Dhe Russian invasion of Ukraine began on February 24 not with tanks rolling across the border, but with a sophisticated cyber attack. Russian computers attacked the KA-SAT satellite network operated by the American telecommunications company Viacom is operated. Around 30,000 users were suddenly offline, including a number of command posts, energy companies and authorities in Ukraine, but also wind farms in EU countries. They in turn later blamed Russia for this “irresponsible cyber attack”. “As the invasion began, Russian cyber units were successfully deploying more destructive software than any other cyber power typically deploys in a year,” wrote David Cattler, NATO’s intelligence officer in charge of intelligence analysis, in a Foreign Affairs essay. .
In the new strategy of EU Commission for defense in cyberspace, the Russian attack on the satellite network is prominently mentioned. “Armed forces depend to a large extent on critical civilian infrastructure, be it for their mobility, communications or energy supply,” it says, referring to KA-SAT. In the cyber world, this attack was about as significant as the explosions on three strands of the Nord Stream pipeline in the Baltic Sea. She made the European Union aware of their vulnerability – and Russia’s offensive capabilities in the digital world. The strategy, which is to be decided by the EU Commission this Wednesday and is available to the FAZ in draft form, provides an answer to this. And she has the talent.
In the 20-page paper, the Commission not only warns the member states to work more closely together to analyze and mitigate cyber attacks. She also urges them to engage in digital counterattacks. “Member States must commit, as a matter of urgency and priority, to investing in the full range of cyber defense capabilities,” the text reads, “including active defense capabilities.” EU must defend itself “with all available means” against cyber attacks. This includes so-called “hackbacks”, in which the attacked party paralyzes the attacker’s servers or attacks other parts of their critical infrastructure.
Berlin worried about the risk of escalation in “hackbacks”
The term itself is not mentioned in the strategy, probably mainly with regard to Germany. Because “hackbacks” have become an emotive term in the political debate, just like the coalition agreement of SPD, Greens and FDP shows. “We fundamentally reject hackbacks as a means of cyber defence,” it says. The previous grand coalition already made it clear that it “did not use the term conceptually”.