy a symbiotic relationship with deniable proxy groups such as CozyBear and FancyBear. These and other groups carry out cyberattacks without significant consequences from the Russian state but are strongly believed to act for the Russian government when told to do so.

This array of Russian hackers who work directly for the state and/or under the implicit protection of the state have likely embedded malware and backdoors in numerous Ukrainian energy, communications and weapons systems, making Ukraine vulnerable to a cyber first strike. Such a cyberstrike will likely be accompanied by a coordinated social influence campaign that spreads disinformation and misinformation to sow further confusion amongst the Ukrainian military and population. Without NATO assistance, the combination of Russian military might, cyber assets and social media influence campaigns will likely lead to quick wins for Russia, should a kinetic conflict with Ukraine erupt in coming weeks.”

What can the West do to keep those capabilities in check?
Said Subrahmanian: “The Russian cyber genie is out of the bottle. The main defense for us is through deterrence. Specifically, the U.S. and its NATO allies could assist Ukraine’s cyber warriors in: Installing backdoors and malware on Russia’s military and political command, control and intelligence units which can be activated in the event of Russian strike; and compromise and install covert bots within Russia-specific social platforms such as VKontakte so that the Russian government is aware that tit-for-tat retaliatory social influence campaigns are possible. In addition, governments and corporations in the U.S. and Western democracies need to up their game, providing highly proactive alerts and threat intelligence and encouraging corporations to quickly fix all known vulnerabilities for which patches are available and simultaneously encourage companies with vulnerable software to build patches as fast as possible.”