While the physical war in Ukraine is already a humanitarian disaster, the virtual war over the internet and the tech companies that run it and use it will likely get a lot worse.\nThat\u2019s because for the most part the actual internet network has withstood the onslaught since Russia invaded Ukraine. There have been outages and extreme slowness in parts of the country and malware or other threats have proliferated but in general\u2014to the surprise of many\u2014the network has been pretty resiliant considering the extreme circumstances, experts say.\nThat\u2019s not to say there haven\u2019t been serious problems.\u00a0 The internet research team at ThousandEyes said it detected significant levels of internet traffic disruption and reduced availability of key Ukrainian banking, defense and other government websites. \u00a0\u201cThe patterns of disruption are consistent with network behavior we have observed during other distributed denial of service (DDoS) attacks, as well as indicative of potential countermeasures that may have been taken by service operators to mitigate impacts to their service,\u201d ThousandEyes stated March 4.\nDDoS mitigation, when employed via cloud services providers, has largely been effective, the group said.\n\u201cThe websites and services that have deployed large-scale cloud-based security providers (such as Imperva, Cloudflare, etc.), either for a period of time or switching recently during the last week, have been able to more effectively maintain uptime and access,\u201d ThousandEyes stated. \u201cThese DDoS mitigation providers typically redirect traffic through their own infrastructure, which can manage higher traffic volumes as well as use techniques to scrub malicious traffic and send legitimate traffic to the actual destinations.\u201d\nThousandEyes said it saw no evidence of large-scale DNS or BGP attacks as speculated. \u201cDNS and BGP, while not seen as attack vectors, remain points of potential vulnerability and should be closely monitored for impact to sites inside Ukraine and even beyond,\u201d the group stated.\nUkrainian organizations appear to be taking defensive measures by blocking selective traffic originating in Russia and in some instances China, ThousandEyes stated.\nOthers have reported similar problems and resolutions.\u00a0 For example, network data confirm a series of significant disruptions to internet service in Ukraine beginning Feb. 24, the day Russia invaded. Disruptions have subsequently been tracked across much of Ukraine including the capital city Kyiv as Russia\u2019s military operation progresses, according to London-based global internet monitor NetBlocks. Outages over the course of the invasion have also been reported too by the Internet Outage Detection and Analysis (IODA) project at Georgia Tech.\nIn addition, the country\u2019s core internet backbone provider GigaTrans, reported big outages on Feb. 25 and other outages and recovery since then.\nOn March 3, Netblocks tweeted:\n#Mariupol, Ukraine under siege: \u201cWe are being completely cut off\u201d report citizens with no electricity, no water and faltering telecoms. Real-time network data show a collapse in connectivity.\u201d\nNetblocks also reported Ukraine\u2019s second-largest city, Kharkiv, \u201ccontinues to take the brunt of network and telecoms disruptions, leaving many users cut off amid scenes of destruction as Russia targets the region.\u201d\n\u201cUkraine has a diverse internet infrastructure with few choke points\u2014which means it\u2019s difficult to switch off the country, and there\u2019s no centralized kill switch,\u201d Alp Toker, founder and director of NetBlocks told the Guardian. \u201cIf an invading nation desired to switch off Ukraine\u2019s internet, this would really be a matter of physically entering internet exchange points and data centers and taking over that infrastructure. And it certainly can\u2019t be done remotely by severing a connection with, say, Russia.\u201d\nBut that is exactly the kind of concern many experts are worried about as Russian military forces destroy infrastructure or take other major cities. They may decide controlling the internet in a more tightly might be the way to go, experts say.\nThat was the sentiment echoed by US senator Mark Warner, D-Va who is also chair of the Senate Intelligence Committee. \u201cDo I expect Russia to up its game on cyber? Absolutely, \u201d he said in a Washington Post interview.\nIn addition, he said he thinks Russian President Vladimir Putin miscalculated Ukrainian technological capabilities. \u201cI think he felt like he could use his, in a sense, B team to try to take down some of the Ukrainian networks, saving his A team and the tools\u2011\u2011because once you put a cyber tool out there and it\u2019s discovered, it\u2019s hard to be reused\u2011\u2011he didn\u2019t have to move to that A team within Ukraine,\u201d Warner told the Post.\n\u201cHe\u2019s been proven wrong, and again, one of the most remarkable things is that the internet is still up. And these imagines that Ukrainians are taking of the Russian atrocious actions is being released to the world. So should we see, expect more? Absolutely,\u201d Warner stated.\nIn the face of that threat, Mykhailo Fedorov, Vice Prime Minister of Ukraine and Minister of Digital Transformation, has been drumming up high-tech internet allies.\nThis week he asked the Internet Corporation for Assigned Names and Numbers (ICANN) to shut down Russian internet domain names, a request that was denied by the organization.\n\u201cIn our role as the technical coordinator of unique identifiers for the Internet, we take actions to ensure that the workings of the Internet are not politicized, and we have no sanction-levying authority,\u201d ICANN stated.\nOn Feb. 26 Fedorov called for broad help fighting Russian cyber attacks. \u201cWe are creating an IT army. We need digital talents. All operational tasks will be given here: https:\/\/t.me\/itarmyofurraine. There will be tasks for everyone. We continue to fight on the cyber front. The first task is on the channel for cyber specialists,\u201d he Tweeted.\nIt was in response to a request from Fedorov that SpaceX CEO Elon Musk turned on the company\u2019s Starlink satellite service in Ukraine.\nSo far it is unclear how many Starlink terminals\u2014which require a Wi-Fi router, relative proximity to a ground station, and a small dish pointed at a clear sky\u2014could be made available to the general Ukrainian populace overall, but such equipment could find its way to political or military leaders who might have an immediate strategic need for communications.\nThere are challenges of course. March 2, Fedorov, tweeted: \u201cWith Russian attacks on our infra, we need generators to keep Starlinks & life-saving services online\u2014ideas?\u201d\nMusk replied: \u201cUpdating software to reduce peak power consumption, so Starlink can be powered from car cigarette lighter. Mobile roaming enabled, so phased array antenna can maintain signal while on moving vehicle.\u201d\nMore recently Fedorov called on Apple to stop selling goods to Russia saying \u201cWe need your support\u2014in 2022, modern technology is perhaps the best answer to the tanks, multiple rocket launchers, and missiles.\u201d Apple did stop sales in Russia this week. Other tech companies such as SAP, Oracle, Google and Microsoft have scaled back or stopped operations in Russia in response to the war.\n\u201cAs the conflict has continue we have seen actors of varying skill levels deploying a wide range of threats inside Ukraine that hint at potential future implications,\u201d Cisco Talos wrote in a blog about security issues in Ukraine.\n\u201cFor example, we have observed malware samples designed to avoid executing against Ukrainian targets, suggesting that they may be intended for deployment elsewhere in the region or globally. This underscores the unpredictable nature of the current threat environment and the difficulty in predicting what entities or geographic areas may be targeted next,\u201d Talos researchers stated.