Following the annexation of Crimea and the outbreak of military tensions in the Donbas in 2014, a decade-long cyber confrontation has been ongoing between Russia, Ukraine and the West, with Russian-backed hackers unleashing some of the most destructive cyberattacks in history. There was widespread apprehension that the Russian invasion of Ukraine in February 2022 would lead to a new wave of major cyberattacks. Although cybersecurity has certainly played a key role in the Ukraine war, this has not unfolded in the way many had expected.
From an internal perspective, while Russian hackers launched multiple cyber assaults against Ukraine since February, these have mostly consisted in medium to low-scale attacks involving spying, psychological disruption and ‘hybrid warfare’, which combines targeted cyberattacks with kinetic military strikes on the ground. From an external perspective, cyberattacks on Ukraine have resulted in limited spillover into Europe. Instead, Moscow has amplified its cyber espionage and disinformation campaigns against the West, attempting to sow internal disunity.
Remarkable cyber resilience on the part of Ukraine has been a decisive factor, with Kyiv learning from past mistakes. Europe and the West have provided extensive support to Ukraine through the transfer of IT equipment, software and the provision of training/expertise. Real-time cyber intervention from European and US cyber agencies, along with private sector assistance, have been crucial. Due to the initial expectation of a short war, Moscow poorly prepared its cyber offensive against Ukraine; crippling Western economic sanctions, together with a brain drain of Russian IT experts, have also played a role. Fear of cyber retaliation from NATO or of major cyberattacks inadvertently leading to direct military confrontation, have led to a ‘cyber-MAD’ or ‘cyber Cold War’ stand-off between Russia and the West, at least for the time being.
Yet, the danger of cyber escalation should not be underestimated, especially if Russian military operations on the ground are unsuccessful and the Kremlin deems itself cornered. The risk of misunderstanding is exacerbated by the involvement of a global coalition of hackers led by ‘Anonymous’, which launched a sustained campaign of cyberattacks against Russia. Hence, Europe must not let its guard down and should accelerate cyber assistance to Ukraine through existing tools like ‘Cyber Rapid Response Teams’, and by developing new ones such as civilian cyber operations. The EU also needs to do more to tackle disinformation while reinforcing its policies and legislation on cybersecurity, especially in terms of addressing the issue of weak links stemming from differentiated norms across Member States.
MENTIONS LÉGALES Edition du site
Le site www.institutdelors.eu est un site édité par l’Institut Jacques Delors. L’Institut Jacques Delors est une association loi 1901 dont le siège social est à Paris (75009) au 18, rue de Londres. L’association est représentée par son directeur, Sébastien Maillard. Les propos et textes édités sur ce site n’engagent que la responsabilité de leur auteur. Directeur de la publication : Sébastien Maillard. Présidents : Enrico Letta, Pascal Lamy, Jacques Delors. Propriété intellectuelle
L’ensemble de ce site relève de la législation française et internationale sur le droit d’auteur et la propriété intellectuelle. Tous les droits de reproductions sont réservés, y compris les représentations iconographiques et photographiques. Données personnelles
Se référer à notre politique de confidentialité. Modification du site
L’équipe éditoriale se réserve le droit de modifier ou de corriger le contenu de ce site et de ces mentions légales à tout moment et ceci sans préavis. Hébergeur
Le site www.institutdelors est hébergé par la société OVH, SAS au capital de 10 069 020 € RCS Lille Métropole 424 761 419 00045. Code APE 2620Z N° TVA : FR 22 424 761 419. Siège social : 2 rue Kellermann – 59100 Roubaix – France. Directeur de la publication : Octave KLABA.