War in Ukraine: cybersecurity and data privacy


Institutional Communication Service

1 July 2022

The war in Ukraine can be defined as a hybrid conflict, what do we mean by this and what are the implications in terms of cybersecurity and data privacy? Today we discuss these issues with Marc Langheinrich, Dean of the Faculty of Informatics.


Which kind of cyber-attacks exist?

The term “Cyber-attack” broadly describes active interventions by a malicious party – through the internet - to either disrupt an online service (e.g., banking services) or to gain unauthorised access to a service for “stealing” or even manipulating information. Of particular concern are attacks that target critical infrastructure, such as hospitals or power plants. Such attacks have happened with increasing frequency in recent years, e.g., the ransomware attack on Ireland’s public healthcare provider, the ransomware attack on an Oil pipeline in the U.S., or the attack on a water treatment plant in Florida that almost succeeded in increasing the levels of a certain chemical in the water to dangerous levels – all in 2021.


How are cyber-attacks becoming another front in a war?

Disrupting critical infrastructure has always been a popular tactics in a war, though in the past this was mostly restricted to physical destruction, e.g., of bridges or power plants. With today’s increased digitalisation, it is far cheaper to have a “hacker” team attack such critical infrastructure from the safety of an office far away from the front lines. Yet the impact of, e.g., shutting down the systems of a power plant through a targeted cyber-attack may be just as effective as trying to take it out in an air strike. Similarly, breaking into state computers might provide an attacker with important tactical information that may be vital for deploying troops in a battlefield.


Can we define the Ukrainian- Russian conflict as a hybrid war?

Very much so. Many Russian government services have been using state-run “hacker” groups for years, e.g., the Russian Federal Security Service FSB (the successor to the KGB) is running a group called “Berserk Bear”, the Russian Foreign Intelligence Service SVR is running a group called “Cozy Bear”, and the Russian military intelligence agency GRU is running a group called “Fancy Bear”. These groups are thought to be responsible for several high-profile attacks in recent years, such as the SolarWinds supply chain compromise in 2020, an attack on a U.S. nuclear power plant in 2014, or an attack on the Estonian parliament in 2007. All of these attacks have been made without any open conflict between Russia and the involved countries. It is thus no surprise that a “real” war will also contain many elements of cyberwarfare. Note that also the spread of misinformation (“fake news”) can be seen as an act of cyberwarfare, given the important role of public opinion. This, too, is very visible in the Ukraine war.


Marc Langheinrich received a Master´s degree (Dipl.-Inf.) in computer science from the University of Bielefeld, Germany, in 1997, and a PhD (Dr. sc.) in the areas of ubiquitous computing and privacy from the ETH Zurich, Switzerland, in 2005. Prior to joining the University of Lugano in 2008, Prof. Langheinrich was a senior researcher and lecturer in the Department of Computer Science of the ETH Zurich. His main research interests are privacy, security, and usability issues, in particular in the areas of ubiquitous and pervasive computing.


For more information and interviews contact [email protected], +41 58 666 47 92