Cybersecurity in the Shadow of War: Lessons from Ukraine and the Future of Conflict

You are here:
In Data Center Two Military Men Work with Open Server Rack Cabinet. One Holds Military Edition Laptop.

Cybersecurity in the Context of Modern Warfare

Source – BBC “Why Russia is trying to capture eastern Ukraine”

How crucial is cybersecurity in the Russian-Ukrainian war? How does it affect the Irish Government and other Western Countries’ Cybersecurity Policies? The conflict in Ukraine has deep historical roots. Since Russian troops invaded Crimea in 2014, Ukraine has faced ongoing challenges, including a full-scale invasion in 2022. Despite the impact of military and strategic operations, digital aspects have played an even more crucial role. As the conflict escalated, cyber-operations and social media have increasingly become decisive tools of war.

1. Cybersecurity Vulnerabilities in a War Zone

Russia’s cyber attacks have targeted a wide range of Ukrainian organisations, including government agencies, media outlets, and civilian infrastructures such as water and electricity. Examples of Russian cyber techniques are:

  • Worm malware: Self-replicating malicious software that spreads across computer networks, often exploiting vulnerabilities to gain unauthorised access and control over systems.
  • Denial of Service (DoS): Attacks aimed at making a machine or network resource unavailable to its intended users by overwhelming it with a flood of illegitimate requests, causing it to crash or become unresponsive.
  • Malicious content: Harmful files, links, or scripts embedded in websites, emails, or other digital content intended to exploit vulnerabilities and compromise systems or steal sensitive information.
  • Backdoor attacks: Unauthorised access points left open by attackers in a system’s security measures, allowing them to bypass normal authentication and gain privileged access to systems or data.
  • Spam: Unsolicited or unwanted emails sent in bulk, often containing advertisements, phishing attempts, or malware, designed to deceive recipients or disrupt systems.
  • Distributed Denial of Service (DDoS) assaults: Coordinated attacks involving multiple compromised devices or systems, inundating a target server or network with a massive volume of traffic, rendering it inaccessible to legitimate users.
Russia/Ukraine Cybersecurity warfare map
Source – “Ukraine Cyber War with Natural Language Processing: Perspectives and Challenges”

Cyber attacks have made safeguarding personal information for the Ukrainian Government increasingly challenging. The outdatedness of Ukrainian data protection laws stresses the urgency of new data legislation to face new challenges by Russian aggression, prioritising privacy over corporate interests and promoting responsible handling of personal data. 

A concrete way of protecting clouds and networks is implementing firewalls, keeping software and backups updated, spreading digital literacy, and enhancing disinformation countermeasures. Both parties use social media platforms such as TikTok, YouTube, Twitter, and Facebook to manipulate public opinion. Although most social media platforms have taken steps to remove Russian disinformation, Telegram is an exception, seeing that its Russian co-founder has not taken actions to limit Russian fake news.

2. The Role of Cyber Defence and Resilience

The Ukrainian Government has adopted a proactive approach to strengthen cyber defences and mitigate cyber threats. It has established a robust legal framework by developing national cybersecurity strategies, fostering international partnerships, addressing challenges for cyber resilience and enhancing cybersecurity governance. The private sector has also made similar efforts, releasing detailed reports on Russian cyber tactics against Ukraine, leveraging their vast cyber threat data to show understandable insights. 

On an international level, Ukraine has been boosting its cybersecurity capabilities and resilience against Russian aggression thanks to security agreements with the English, German, French and Danish institutions. Also, pro bono institutions such as The Cyber Defense Assistance Collaborative (CDAC) and major American companies like Microsoft, Google, Amazon, and the European ESET have provided substantial support in intelligence sharing, technology assistance and cyber defence collaborations.  

Cyber attackers have recently favoured DDoS attacks (75%) against companies and governments. This systematic harassment often has a low impact on data integrity, but its main effect is to create tension and instability among cybersecurity teams and pressure on government agencies. In fact, their goal is not to have a significant operational impact but to destabilise and intimidate countries and companies supporting Ukraine.

3. The Effect on Ukraine’s Population

EU regulations govern the use of data collected from refugees. Nevertheless, challenges remain in ensuring transparency and adherence to standards, especially at international borders. Removing specific measures could lead to risks, including cyberattacks targeting aid organisations. To address these challenges, the Ukrainian Ministry of Digital Transformation has expanded its services during the ongoing conflict, including streamlined military assistance, financial aid for affected regions and support for displaced individuals. Digital tools like eVorog and satellite internet technology are being leveraged to aid communication and provide essential services.

Russian cyberattacks significantly impacted the mental health of Ukrainians by employing hybrid tactics to weaken their psychological resilience. These attacks target civilian infrastructure, exacerbating stress due to displacement and separation, leading to conditions like depression and insomnia.

Mental health support, alongside digital resilience, is crucial for Ukrainians’ overall well-being during the conflict. That is why Ukraine addresses mental health throughout cyberattacks, creating the ‘How are you’ project, supported by the EU, which allows Ukraine to remain resilient. 

The conflict has underscored differences in digital proficiency across age groups. Ongoing efforts to narrow this gap stress the need for a people-centred approach to digital inclusion. For example, Miranda-Media is pivotal in strategic initiatives in areas like Kherson and Mariupol, where censorship and surveillance worsen pre-existing issues. Platforms like Diia assist displaced Ukrainians, but those with limited digital skills or specific eligibility criteria still need help accessing essential resources.

Before the War

Accurate representation of Ukraine’s population in 2021, before Russia launched a military invasion of Ukraine in a steep escalation of the Russian/Ukrainian War.

After the War

Estimated population of Ukraine in 2023. The population dips significantly from about 43.5 million to 36.7 million. This is due to the over 6 million Ukrainian refugees fleeing their homes and the estimated 100,000 casualties due to the war.

The Future of Cyber Warfare and Lessons Learned

Ukraine has become a testing ground for defensive and offensive cyber tactics due to its extensive experience dealing with cyber threats. The country’s international support and national cybersecurity framework can guide other nations to build solid cybersecurity infrastructures and address shared security challenges. Ukraine’s National Qualification Agency has approved 14 new cybersecurity professional standards, marking the culmination of a process that can shape future cybersecurity norms. In particular, the Irish Government could benefit from Ukraine’s vast knowledge to enhance its data protection policy and cybersecurity strategy.

A robust cybersecurity infrastructure is essential to rebuilding Ukraine’s economy and ensuring trust in digital systems. To this end, national cybersecurity strategies, professional standards, workforce development initiatives, international collaborations, and a focus on cyber resilience building must be implemented. 

Not only has the conflict impacted Russia and Ukraine, but it has also reshaped global cybersecurity policies and intensified cyber conflicts involving both state and non-state actors. This has pushed nations to invest in more robust cyber defence measures, foster partnerships, prompt cyber diplomacy efforts and adopt proactive strategies to face evolving cyber threats.

Case Studies

There is no clear dividing line between “cyber warfare” and “cyber crime”. This is particularly true concerning alleged acts of cyber aggression originating from Russia. Ukrainian cybersecurity officials revealed that Russian hackers infiltrated Kyivstar’s system, causing widespread disruption for millions of users for several days. The attack, described as “disastrous,” aimed to inflict psychological damage and gather intelligence data. It resulted in the destruction of thousands of virtual servers and PCs, disrupting vital services and prompting users to seek alternative SIM cards. 

Russian cybercrime is mainly perpetrated by private hacker groups, with allegations of state protection for these criminals. Russia’s public-private partnership model has contributed to its role as a major hub for aggressive cyber attacks and crime. Private hacker networks receive protection, while military hacking projects often operate alongside private attacks, providing the Kremlin with plausible deniability.

“The Sandworm” Military Unit is regarded as the primary government actor in Russia’s cyber operations. Accused of engaging in cyber attacks since 2014, Sandworm is likely affiliated with the recent attack on Ukraine’s telecommunications infrastructure, although specific relationships are challenging to pin down.

Ukraine has effectively defended against Russian cyberattacks, not due to weak Russian cyber warfare, but because Ukraine took the threat seriously after the 2014 losses of Crimea and Eastern Donbas. Ukraine spent eight years preparing for a comprehensive Russian attack, both in cyberspace and on the ground, with substantial assistance from the US and Europe.

The approach involved US cyber defenders operating on allied networks before a crisis rather than providing distant advice. US Cyber Command trained Ukrainian troops, collaborated closely on defence strategies, and shared threat intelligence to protect not only Ukraine but also NATO, other allies, and the US.

The ViaSat hack, considered one of Russia’s most significant cyber war successes, occurred on the first day of the invasion. It disrupted communications for the Ukrainian military, police, and intelligence services and affected 5,800 wind turbines in Germany and other users across Europe. SpaceX’s Starlink system, however, provided rapid assistance, adapting to Russian attacks with remarkable agility. However, the hack resulted in lasting damage, as thousands of modems had to be physically replaced due to being “bricked” by the attack.

Collaboration between the Government and private sector is crucial, considering that over ninety per cent of Western Countries’ cyber infrastructure is privately owned and operated. Waiting until a crisis arises is not an option, as the threat rapidly evolves and grows. Therefore, it’s essential to tackle this issue now to prevent potential long-term consequences and ensure cyber resilience.

Share the Post:

Subscribe to Our Newsletter