This is the first in a multi-part series.
As Russian tanks began rolling and bombs started falling in Ukraine in February 2022, Europe bore witness to the largest conflict on European soil since World War II. But Russia’s invasion hasn’t been limited to traditional physical operations; it’s also marked the start of the first all-out cyberwar.
It is important for the West to quickly study the lessons learned so far from this cyberwar between Russia and Ukraine. Additionally, it is crucial to help the Ukrainians expand their capabilities on the cyber front, just as military assistance is needed on the physical battlefield.
By applying these lessons, the West can strengthen its cyber defenses and better prepare allies, such as Taiwan, for future cyber conflicts.
As the world became digitized and the Kremlin grew in its revisionist ambitions, Russia began using cyberattacks as a new tool to achieve its political aims. Starting in Estonia in 2007 to punish the country for what it deemed anti-Russia behavior, Russia then waged cyberattacks against Georgia to accompany its physical attack on the country.
It used Ukraine as a testing ground for cyber weapons before ultimately beginning the first all-out cyberwar against the country.
While Ukraine survived many of the most devastating attacks on critical infrastructure, the cyberwar between Israel and Iran has also shown the extremes that these attacks can take, such as the cyberattack on Iran’s nuclear power plant.
While a successful coalition of Western governments and technology companies has played a vital role in keeping Ukraine’s cyber defenses resilient, the reality is, much as it is on the physical battlefield: Without offensive support, Ukraine is limited in its ability to match and overwhelm Russian attacks.
At the start of the invasion, Russia attempted to knock out vital communication systems for the Ukrainian military with an attack on Viasat satellites, marking its most damaging attack of the war so far on Ukraine’s telecom provider, Kyivstar.
The intensity of the Russian cyberattacks has grown as the war drags on and Ukraine should arguably be better armed to degrade Russia’s offensive cyber capabilities. Destroying the enemy’s ability to wage war is a key principle in warfare, whether conventional or cyber.
Cyber capability support is important because this is the first war with integrated cyber and physical strikes on the battlefield. There are many lessons to be learned for future wars. While Russia has not integrated the two types of strikes well, Ukraine should be given more opportunities to execute properly with Western backing.
If the West fails to properly support Ukraine in this cyberwar, it will also undermine its own ability to fight on future battlefields. It will undermine the West’s investment in conventional armaments if physical operations are not supported by cyber capabilities.
What happens on the cyber front isn’t related merely to Ukraine and Russia, but has a direct impact on the West because Russia has already been waging hybrid warfare for years.
As cyber remains a gray area, Russia will continue to increase its attacks on the West, especially as the world becomes ever more digitally dependent. Thus, reinforcing Ukraine’s cyber capabilities not only addresses immediate threats but also strategically curbs Russia’s capabilities.
It is in the interests of the West to help give Ukraine the cyber weaponry that is needed to achieve the West’s security interests. This includes sharing with Ukraine, before public disclosure, information on zero-day vulnerabilities – known to Western technology firms and intelligence agencies.
A zero-day vulnerability is a software security flaw that can be exploited by attackers before the developer has had a chance to create and release a patch or fix, leaving users vulnerable and unprotected.
Such intelligence-sharing would enable Ukraine to strategically target Russia’s economic and infrastructural capacities, undermining its war efforts. Governments in the West should carefully assess the risks and, where suitable, contemplate supplying intelligence to Ukraine.
Moreover, as Western tech companies increasingly withdraw from Russia, the opportunity for action will expand. Russia will be compelled to rely more heavily on its internal technology resources, thereby reducing the potential for collateral damage to the West from exploiting vulnerabilities in Russian systems.
Giving Ukraine the right vulnerabilities to exploit will also provide the West with opportunities to study what is most effective in cyberwar and to improve the West’s own cyber defenses.
Finally, assisting Ukraine’s cyber defense will help to begin defining for NATO cyber red lines, which do not currently exist as Russia continues to push the boundaries and attack critical infrastructure.
If Ukraine can effectively wage larger-scale cyber campaigns against Russia with Western support, it will serve to deter other nation-states such as China, Iran and North Korea from launching devastating cyberattacks in the future.
David Kirichenko is a Ukrainian-American security engineer and freelance journalist. Since Russia’s full-scale invasion of Ukraine in 2022 he has taken a civilian activist role.
This article and others to follow are excerpted, with kind permission, from a report he presented to the UK Parliament on February 20 on behalf of the Henry Jackson Society.