All right, Good afternoon everyone and welcome to the cybersecurity lecture series hosted here in the School of cybersecurity and privacy at Georgia Tech. We have a great panel today that is going to discuss the cyber dimension of the crisis in Ukraine right now. And without further ado, I'm going to turn it over to Georgia Tech professor John Lindsay here from the School of cybersecurity and privacy to introduce everything. Great, Thanks very much, Brendan. Really appreciate the opportunity to bring together this fantastic panel. Now that school of cybersecurity and privacy is a brand-new and rather unique unit at Georgia Tech that's part of the College of Computing, but includes faculty from the School of Public Policy and non school of international affairs and gt RI, or interdisciplinary makeup reflects the fact that cybersecurity is more than just technology. And conversely, communication and computation is a dimension of every aspect of politics today. And this is true in spades of the current crisis in Ukraine. A low-level war has been smoldering in the Ukraine since 2014, when Russia occupied the Crimea peninsula, began supporting Russian separatists in eastern Ukraine. Since then, Ukraine has become one of the most active cyber conflicts in the world. The implications reverberating, reverberating beyond its borders. This is included a pair of attack, some Ukrainian electrical grid in 2015 and 16. And they're not pay a malware epidemic which caused billions of dollars of damage across Europe. Controversy over military aid to Ukraine and Russian intelligence campaigns emerged as a central feature and the first impeachment of President Donald Trump. Now the conflict in Ukraine has been described in many ways is a frozen conflict chronically unresolved, the gray zone conflict between peace and war, or even a hybrid war which combines novel cyber operations with traditional military operate. It, the conflict took an ominous turn last year, which happens to be the 30th anniversary of the collapse of the Soviet Union. The event that Russian President Vladimir Putin has described as the major geopolitical catastrophe of the century. Today, Russia has masked over a 100 thousand troops and Ukraine's border and Bella Rous menacing Ukrainian capital of cave. Many analysts are quite pessimistic. Russian demands to end nato enlargement and demilitarized nato, its eastern flank been categorically rejected by nato leaders. Diplomatic talks has stalled, although France and Germany are attempting to resuscitate them as we speak. Now, the Biden administration has publicly stated that US military intervention directly in Ukraine is not on the table, but it is providing defensive arms to Ukraine and reinforcing nato out. In short, the gray zone conflict in Ukraine is poised to become a serious war in the heart of Europe, something we've not seen since the pick up of Yugoslavia and the 990s. Now given the prominence of cyber conflict in Ukraine to date up what is happening on the cyber front today and what can we expect tomorrow? How much cyber operations affect the course of the crisis or potentially the course of the war, should it come to that? And what does it all mean for our understanding of the dynamics of cyber conflict in general? Well, to tackle some of these questions, we're really fortunate today to have an amazing panel of experts to help us really dig into some of these issues. First, we have a glib, Pokhara and Co. who joins us from Kiev. He is the CEO of QWERTY, the Ukraine based cybersecurity firm that has founded in 2014. And I think this means that glimpse firm has really been on the frontlines of Ukraine cyber conflicts since the very beginning. That gives him a close and perhaps uncomfortably close view of current events. We also have Professor Aaron Brantley, an Associate Professor of Political Science and Director of the tech for humanity lab at Virginia Tech. Aaron is the author and editor of many fantastic books on cybersecurity to newer is really to mention. An errant also works closely with the Army Cyber Institute at West Point and has conducted field research in Ukraine on cyber conflict prior to becoming an academic error and also serve in the Peace Corps in Ukraine. So I think that makes me and Leonard the only ones in this panel who do not speak any Ukrainian. Thanks. We have a Leonard mash Meyer, a senior researcher at the Center for Security Studies at odd Zurich. Letter has just published a terrific article in international security and subversion and cybersecurity in Ukraine. Urge you all to check it out. And he's working on a longer book on the same topic right now. So I'm hoping that learner will be able to give us some historical context to tell us what Russia has or hasn't been able to accomplish in Ukraine today. And last but certainly not least, we have our own Nadia crosscheck as an assistant professor at the Georgia Tech School of Public Policy. With the cross appointment at STP, Nadia really is a rising star in the academic study of cybersecurity in the international relations field. She's published many important articles and some fantastic journals that she's here to help us understand how to look at what's happening in Ukraine and understand what it might mean for cyber conflict in general. So I'm going to ask each of the panelists to speak for about five or so minutes. And then we'll follow that up with a conversation amongst the panelists. And finally, we'll open it up for questions from our online and in-person audience. So without any further ado lib, The floor is yours. Thank you very much. And I think I have a very short time to speak. And I think unapproved, present. The most obvious things that we can expect in the near time. And these things are based on our past experience and past experience of conscious like Estonia and Georgia. He takes a historical perspective for up to 2008 here when there was a military conflict between Russia and Georgia. And the conflict wishes not develop into military, but it was really political crisis between Russia and the stored in every case. And also in 20132014. And if you have a close cooperation between the military activities and cybersecurity component and information about fire. And we should not. Also very important command. Z distribution in a cyberspace is very difficult. And we still do not have a reliable evidence from our state that many attacks that you mentioned originally from Russia. So it's not pointing to officers, officials which made oldest and there are no sufficient evidence as we have gamma attribute in cyberspace something and at least official positions that many of them have origins in Russia. And the Russians are not monolithic. They have different services like FASB, military, external intelligence, even police. And they have the cyber security capabilities and they have the task which they need to achieve. And this basket scale from getting some information or making some informational faith, making fake news, or making events. And it can be used into diplomatic or economic discussions. And also this can be a sabotage. For example, total of the light and the arsenal of these activities depends on the concrete situation. Ankle, great dusk. So for sharing, you can be afraid that the energy Pavlov was energy back out in Kazakhstan, Tajikistan, I think. And that was a huge problems. I of course was not working. Hospitals was not working. That was I think from Viper Security, but just from technology and maybe process issues. But in Ukraine have some level of automatization and this can be a problem. And also we have the case when a lot of witnesses had the job of the computers, were both these actual data value destroyed with ransomware is our capabilities to recover it. And this is another case which I can see. And the other small events could be for sure, depends on the level of tensions between Ukraine, Russia, Russia, and other parties. The things that I can provide comments. Okay, thanks glib for helping us set the stage. I think we'll go to Aaron Brantley. Hi, thank you. And glib, my thoughts are with you and also with my family, is telling you can't not yet family obviously in Ukraine as well. I think when we look at the Ukraine situation and we're thinking about it in terms of what's happened over the last 89 years in Ukraine. But we can see is that Ukraine has made enormous strides in developing its own cyber security apparatus at the changeover in 2014 and the new development of new presidential administration. Really Ukraine's Deborah capabilities were, were nothing in terms of the national government or there were, there were companies and private sector individuals who, who had cybersecurity capabilities. But at that particular point in time, Ukraine kind of entered in with essentially one combat brigade team, brigade combat team ready for action, 6 thousand troops. And then they back filled with a large number of civilian volunteers across the entire country. And they suffered tactically at the, at the tactical edge along the contact line. A number of cyberspace elapses and attacks, information attacks, leveraging advanced electronic worker units and a variety of other systems. Or that the Russian Federation begin cycling in and out of the Southern Military District and particularly in the occupied areas in Eastern Ukraine in Nuance can done yet. Oh bless. Since that time, the Ukrainian military under the general staff, the intelligence services under the SBU, and the ministry defence more broadly, have worked with Western partners in the European Union and nato and other others around the world. In fact, you develop. An increasingly robust cybersecurity program that enables them to engage in more defensive operations than they were capable of. And in 2014, that being said, the economic situation, the political situation in Ukraine has made maintaining and continuously staffing particularly military cyber units in Ukraine very difficult because the pay for military officers and enlisted personnel and Ukraine it is quite low. In fact, when I went over there in 2017, the the to meet with the general staff there. The b team that competed on behalf of Ukraine in a nato lock shields exercise. Basically all of that team join the private sector after winning that, that exercise. And the reason why they joined the private sector was because they were being paid roughly $200 a month to be in the military and then they got paid about a 100 or $1000 a month when they left the military. And I think this poses a significant challenge for Ukraine geopolitically, strategically. And in the context of the current crisis. You're trying to mobilize a territorial defense. You're trying to mobilize the Digital Defense. And yet at the same time, you're facing a lot of the fundamental challenges in a development, developing state. In a lot of ways. At the same time, all of these different cybersecurity attributes have been occurring, both on the front lines of the ATO, including the hacking a mobile phones, the hacking of Thrones, the targeting and triangulation of radio and other types of infrastructure. We have also seen the development of a lot of legislation come through Ukraine and in fact, just a year ago, roughly a year ago to almost today, but a year ago, two weeks ago, they passed a new series of national telecoms regulations that changes how telecommunications rules and processes are, are mandated in Ukraine. They've implemented the Ministry of Culture and information that kind of teach the control, the information environment. And so there's a lot of really rapidly moving pieces to the puzzle that have occurred in the last eight years. And quite frankly, Ukraine has made enormous strides in improving its information security, position and posture. Yet at the same time, it's not where it would want to be if it were about to go head to head with one of the preeminent cyber powers, with preeminent electronic warfare capabilities in the world. And I think that's kind of where we are at a particular moment in time. And so with that, I'll turn it back to Jon and keep the conversation going. Thanks, Erin. I'm going to turn it over now to Leonard for a little historical context on how we might understand what's happening right now. And our foragers. Thanks, John. Thanks for having me. So quick on the background. I mean, the starting point for, for my discussion here experts, kinda widespread expectation of that cyber operation that enable and enhance the new form of grays on conflict or hybrid war. And the core idea here is that actress can now get more with less compared to, you know, go into actual war. And the supposed reason is that cyber operations are highly effective there, fast, hard hitting, and they make it easier to maintain secrecy and plausible deniability. The conflict in Ukraine as strong as already mentioned at the outset, is the paradigmatic example of this kind of new conflict. And that perception has risen that Ukraine is also the RSS test lab for using is different cyber warfare capabilities. Though that means if these instruments are this newly effective tool, right, this conflict is 0 at most, expect their potential to be evident and action. And that's what I looked at. The paper Joanna's already mentioned, it just came out. International Security is called a subversive trilemma. And obviously can't go into too much detail. But I want to focus on three main points that come out of the article. The first one I'm making is that cyber operations that and actually entirely novel is normally pursue. But they're actually instruments of subversion, which has long been a part of world politics, or an instrument and projecting power, but has rarely been studied outside intelligence studies. And to put it very briefly, subversion functions by exploiting vulnerabilities in complex systems to make these systems behave and unexpected ways. Traditionally, that's been with us a spice infiltrating organizations of different kinds than on them Operations to use malware, social engineering, different types of targets, but the mechanism of exploitation is very much anxious the same way. And strategically this, the second subversion Isn't churn active to force that promise is similar, but with less costs and risks. In here a clear parallels to the current expectations about cyberwarfare, right? Bert and Watson pointedly, subversion involves some significant challenges because it requires secrecy and it depends on adversarial systems. And these challenges produce a set of interrelated constraints that pulls at trilemma between the intensity and control that actress can achieve with these occupations. It's a trilemma because actors can only increase the effectiveness of one of these variables at the cost of losing out over the others and consequently subversion. And therefore, the cyber operations as instruments tend to be too slow, too weak, and also to volatile. Context to provide strategic value. And importantly, the track record of cyber operations in Ukraine really supports these expectations. Contrary to a lot of especially media coverage. Again, also right now, the Russia has levied five major disruptive cyber operations against Ukraine in the past eight years, pursuing election interference, critical infrastructure, cyber attachment. And I'm like disruptions. And in contrast to prevailing perceptions, these operations actually if you look into it, largely fell short of producing any measurable strategic value defined as contributing towards threshers. Major goals here, which we're getting Ukraine to reverse its pro-western foreign policy and also to weaken its capacity to resist. Importantly, as my research into these operations has shown that the reasons are the shortcomings of these operations that constraint the effectiveness and limited their strategic value. It closely aligned with these predictions of the, of the trilemma. Though how does this historical evidence linked to the current situation? Recently, there have been increasing warnings of escalating cyber attacks, strategic strikes crippling Ukraine. Some even suggests that Russia could use cyber operations instead of four. And these visions are both exciting and terrifying depending on one standpoints. But they're also improbable, both considering the strategic context in that track record. Ever conflict in Ukraine. Because the available evidence does indicate actually that Russia cyberwarfare experiments in Ukraine has largely failed. Cyber operation, square root of elements whose key strategic gains, the takeover of Crimea, partial takeover of the Donbass. These gains instead we're achieve by traditional subversive operations using local proxy agents, demand regime change explorations, and the same operations Russia then deployed afterwards, the ones I examined, right? They also failed to produce measurable strategic value. Mostly in this figure I would argue is most likely way Putin is now brain the Armed Forces falling back to the US, That's horse. After the alternative, The attorneys have failed to deliver. And this is why I would expect going a hats that cyber operations are unlikely to play a major role in these next step, or at least you know, you have a major contribution to its rules. Thanks. I hope I kept within my time and I look forward to the rest of the discussion and tasked to Leonard very provocative perspective that I'm sure we're going to discuss in more detail. And now I want to turn it over to Nadia. The floor is yours. Thank you, John. Actually, it's a very good time proportional because I'm not elaborate, elaborate more on what Walmart was on the phone and connect here that particle board PowerPoint files like to share a barber, hierarchy, substitutability or independence of cyber and military operations, how useful they are and whether they can in a strategic effect of the last model. So we had different type of messages in the, yeah, On the one hand, we have scholars and policymakers were saying that cyber, that could be mentioned deployment of cyber operations and they could be used complimenting what is happening on the ground. Ethical, they will help Russia to achieve quick, decisive victory. On the other hand, we have experts who even suggested that Russia may not know what you need to use military force. Because cyber strikes can achieve this the same because the border. So this, this predictions that expect russia cheese cyber operation or they are complements or substitutes they got, they got contradictory. To the research that I and Leonard have conducted, though in his article, which link to which aren't posted in the chat. And I highly recommend you to check out length looks at five large cyber operations. Ions that conducted a large scale quantitative analysis on thousands lower level cyber operations and how they were used and whether they will use one military. And in my results similar to what Leonard, I showed that cyber operations, they don't provide the fighting factions with a strategic advantage. In fact, I show that cyber operations, they have remained irrelevant to the battlefield. Specifically individual hacking groups, they operate it in their own bubbles, facing considerable difficulties responding to the battlefield with dance, and they had no effect on shaping them. So what does this research tell us about the current situation in Ukraine? Though, if we think about the first substitution unary argument, right? I think it's very unlikely. The reason is that is that Russia spent the last eight years experimenting with the usage of cyber operations, trying to we can Ukraine. And so the question is, why should, why, if cyber operations can substitute the conventional operations by with Russia, go through all the trouble and deploy massive tropes and incur this additional costs and risks. Joshua escalation, if, if it could use cyber tools to achieve the same effect. I'll try chum the, I argue that Russia is unlikely to use cyber operations as powerful compliments along military operations and here as y, right? So to look at the last two destructive cyberattacks that were recorded. The first one, the defacement attacks that affected 70 Ukrainian websites. They remained largely inconsequential because we know what says we quickly recovered. There was no data loss or completely white. I also wish forget malware which was discovered on the systems. One is the cranium. Government agencies also didn't cause any significant damage. So these two operations provide further evidence of delimitation of cyber operations. And those are limitations with Monarch explained. Just now. As a result, again, even if Russia will be using cyber operations during the potential conflict there, they will provide very limited strategic value. An alternative take on the, on these operations that we've seen also in the news is that the main purpose of them, not you provide the main strategic effect, necessarily a bot to create panic and fear and that stabilize the country from within. Basically to demonstrate the governments and ability to defend itself. Because the government is not able to defend its own websites and networks. And we can see some sort of similar remarks about the increase this information operations by the Press Secretary's, the White House who all said that Russia's this information operation, operations from the month of November, two months of the sample had, had increased by 1000%. The main purpose of these operations was to make the case for russia's intervention in Ukraine on humanitarian grounds and to build or the support for such actions a month Ukrainian Republic. But again, Leonard and his team did a very nice research. And again, I'll share a link in the chat. The show is there is a limit, limited effect of the social media information on the public. So again, even if there will be some strategic gains that will be very, very small through that effort. Though. In short, I would say again, we don't expect cyber operations to provide a solution dependency of Russia. I'm obviously, Russia is in the Ukrainian systems. They've been for sometimes are probably as they are now there, quietly collecting information. The collecting intelligence to provide support for military planning potentially can maximize the effects of the use of force. Potentially if they achieve their objective on the ground, we can see Russia using some cyber operation to disrupt or even sabotage something that we see later. I mean, earlier on in 2015 and 2016. But again, they're not going to be used as the main set of effort to achieve strategic fit. All right. Thank you so much, Nadia. I think I would like to open it up for a conversation amongst us and I'll start with the first couple of questions. And this is going to be directed to glib. First of all, Nadia mentioned whisper gate, which was this Microsoft report about two weeks ago of some wiper malware that was discovered. And it was discovered about the same time that there were defacement attacks across European, excuse me, Ukrainian government websites though. You know, how should we think about that event, right? Was stake, was it trying to prepare something? Did it go off correctly? What do we think was involved? And then the larger question also for Euclid is, is, what kinds of activity are you seeing right now in preparation for possible activities? What, what kinds of yours, the threat of volleying and interesting ways. What do you see? The overdub recording of progression above the experimental setup? If I vary from, I think I could probably get information from them, public sources, but I can comment mostly on the site. Espn said 70 slides. I think there's still no official results from the investigation, but rumors tells that all the sides from one positive one company. And we have here is a similar case like it was an old page. I'm always the one most popular tax reporting software used antiques or actually monopolize is that tax reporting market in Ukraine because nothing better exist, which is always up to date with ducks legislation. So all other products can do with that personality. And in such, in government we have a huge monopolization. So small number of players make big money there, and it's difficult to go into that market and that players become an attractive targets for attackers. Through a tax on supply chain infrastructure, they can propagate into their stuff, into the deadlines and make the damage. Also regarding the supply chain security, for example, even our idea as the main State portal developed by the company in Belorussia. And they have also a national government clients in Russia. And so having such support from Belorussia for our main system where personal data collected, we can expect me candidate special much security system because insiders and David data. And so I think supply chain security is one of the big issues now, it's much better than it was in 2014 when even our cabinet minister, that site was protected by Kaspersky and traffic. So Moscow under certain conditions and local support centers of vendors provide like VMware and so on in Moscow to providers or for the whole region and Ukraine was getting that support from Moscow, State system and administrative and military sisters. Here they have visual as a result, the ticket, the engineer was from Russia. Now since becomes a bit better but not fully resolved. And I think the other big program, we have, digitalization, number 56 and growth. It's like Big Bang. So everything being digitalized part the number of skilled resources, resources as people who can protect them or not drawing as well as we have proper standards like great grief and have they have IT infrastructure diminished, shaky in the States. So yes, you have your national standards. And what we do not have. So applying on the security, cyber security standards when you don't have proper manager, management of information technology in your enterprise is a user that's actually pass things over to you. Okay, Great, great. Thanks. Glib. I don't know if anybody else on the panel wants to comment on the events of two weeks ago or in general current activity that we might be seeing? If not, I'll move on to a question and maybe Aaron, I'll I'll give this to you first. You know, there's, there's kind of this emerging consensus among many academics that the strategic effectiveness of cyber operations are limited. And you heard a little bit about that from a nadia as comments. But we're always reminded by investors that past performance does not determine future returns. Could this be the event that changes our understanding of the dynamics of cyber conflicts? And what kinds of indicators should we look for to, to see if different things are happening, what's on there. Yeah. I think that generally there's a notion that cyberattacks aren't going to win wars, okay? And I think that that's probably fairly accurate. But I think that they are force multipliers in conflict. And if they're used appropriately and properly in tandem, they can soften up a population. They can make it easier to move into certain areas. They can alter the perception, the, the, and the reality of populations in those areas if done in tandem. I think we saw this reasonably well in 2008 in the Georgian War, which was a very early iteration, abusing some capabilities to essentially so disinformation to create confusion and other types of things. Does it achieve the strategic effects that you might want to achieve in war? No. I think that no single weapon system in any type of conflict, with the exception of perhaps nuclear weapons. You, that she's the exact strategic effect of winning a conflict or winning a war. And I think that we oftentimes create this false dichotomy or this false, this straw man argument that cyber is somehow going to be the magic bullet that wins worse without tanks. And that the reality is that cyber is an incredibly useful tool. And I think that we've seen that already in the Ukrainian context with the triangulation using SS7 attacks against Ukrainian service numbers, mobile phones. We've seen it with the ability to use cyber and other types of EW mechanisms to disable incoming artillery and, and, and mortar fire and munitions. And we've seen it in the ability to soften up the Ukrainian public and also the international public and our response to Ukrainian moves and counter moves or political events. So when you think about it in that way and take it out of this notion that cyber is somehow going to be the weapon. And you put it in the constant text of it being a weapon than I think, or a tool in the service of a broader military campaign. I think then you start moving into what the true import and impact of cyber could be. Thanks Erin, Nadia, and Leonard. You want to get in on this at all? You're going to pick a regional question. I'm sorry. I got that. Lender, eric. Yeah. Yeah. Yeah. Well, I mean, we are talking about whether previous cyber conflict activity that we've seen is really going to be predictive of what we should imagine in the future. Here. Given that one of the kind of persistent features of cyber conflict activity is that we're often surprised by what has happened, right? We think that we're defending pretty well and then suddenly we're dealing with WannaCry or not pet at a scale that we hadn't imagined before. Suddenly, you know, we think that we've secured our election infrastructure and now we're dealing with massive attacks at the content level. So surprise is kind of a unsurprising feature of cyber conflict. And so should that maybe induce some humility in the way that we start thinking about the strategic effects of cyber going forward? Or do we have enough confidence in our assessment? So maybe, Maybe I'll move on to a related question. I think a lot of our discussion right now has been focused somewhat tactical level of how cyber could be used to support military operations and where we might expect it to see. And we've thrown around this word, strategy. But strategy is all about using military or non-military instruments to achieve national security objectives. And we haven't talked very much about what we think the conflict is, about, what Russia's ambitions are. And so if we think about different outcomes, right? Perhaps this is an exercise in coercive diplomacy, right? Perhaps it is a preparation for military operations and that's a foregone conclusion. Maybe there's very limited operations just in the Eastern Ukraine. Maybe it's something more significant aiming at regime change. But my question is, how does your assessment of the Jew political dynamics of the conflict inform the way that you understand cyber operations. Anybody want to tackle that? One moment? Okay. Okay, thank you. It's a little comment from, again, geopolitical to talk about some aspect like cryptography. It's very important for the independence of the state to have assurance that nobody get an intercept and pieces of information which goes on your cables. Even military guys is talking. And before we can compare the genesis of cryptography in Ukraine, Belorussia, and other countries. For example, EPA had a school of cryptographers when Keith and arctic regions. She's left from the Soviet Union School. Some other countries they did not have an F, even their own cryptography. Also, by either using regression-based geography solution are US based actually commercially great driver ciphers. And Ukraine before was using the satyrs, which is based on Soviet Union cipher. And the parameters for the ciphers originally originated in Moscow. And you can, if you are taking it blindly the parameters and how to properly issue, then you will have a high risk of backdoors, their weaknesses. Used to, whether it was by linearizations, solving cipher with a set of simple math education. Not so simple for an original person, but it requires a cracking. Though we have socialization to 2000 sorting, sorting and then maybe dropped in our relationship with Russia. So we'll say Washington after the premiere deviation and Donbass situation, new cipher was adopted by me paying half, which is based on the origin, which is used in the United States. I think the minor corrections were made to remove Fernand weaknesses to be shoveled significant adults to make this our equipment incompatible with enterprise barrels are always minus the left and you create a target. So to protect international market in Russia, I was looking there, you know, part of that united super-state, this perfect balance with Russia. And they're dumping of a cipher which come from Moscow. So we can expect from us with a higher probabilities to interceptor everything which is encrypted and Belorussia. And for Ukraine now they have less than probabilities. It at least you, they cannot break past the United States National Standard. So this is how geopolitics and the reflected in cryptography and K10. So you can continue. Yeah, so I was doing so well because a lot of what I was going to say majority carriers, which makes sense since we're just working on a piece of working out those points, looking ahead. But I think one thing to consider in the larger context in this idea that this may be actually point. Now we're going to see that to be the idea that, you know, a lot of people have assumed the commentary in the media now. And the underlying assumption is that there are much more powerful capabilities, but nowadays use them. They'll let you know that Russia has been saving up. Basically it's best stuff for now. But the point I'm making and then really comes also threw in the evidence is that there are intrinsic constraints to what you can achieve with these capabilities. And these constraints are independent of the strategic context. I think that's a point worth making. In ASU, you have a lot of commentary and also speculation on the possibilities. And every month we can think of a billion different ways that cyber operation might be relevant and might achieve some strategic, a useful outcome. And many of these are plausible as well, that equally plausible. But the, the crux of the problem is that to actually produce many of these outcomes, it's not easy and that's the assumption. It's hard for some things because of the complexity of the technology and you know that something goes wrong, that you'd get discovered that the systems that we manipulated behave in a different way than you yourself expect, which is the very mechanism at play here. It works both ways. Who tried to produce an outcome that your victim doesn't expect? That the same complexity that makes that possible also bears the potential that you yourself get surprised at what the effect is. Quite sample that and clearly seems to have happened with my pet here, where it basically ran out of control and an asteroid, you get the common saying, Well, this was a clear signal link. If you do business that Ukraine you get punished. Though. I mean, you can argue all of this in hindsight. But the evidence shows is that actually it went out of control and was most likely not attended. And that's, I think it's very important to keep in mind when we think about what might happen here, going ahead, even if it escalates, these constraints don't vanish. And that's why I would not expect that we suddenly see a fundamental change. Why? I don't see, I haven't seen a convincing argument why we should see this change happen when we have enough evidence. Now looking back, even though, you know, operations context, I wanted to add to this question if I may or yeah. So I wanted to touch a little bit more on the on the psychological component and notice in the chat and the information operations wouldn't pick about that yet. So the whole conflict concept, that very unique sort of geopolitical situation, by putting the probable error, it was declining, Ukraine was renewed his ambition to do a neater. Also, there's a growing support among the Ukrainians to join nato. And we can see again that there is a change in strategy, if I may describe it this way in the how russian sponsor does information operations are being illustrated the beginning, there was a little bit more discussion about sort of spreading pro-Russian messages on social media. Now the messages as becoming, as I mentioned, anti-Western and trying to influence the sort of minds and hearts, innovation and psychology to reduce their desire to join nato, right? So people, instead of 58%, they're going to have only 30 percent then obviously influence governmental decision with this addition, et cetera. Obviously, it's not going to happen at this point of time because we have very tense situation. But obviously information and information, this information population has been an important component of geopolitics and government had been appointed the strategy, what it is effective or not, we still have to see, but I'm sure that continue to happen. Which I kind of quickly sizzling. I quickly jumped to her local yeah. Real quick. I just think that we're overlooking the tactical aspect of it, the case. I think that, you know, we, we raise the question back up to the strategic level quite a bit. And I think that in large-scale conflicts that, you know, we're still looking for that silver bullet. But there's a lot of smaller things that happen in large strategic events that can make things easier on a military or not as easy. And I think that we've seen the US do this. We engage in cyber attacks against the rocky information systems. And we invaded both in the first Iraq War and second Iraq war. And we've done it in a variety of other times as well. Does it solve the problem strategically? Know, but I think the tactical impact should not be overlooked. Okay. Thank thank you. Hear anything? Let me take that as an opportunity to take a couple of audience questions. And maybe we'll turn to this question of tactical operations that may have bigger strategic consequences because they're happening outside of Ukraine proper. So Thomas asked, what is the worry of Russia turning cyber attacks? Nato or the US? It distracts nato or the US. If Russia were to invade. Though, how should we think about larger scale cyber operations, whether that includes disruption or this information that are not restricted to Ukraine proper, wants to tackle that. I guess I'll throw my $0.02 in there. And I think this gets back to N80 has comments on strategic. Strategically. I think it would be as a massive mistake to expand the conflict beyond the the, the territory that it's in there currently engaging in threatening operations against the non nato member if they were to extend beyond that into a nato member. And perhaps as you said just a second ago, an attack that out of way, I got out of hand the potential for the invocation of Article 5 and bringing in other members under that would be a massive strategic lapse in judgment. There are a number of other ways that the Russian Federation could undermine nato and European and US forces and allies and this relationship. And I think that engaging in cyber attacks is probably not the best choice. If I can add to this as well. But obviously they seen some minor level operations against needed websites and obvious either at the earliest stages of the context, 2014, 2015, 2016, we've been moving and again, a lot of the cyber espionage operations have been discovered against various European countries, et cetera. But there was no a major blow up, right? There was thought that the gods will fill out that because of the conflict in Ukraine. And so I think with the whisper gauge, there was a little bit of discussion of sort of what it would be, could be, could be the same effect doesn't take out, not so obvious yet. They couldn't be subset of spillover effects, unintentional effects, I would say, as a result of some of these actions, but I agree with parenting with patterns assessment that it wouldn't be a smart decision to actually do an intentional attacks will have a very serious outcome against nato country because then that could be August want ask, I'll try and measure. And we could have serious effects. It might not be smart, but Russia has a history of behaving and counter productive ways if the goal of this operation since 2014 has been to preclude nato expansion and to pry Ukraine away from nato. He leans farther west than it ever has before. Nato has a sense of purpose like it's never had before. So there is greater nato unity than, than there has been. So we've seen Russia do a lot of things. And if we conceptualize cyber as this ray zone thing that doesn't provoke escalation, then perhaps Russia might be willing to gamble and that gets into this. Should I do we conceive of cyber as an escalatory knew that would trigger Article 5 or do we look at it as a D escalatory means of defusing tensions and maybe helping Russia to save face by it doing something without actually deploying all the military forces that it has. My comment yesterday, I was listening us. The President of Russia, it's three hours of his speech to the nation. I'm not sure who before he was doing any kind of speech so present or whether Russia was speaking. And the topics. That will be more. He felt he has refused because they were on the condition that burrows apart. So later he had another discussion and he can remember leapfrog its neighbor state to Belorussia. And it's an ETA state that actually, and he thought that liquid has an economic warfare. Now with Belorussia. And bela, russia is always ready to ask for. His tone was sachet with area War II, economic sanctions or anything. So our component can go cells or even for the Navajo or Thank you for all reason to start breaking these rules of thumb on hex from Ukraine, for example, Bella Russia, russia, stolen or from another country. Very positive relationship between Belorussia department. So for me that was a surprise that they have some problems. He's ready to make war with. Well, it's not always crave. Great. So I wonder if I can start to rotate the conversation now. From what do we expect Russian activity to look like to what kinds of policy responses wouldn't make sense at this point. So there's a great question from Adam talking about reports of Ukrainian forces going back to old crank telephones, trying to embrace analog technologies that have less cyber exposure. So, you know, and then he asked a specific question to Leonard. Is there a way to take advantage of the trilemma you're talking about to make things harder for Russia without bumping into the same trilemma ourselves. Like, how should western Ukrainian hybrid defenses array themselves to, against Russia to take advantage of the trilemma rather than suffer from it going to take a stab at that? Sure. I think me the most simple answer to that is that this would be a long-term thing, right? I don't think this is something you can do in a quick kind of response and changed the defense in this way that would make it work better right now in response to the crisis. But I would definitely argue that this would be a key consideration and defenses and move away from this idea that you can harden and in a way and building resilience, which is all about somehow managing risk of intrusion in this abstract way as if it's suit almost natural forests 13 or you can predict in a way. But the basic problem is that you have an intelligent adversary here who just tries to create some unexpected ask outcome, which by definition means surprise for you. So it's about strategies under uncertainty. And with that in the back of one's mind, there are real opportunities here. Instead of having this kind of defense mindset, one, that counterintelligence side. It's thinking, focusing on their ability to detect intrusions and monitor activity and then figure out what's 200 actually. And also turn that into an advantage by finding out what do you have adversary is doing, dissecting their methods and tools like happened with this wiper right now and neutralize stuff, especially before it can produce an effect. And also larger defensive kind of approach if your design systems are another way that you went to mitigate intrusions or prove Anthem? Yes, sure. You can try to make it as hard as possible and as unpredictable as possible for whoever wants to go into your system. So you're actually and probably somewhat counter-intuitively, the more standardized things are across Utah, especially different sectors, which has a lot of advantages. It can Italy. But then also obviously brings the predictability we have. You know, you can get into one system, you can get into all kinds of systems that are based on the same standard though by somehow creating some way. I don't. All right, we'll call it some balkanization of standards across sectors at what making, just basically making systems not unpredicted and create some tracks ideally where you can find someone like a honeypot is a key idea. Yeah, I don't want to talk too long about this, right? There are many different ways to do that, but short version of the answer is yes. I think this is a very good idea, right? Let me let me ask if there are any questions from our live audience and the panel. Yeah. Thank you so much, John. Any questions from the room? Please feel free. If not, I definitely have one. This has been a fascinating conversation, so I'd like to kind of continue down the thread that you started with the previous question. So we've kinda heard a lot about cyber attacks are extremely good in terms of initial goals, but they might not be the silver bullet that we're looking for. How do policy makers then respond to that? How did they, how does that affect their prioritization of cyber defenses? Given that, you know, maybe it may not be the end of the world in terms of cyber, can anyone comment on that? Arrow? And I'm going to let you do that and I want to tack onto Brandon's questions. If you can maybe speculate a little bit on some of these reports that US Cyber Command is already deployed. Cyber mission force teams to Ukraine. You know, what do we think that they are doing? What kinds of assistance might that involve are really tough question to answer. To be honest. Though, the US has deployed over the, over the years it has diploid number of Guard units and cyber national recognition for Train and assist programs. They're not putting hands on keyboards to the defense of Ukrainian units or anything like that. But they have been involved in training assist. But I think it what everybody's kind of waiting to see is, is how the initial phases and following those phases impact the conduct of operations in a lot of different ways and where defenses and defensive measures can come in and arise. And whether you can do counter mobilization and how this impacts us strategy, quite frankly, in terms of our defense forward strategy. And if this gets back to a previous question about, you know, are we worried about then extending beyond? If you want to prevent that makes them you'd be on and you would address the issues there. In terms of understanding this problem in a, in a larger context. It's very important to remember that Ukrainian and Russian infrastructure, network infrastructure and everything from the ground up absolutely every aspect of their critical infrastructures thing linked intimately with Russian Federation infrastructure for the better part of its developmental history. And it's only been on then in the process of the linkage in the last eight years to when we talk about switching to crank phones or even moving beyond defense, you're trying to, to change the policy structure for the entire state and put in vast amounts of infrastructure. So in 2013, all of the mobile telephone company, everything at edX, significant Russian ties is now shifted to various other nations. All the landline and terrestrial lying telephones and other things were based on storm systems and other touch things. And now you're trying to de-link this and still create long-term policy and defensive solutions or that. And so here, if you're looking for operating in essentially the worst possible conditions, sending over US National, Cyber, National Emission forces and others to see what the worst possible case scenario of working in a country trying to defend itself, drainage it. I mean, it's, you're trying to defend basically on quasi enemy territory with an adversary that has intimate knowledge of your own network infrastructure. Right? Thank you, Erin. We're almost at the end of our time. So I think what I would like to do right now is ask each of the panelists to offer one piece of advice or give Brussels or Washington, tell me which capital or government you want to talk to and what that advice would be for managing the cyber dimension of this crisis. Take this in reverse order, starting with Nadia. Just tell me you did not yet. Yeah. So it's it's very I really I'm kind of emotional because as I mentioned, there's my family there and that's my advice is not very practical, but I would say stay strong and thought about the government advice. I'd say it's for the people because it's very tricky and there's escalate the situation escalates in several Yeah. It's not fiber, but stay strong. Leonard. Yeah, I think my palm and would be really on something I was surprised to see coming out of the White House. Does that. I mentioned that in my little talk earlier, the idea that Russia might use some cyber operations instead of invading. That was by an unnamed White House official who was afraid of this. And then also apparently that motivated partially the US response to providing assistance to Ukraine, which I think is very useful. But I think it's quite, it's a huge distraction raised this idea that, well they might just use some hypothetical future cyber Pearl Harbor scenario that everyone has been afraid of and that districts resources and energy away the needs of the actual military aggression. This is, there is tangible and it's dead. That's forms of, you know, as the main priority and go down the rabbit hole. Thank you. Letter bearing one piece of advice to the capital of your choice. I think too, that to the Western powers in engaging in diplomacy right now, I think that we oftentimes think of things from the Western notion of national self-determination and sovereign rights and things along those lines. And we oftentimes fail to see the perspective of our adversary. You know, when, when the, when the Soviet Union put nuclear missiles in Cuba, we got pretty pissed off. And they said, Well, hey, do you have in Turkey understanding the context and the perspective of the adversary in this particular regard and understanding why they feel the way they do, I think can provide a starting point for diplomatic positions that, that, that really will influence and be important for future diplomatic negotiations moving forward, whether it's cyber or anything else. Thank you, Aaron glib, you get the last word. Paper. I think the most important question is, how do you compare the clarification of exponents? That what are my thing goes for another clients also because in case of any nuclear attack, the conductors and computers, they can be very effective because of electromagnetic impulse, which is it goes though, having the ability work with electronic lumps and technologies can allow to continue operations and missions of the units a year after the tactical nuclear weapons club. And the hormones are going to have a discussion about that or how computers will actually work in that situation, how people work operates. We know for certain period of time they can do something until episode, but we'll talk with us for a bar and folk poetry. It's an open question because nobody authors in public. All right, well, I want to thank our panelists for joining us. Please join us in appreciation for their time. Glib, especially I know you're incredibly busy and what you're doing. And our thoughts are with you and with everybody in Ukraine who may be affected by this crisis, we haven't been able to get to all of the questions that have come in online or maybe in the audience. And that's just because this is an incredibly complex and urgent issue. So this is really just the beginning of this conversation. Thank you all for being a part of it. And I look forward to seeing you at future events. And I would like to thank you John for bringing this fantastic panel to us here at the School of cybersecurity and privacy. And of course, I wish everyone the best and for everyone in the audience, please join us next week. Same time, same place, School of cybersecurity, privacy cyber lecture series. Have a good day, everyone. Thank you.