Russia Invades Ukraine: 5 Considerations for the IT Community

As anyone who has checked the news today is aware, Russia invaded Ukraine early this morning as the United Nations was holding an emergency meeting seeking to persuade Russia not to invade. The initial results have included stunning pictures of Russian military vehicles and missiles entering Ukraine, the Moscow Stock Exchange falling over 30% in one day, and new international sanctions.

Although the subtleties of geopolitical complexity, NATO, the historical Russian Empire, Ukranian governmental changes, European oil and gas supplies, and nuclear arms are far far far beyond the scope of what we cover at Amalgam Insights, we absolutely hope for a quick and peaceful end to this attack.

In the meantime, we live in a global economy and there are specific aspects of this invasion that specifically affects the IT world.

First, plan for potential delays in software development. Ukraine had established itself as an important nearshore and offshore application development source with over 200,000 skilled developers. Many top software companies and enterprises employ developers from Kyiv and other Ukrainian cities. With this invasion, developers are either moving west to Lviv, Ivano-Frankivsk, and Lutsk or into Poland or being conscripted into defense forces. From a practical perspective, this is going to delay development of new versions and features. Check up with your key vendors to see whether there are expected delays based on this issue. Obviously, there is no feature more important than these lives; this is just about being able to manage expectations and to keep in touch with the people who are building the tools you use at work.

Second, check up on cybersecurity. With current sanctions and financial access locked down, Russia will be looking for liquid funds by any ways necessary. This includes ransomware, accessing computing for cryptomining, and using remote computing to mask trails to access other digital assets. This is a good time to update your patches and passwords and to be diligent on social engineering schemes designed to get employees to click through or give away passwords on the phone. Clicking unknown links is always bad, but this is an especially good time to be paranoid about updates even from trusted vendors and suppliers.

Third, keep your cryptocurrency and NFTs (non-fungible tokens) safe. Crypto has been an enabler for black market activity because of its nature as a relatively liquid asset that is relatively easy to transfer. Make sure that any digital assets you or your organization have are backed up on a well-governed store such as ClubNFT. And make sure your crypto is safe on a wallet you own.

Fourth, budget for cloud costs to increase quickly over the rest of the year as the cost of computing increase. Russia and Ukraine are the primary producers and purifiers of the noble gas neon, which is used to etch semiconductors from 180 to 1X nm nodes, which make up roughly 75% of the total market. Ukraine provides 90% of the world’s supply of purified neon, with Iceblick alone estimated to provide over 60% of the world’s neon. As strategic Ukrainian targets are attacked, the supply of neon will decrease in the short term making chip prices go up. Even if Russia manages to create its own purification capacity, sanctions will make neon extremely expensive. As an example, when Ukraine was initially invaded in 2014, neon prices went up 6x.

Fifth, expect a flood of disinformation across all areas. Modern war is conducted not only as a military exercise, but as a financial, digital, informational, and political exercise. There are aspects of information that Putin and the Russian government are interested in controlling for their own specific reasons that can lead to non-factual announcements. This is going to be, in technical terms, “a pain in the ass” to manage as fact checking becomes more important. This may include disinformation around cybersecurity, healthcare, politics, or any other number of areas with the goal of providing distractions. As a key ally of Ukraine and a core member of NATO, the United States will likely be a target of the social rumor mill in a variety of ways. Ironically, I’ll use a Russian proverb for this recommendation: Доверяй, но проверяй (Doveryay, no proveryay – Trust, but verify).

And, obviously, make sure that your organization is not dependent on Russian computing and financial resources as the risk that those resources will be cut off from the rest of the world is unfortunately real as the escalation of cyber and financial conflict increases.

This invasion is a sad and worrisome time for the world. In our roles as technologists and IT shepherds, there is only so much we can do. But it is up to us to make sure that the assets and services that we manage are kept safe and in control in challenging times. Stay safe and keep your organization as safe as possible.