Days before Russia’s invasion, Australia joined the UK and US in publicly attributing a distributed denial-of-service attack on Ukraine’s banking sector to a Russian-linked group. (DDOS attacks involve shutting down a network with a flood of information.) Foreign Minister Marise Mayne has said Australia is providing cyber security assistance to Ukraine’s war effort, which Australia’s Cyber Security Centre includes training for Ukrainian officials. Online security experts from the US, UK and the EU have been assigned jobs maintaining the firewall barricades against Russian online attacks.

3. Russia may not want to destroy services it plans to exploit

Russia may not want to do further damage to Ukraine’s digital infrastructure if they can one day use it themselves.

If Russia hopes to fully exploit assets such as the Azovstal steel plant in Mariupol, it will want to make sure “the infrastructure is up [and running] so it can be used when they take over,” says Painter.

4. Russia may be holding back

Maybe Russia is holding its biggest weapons in reserve, waiting for an escalation to use them, Painter said. In March, US President Biden warned of the “potential that Russia could conduct malicious cyber activity against the United States” as a response to “the unprecedented economic costs” imposed by democracies on Russia. The trigger point could still come.

5. In a brutal war, cyber may not be needed

Russia’s cyber expertise gave it a tremendous advantage when it hacked rival nations in peacetime. In wartime, with actual violence on the ground in Ukraine, cyberattacks are perhaps redundant. Russia’s current strategy of reducing Ukrainian cities to rubble doesn’t really require an online component.

6. Russians cyber troops may be overrated

The reason for the lack of a bigger Russia-driven cyber aggression may be in plain sight: “Maybe the Russian planning at the cyber level was not as good as expected,” said Painter. The same way Russia’s military stunned the world by bungling the invasion strategy, perhaps Putin’s cyber troops don’t live up to their reputation.

Highlighting any supposed Russian weakness in the cyber realm could be risky.

What we know is happening in cyberspace speaks volumes about the struggle for power between the democracies and Russia. There has been a shift in the way democracies contend with cyber threats. Only a few years ago, democracies shied away from blaming nations for cyberattacks for fear of inviting unwanted diplomatic repercussions. That’s changed.

For example, for years experts warned of the need for companies and governments to act collaboratively against cyber aggressors. Now, they finally are - and not just because of Ukraine.

Loading

“What’s extraordinary is in the last few weeks is the kind of unanimity that the West has had to come together against Russia,” said Painter. “It bodes well in the cyber realm too.”

7: The ransomware epidemic alerted the world

Ironically, what pushed the change was not the threat of war in Ukraine but the epidemic of ransomware attacks, Painter said.

Ransomware gangs trick an organisation into downloading software that locks up the sensitive data of the victim organisation. It is unlocked only if a ransom is paid. These cyber criminals, many linked to rogue nations, have grown increasingly sophisticated in recent years.

“When Russia or China is spying or stealing secrets, ordinary people don’t care, but when people are standing in line for gas because of cyber disruptions [in the form of ransomware], or because they can’t get a hamburger because meat couldn’t be delivered, that makes it a different priority.”

The epidemic of ransomware worsened in the year leading up to Russia’s invasion of Ukraine.

The operations of JBS, the world’s biggest meat processor in Brazil, the US and Australia were hit by the ransomware in May 2021, forcing the company to pay out $14.2 million. It was later attributed to REvil (short for ransomware evil), a Russian-speaking ransomware gang.

Canberra has now made it mandatory for companies hit with a ransomware attack to divulge the information to the government, allowing for better coordination.

Once Biden took office in 2021, he elevated ransomware to the top of the G7 agenda as well as in his summit with Russian President Vladimir Putin.

At that meeting, Biden warned Putin about cyberattacks and reminded him of the US’s significant capabilities. With democracies’ shields already raised against the scourge of ransomware, when Russia invaded Ukraine, governments and businesses were coordinating closely on cyber matters.

Loading

Ransomware has made cybersecurity more of a political priority, said Painter, who has worked in the space in government and industry for 30 years. “This conflict has made it even more of a real national priority.”

“It’s making sure that we’re protected and acting together to dissuade further aggression.”

Get a note directly from our foreign correspondents on what’s making headlines around the world. Sign up for the weekly What in the World newsletter here.