Why phones and the Internet still work in Ukraine

In the early days of Russia's invasion of Ukraine, various cybersecurity experts had reported the risk of large-scale attacks on the country's communications systems and government sites. Except for a few isolated cases and despite the great devastation in the bombed cities, the Internet continues to be accessible in Ukraine and the telephone network works, both for making phone calls and for surfing online, albeit with some slowdowns. The army has limited the attacks both because it wants to exploit Ukrainian networks to spy on communications, and to mitigate the serious problems of its own equipment which have proved to be less reliable than expected.

Communication on the Internet, particularly via social networks, has proved essential for the government of Ukraine, both for updating citizens on the decisions and activities of the army and for promoting propaganda. The Ukrainian president, Volodymyr Zelensky, has extensively used his profiles on social networks to communicate with the population, to demonstrate that he remained in Kiev to personally face the invasion and to put pressure on foreign governments to obtain aid economics and weapons.

A large amount of photographs, videos and updates on the bombings and attacks carried out by the Russian army, often against unarmed civilians who have filmed the scenes with their smartphones, have also circulated on social networks. Lists of Russian soldiers participating in the invasion have been made public and satellite images have also been disseminated online, which accurately show the position of the columns of Russian military vehicles in Ukraine.

Blocking the dissemination of this information and communications could be an important advantage for Russia, but excluding an entire country from the Internet is next to impossible, especially if you do not have physical control of most of that country's telematics infrastructure. The destruction of cell towers and main data centers within Ukraine could significantly reduce the communication skills of Ukrainians, but according to various analysts it would also severely penalize Russia.

Keeping the networks active allows the Russian intelligence and army to spy on a large part of communications, especially telephone communications. Knowing, for example, the mobile numbers of government officials and army officers, it is possible to carry out espionage activities not only to detect conversations and exchange of messages, but also to reconstruct with a good approximation the geographical position of the owners of the phones. .

For a long time, prior to the Russian operations in Crimea in 2014, the telephone operators of Ukraine had close ties with companies and telecommunications managers in Russia. Having extensive control over important strategic companies such as telephone companies, the Russian government over the years has been able to build numerous access points in Ukrainian networks, often without the knowledge of the operators of these infrastructures themselves.

The spread of private conversations between Ukrainian government officials, politicians and officials in the past demonstrates this ability of Russia, mainly used in campaigns to discredit the Ukrainian government among the people of Ukraine and abroad.

The Russian army may also have decided not to destroy the telecommunications infrastructure in order to be able to exploit it immediately, in the event of a relatively rapid end to the war and with the prospect of medium to long-term occupation of a large portion of Ukraine. Mobile and cable networks are complex and expensive to build and put into service: limiting the damage as much as possible would save resources, as part of the inevitable reconstruction of roads and buildings.

When it completed the annexation of Crimea, it took Russia several years to gain full control of the communication systems in the area. Throughout the period, the networks continued to operate, but under the previous Ukrainian operator. The transfer of power was not a bureaucratic formality: the army ordered the search of some offices of the telephone operator Ukrtelecom to gain control. Over a much wider area, such as that of the entire territory of Ukraine, the difficulties could be even greater, given that it is unlikely that Russia will be able to exercise full control over the whole country.

The non-destruction of telecommunications systems and the reduced number of cyber attacks against Ukraine also depended on another factor: the Russian army has need the country's infrastructure to communicate. And so far, the contacts and coordination between different departments of the forces engaged in the invasion seem to have had some problems.

In recent days, several cases have been reported in which Russian soldiers have confiscated smartphones from the Ukrainian population, to communicate with each other and coordinate some military activities. These activities have increased following the Ukrainian government's decision to block Russian phone SIMs so that they cannot connect to the country's mobile network. The Ukrainian authorities have asked the population to report any smartphone theft, in order to intervene to block the SIMs confiscated by Russian soldiers and prevent them from making calls or accessing the Internet.

Members of the Russian military who use mobile phones with Ukrainian SIM cards also expose themselves to greater risks of control and interception by the Ukrainian intelligence, which can obtain important information on their position and action plans.

Communication problems in the Russian military appear to be quite widespread, with various reports of soldiers sighted using normal two-way radios, with no systems to encrypt communications.

More and more evidence is emerging that the Russian forces rely on civilian radios and mobile phones for their communications. Our source in one invading unit confirms this.

This photograph is said to show a civilian radio captured by Ukrainians.https: //t.co/ppwYktFsaD

– CIT (en) (@CITeam_en) February 28, 2022

Encrypted communications
A year ago, the Russian military announced with great emphasis the introduction of a new system for encrypting cellular communications, called ” Era”. It should have allowed us to continue sharing data and information between high command and the front, even in enemy territory, but apparently the system is not working as expected.

Christo Grozev, executive director of the investigative journalism site Bellingcat, said that in recent days the Russian army tried to use Era from Kharkiv, where the Russian bombings had destroyed several cell towers, but failed precisely because Era's technology it is based on 3G and 4G networks. “The Russian army is equipped with secure phones that cannot work in areas where the Russian army conducts its attacks,” commented Grozev.

The idiots tried to use the Era cryptophones in Kharkiv, after destroying many 3g cell towers and also replacing others with stingrays. Era needs 3g / 4g to communicate.
The Russian army is equipped with secure phones that can't work in areas where the Russian army operates.

– Christo Grozev (@christogrozev) March 7, 2022

Precisely because of these communication problems, on March 7, Ukrainian intelligence intercepted some conversations between Russian officials, confirming the death of General Vitaly Gerasimov in Kharkiv. In the intercepted phone call, a Russian intelligence officer said he could not use secure communication systems and was therefore on an unsecured line managed with a Ukrainian SIM, therefore easily intercepted by Ukrainian intelligence.