Shields Up?: Oleg Shakirov Discusses the State of Russian Cyber Defenses

By Bennett Murray, MALD 2026 Candidate, The Fletcher School

Cybersecurity researcher Oleg Shakirov spoke at Fletcher on October 9, 2024 about Russia’s cyber defenses amid its ongoing invasion of Ukraine.

Shakirov, who was a visiting scholar at Fletcher in Fall 2022 and is now pursuing a Ph.D. at Johns Hopkins University, spoke about how ill-prepared his native country was for cyberwarfare when it initiated its full-scale invasion in February 2022.

“Russia did not have this ‘shields up’ approach in the run-up to the war,” said Shakirov, referring to the ongoing “Shields Up!” campaign of the U.S. Cybersecurity and Infrastructure Security Agency (CISA), which started in the weeks leading up to the invasion in anticipation of Russian attacks.

The result, said Shakirov, who is originally from Chelyabinsk, has been frequent successful attacks by pro-Ukraine cyber groups against the RuNet, as Russia’s portion of the internet is colloquially known in Russia.

“Since 2022, there are daily reports of specific incidents,” said Shakirov.

These attacks range from relatively harmless distributed denial of service (DDoS) attacks and petty website defacements to serious data breaches.

The most talked-about attacks in October occurred on Vladimir Putin’s birthday on October 7, which saw pro-Ukraine attackers hack the websites of the Russian court system, as well as those of the state broadcaster VGTRK.

The Ukrainian cyber warriors, explained Shakirov, can be broadly grouped into four categories. Firstly, there are the hackers who were informally mobilized by the Ukrainian state at the start of the war into the IT Army of Ukraine. The second group are skilled, independent hacktivist collectives, many of which can trace their origins to cyber activist groups formed in the wake of the initial invasion of Donbas and Crimea in 2014.

Thirdly, there are career cyber criminals who turned from financial to political motivations at the onset of the full-scale war (some, said Shakirov, continue to do both). Lastly, there are the Ukrainian intelligence agencies themselves engaged in cyber warfare against Russia, namely the Security Service of Ukraine (SBU) and the military’s Main Directorate of Intelligence (GUR). 

The combined efforts of the pro-Ukraine hackers have resulted in successful attacks against a wide range of Russian institutions, both public and private. Their effects have ranged from merely annoying to destructively compromising.

The Ukraine cyber warriors have, at times, found previously uncontemplated vulnerabilities leading to real-world damage. In one instance, the national alcohol industry was brought to a virtual standstill after a series of DDoS attacks against the federal accounting portal used by producers and wholesalers to record distribution. With no way to input transactions into the system as required by Russian law, booze factories nationwide were forced to halt shipments as neither distributors nor retailers had a way of legally accepting alcoholic merchandise.

The overall cost to the Russian economy incurred as a result of Ukraine’s cyber offensives is a mystery, explained Shakirov. The Russian authorities do not publish official estimates, and putting price tags on the full scope of losses from cyberattacks is tricky, even in the best of circumstances.

Furthermore, Shakirov says that companies are reluctant to publicize losses from cyberattacks or admit to embarrassing data leaks. In addition to the risk of losing consumer confidence, companies know that the Russian state does not look kindly on companies that fail to prevent successful cyberattacks.

“In the government rhetoric, Putin and some other officials would say that Russia is the most attacked country, that Russia was turned into a cyber battlefield. But when it comes to individual organizations, suddenly this becomes their own responsibility,” said Shakirov, adding that companies were inclined to downplay the impact of the attacks that they are unable to deny outright.

Ultimately, Shakirov said that Ukraine’s cyberwarriors hope to achieve a “death of a thousand cuts” against Russia. Two years after the start of the full-scale invasion and 10 years after the war’s opening shots were fired in Donbas, it is difficult for Shakirov to evaluate which side has the edge in cyberspace.

“It’s hard to say if Ukraine or Russia is winning the cyberwar,” he said, adding that both sides may have some advantages over the other. But regardless of the outcome, Shakirov said seminal issues in this new field of warfare are being worked out in Ukraine.