Russia has tightened its physical grip on Crimea this week, though  offensive operations have largely been taking place online. Apart from the anticipated DDoS attacks, analysts from security firm BAE have disclosed the nature of an active and potent cyber espionage tool kit dubbed ‘Snake’ that has infiltrated Ukrainian government computer systems. The malware gives full remote access to compromised systems, allowing the attacker to siphon data and manipulate networks. G Data has a post exploring its technical aspects. For an analysis of Russia’s political intentions behind the cyberattacks (assuming the Russian government is the source), see these articles in the New York Times and Washington Post . Cybersecurity expert Jeffrey Carr has said that current operations may be only the tip of the iceberg, as ‘Russia has the ability to completely shut down Ukraine’s infrastructure’. If so, is the relative quiet a result of precise and sophisticated Russian cyberinstruments, or restraint in using them?

Increasingly effective cyber espionage operations like those used against Ukraine raise questions about the use of cyber capabilities during conflict. How do governments define cyber attacks and cyber war? One commentator suggests that there will be a ‘declaration of an act of cyber war before there is agreement on what it is’. Ben Schreer and Tobias Feakin  argue here on The Strategist that ‘cyber war’ should be understood in the traditional sense of what constitutes war: ‘the use or threat of the use of force to deter or compel an adversary’. And Bruce Schneier argues that any offensive computer networked operation—including espionage—is a cyber attack, and should be ‘subject to the same international law standards that govern acts of war in the offline world’. Read more