What Crimea telecom link could mean for Russia-Ukraine cyber-conflict

Plans for a fiber-optic cable between Russia and Crimea are 'at an advanced stage,' and could change the balance of cyber-power by providing Russia with more offensive options, experts say.

A Russian flag flies on a building at the airport in the Crimean city of Simferopol, April 6, 2014. Plans to deploy a fiber-optic submarine telecom link between Russia's mainland and Crimea could change the balance of cyber-power between Russia and Ukraine.

Maxim Shemetov/Reuters

April 7, 2014

Russia’s promise to start providing Internet and telecom infrastructure to Crimea via Rostelecom, the semi-privatized state telecom of Russia, hasn’t been fulfilled – yet. But if and when such a linkup happens, the ongoing tit-for-tat cyber-conflict between Russia and Ukraine could quickly change in unpredictable ways, mostly to Russia's benefit, cyber-security experts monitoring the fluid situation say.

Plans to deploy a fiber-optic submarine telecom link between Russia’s mainland and Crimea are “at an advanced stage, and the cable could be in operation as early as this month,” TeleGeography, a telecommunications market research firm reported Friday, citing Russian news agency RIA Novosti.

That announcement closely followed Russian Prime Minister Dmitry Medvedev’s call late last month for Rostelecom to start offering telecom and Internet services in the newly annexed Crimean Peninsula as a way of safeguarding communications channels.

Tracing fentanyl’s path into the US starts at this port. It doesn’t end there.

“We must have Rostelecom and its subsidiaries come to Crimea as soon as possible,” Mr. Medvedev said at a Moscow meeting on Crimea’s future, according to a March 25 government news release. “We cannot tolerate a situation in which sensitive information and documents related to the administration of the two constituent entities of the Russian Federation are relayed by foreign telecommunications companies. This must be terminated.”

A submarine telecom cable could fit in sync with Russian efforts to link Crimea into its energy network as well. Russia is developing plans to build an undersea gas pipeline to Crimea and could build three power stations on the Black Sea peninsula following annexation from Ukraine, Reuters reported April 1.

Russia’s military forces are still reported to be conducting exercises along its long border with Ukraine, adding to diplomatic and regional tensions. But up to this point, little has changed in the cyber-connection realm between Ukraine and Crimea.

Crimea’s Internet providers are still getting their outside Internet services supplied via providers in mainland Ukraine, which in turn gets most of their bandwidth from fiber optic lines running to Western countries, reports Renesys, a cyber-security firm in Manchester, N.H., that monitors Internet pathways.

Russian Internet service providers (ISPs), by contrast, have so far played a very minor role in providing outside access for ISPs in Ukraine (or Crimea for that matter), the company says. But that could all change in a flash.

Why Florida and almost half of US states are enshrining a right to hunt and fish

An undersea link would allow the Russians to provide Internet directly to Crimea without traversing mainland Ukraine. While laying a new submarine cable is typically a long process, Russian ISPs could in the meantime provide bandwidth temporarily through existing landlines to Crimea – and that could happen fast, according to a Renesys analysis.

Whatever link is established could change the balance of cyber-power, which so far has seemed to be a stalemate, some experts say. If Crimean Internet service providers then switch over to Russian providers, it would give Russia added security for its communications with Crimea and additional offensive cyber-options, according to Doug Madory, a senior analyst with Renesys.

“Lets say Russia brings Crimea into their fold, into their network, well they wouldn’t be nearly as worried about collateral damage to Crimea if they wanted to conduct a cyber or other attack on Ukraine’s Internet infrastructure,” Mr. Madory says. “Conversely, if Crimea was the target of DDoS attacks from Ukraine, if that Internet traffic had to go through Russia to get to Crimea, the Russian provider could take it upon itself to protect Crimea.”

So far, the Russia-Ukraine cyber-conflict over Crimea has seen each nation’s powerful criminal hacker communities apparently parrying and thrusting at each other with distributed denial of service (DDoS) and other types of attacks, although other entities, including hacktivists, are also reported to be active.

Prior to the Russian-Ukrainian confrontation that emerged late last year, criminal hacker communities in the two countries were often in collaboration with each other via organized cyber-gangs. Up to that point, they had appeared to refrain from attacking each other’s countries, according to Jason Healey, director of the Cyber Statecraft Initiative at the Atlantic Council, a national security think tank.

The Ukraine cyber fight has been different than Russia's past cyber conflicts. Kremlin in 2007 sparked a weeks-long cyber-assault on Estonia by “ignoring or encouraging” attacks by nationalist groups, Mr. Healey notes. A year later, in attacks on Georgia, Putin allowed his security services to coordinate and possibly even direct attacks on Georgian government and banking websites.

“In Ukraine, the Russians have used a more traditional path of propaganda, misinformation, physical destruction, and modification of telecommunications equipment, and cyber-attacks, all integrated into a single campaign,” Mr. Healey wrote in a recent online analysis.

Results so far in the Russia-Ukraine conflict have seen hundreds of DDoS attacks and presumably included clandestine cyber-attacks that disrupted e-mail systems and websites at Russia’s central bank and foreign ministry, Ukraine’s Parliament, and other government sites on both sides.

On the day of the disputed vote over Crimean secession, Ukranian government websites were hit by a wave of 42 cyberattacks during Crimea’s vote to secede from Ukraine and join Russia. All of those were DDoS attacks, which clog websites with bogus data, echoing DDoS attacks by Russia when it invaded the former Soviet state of Georgia in 2008.

The day after the Crimean vote, however, saw a huge, apparently retaliatory, counter wave of attacks against Russia, including 132 separate DDoS blasts slamming Russian websites. One 18-minute DDoS attack that hit Russia March 17 was 148 times more powerful than anything Russia did in Georgia in 2008, and four times larger than a large attack emanating from Russia just days earlier, according to Arbor Networks of Burlington, Mass., which tracks such attacks.

“Of course a submarine Internet link would help the Russians more firmly monitor and secure communications in an out of Crimea – and it means the Crimeans will be less dependent upon old Ukrainian infrastructure,” Healey says in an interview. “When the Russian pathways come in, I wouldn’t be surprised to see the links with Ukraine cut or rarely used. Crimea would then be dependent solely on Moscow’s whims.”