Policy paper 281
Cyberattacks in Russia’s hybrid war against Ukraine
AND ITS RAMIFICATIONS FOR EUROPE
Executive summary
- Following the annexation of Crimea and the outbreak of military tensions in the Donbas in 2014, a decade-long cyber confrontation has been ongoing between Russia, Ukraine and the West, with Russian-backed hackers unleashing some of the most destructive cyberattacks in history. There was widespread apprehension that the Russian invasion of Ukraine in February 2022 would lead to a new wave of major cyberattacks. Although cybersecurity has certainly played a key role in the Ukraine war, this has not unfolded in the way many had expected.
- From an internal perspective, while Russian hackers launched multiple cyber assaults against Ukraine since February, these have mostly consisted in medium to low-scale attacks involving spying, psychological disruption and ‘hybrid warfare’, which combines targeted cyberattacks with kinetic military strikes on the ground. From an external perspective, cyberattacks on Ukraine have resulted in limited spillover into Europe. Instead, Moscow has amplified its cyber espionage and disinformation campaigns against the West, attempting to sow internal disunity.
- Remarkable cyber resilience on the part of Ukraine has been a decisive factor, with Kyiv learning from past mistakes. Europe and the West have provided extensive support to Ukraine through the transfer of IT equipment, software and the provision of training/expertise. Real-time cyber intervention from European and US cyber agencies, along with private sector assistance, have been crucial. Due to the initial expectation of a short war, Moscow poorly prepared its cyber offensive against Ukraine; crippling Western economic sanctions, together with a brain drain of Russian IT experts, have also played a role. Fear of cyber retaliation from NATO or of major cyberattacks inadvertently leading to direct military confrontation, have led to a ‘cyber-MAD’ or ‘cyber Cold War’ stand-off between Russia and the West, at least for the time being.
- Yet, the danger of cyber escalation should not be underestimated, especially if Russian military operations on the ground are unsuccessful and the Kremlin deems itself cornered. The risk of misunderstanding is exacerbated by the involvement of a global coalition of hackers led by ‘Anonymous’, which launched a sustained campaign of cyberattacks against Russia. Hence, Europe must not let its guard down and should accelerate cyber assistance to Ukraine through existing tools like ‘Cyber Rapid Response Teams’, and by developing new ones such as civilian cyber operations. The EU also needs to do more to tackle disinformation while reinforcing its policies and legislation on cybersecurity, especially in terms of addressing the issue of weak links stemming from differentiated norms across Member States.
SUR LE MÊME THÈME
ON THE SAME THEME
PUBLICATIONS
Turbo-charging the EU’s defence industry and security posture
Blog post
16/04/2024 | Thierry Tardy |
Two years of war in Ukraine: What impact on the EU geopolitical strategy?
Brief
22/02/2024 | Cyrille Bret |
The Ukraine Facility
Infographic
13/12/2023 | Eulalia Rubio |
MÉDIAS
MEDIAS
OTAN-Russie : pourquoi parler de « nouvelle guerre froide » est une dangereuse illusion
Tribune
21/04/2024 | Cyrille Bret |
SOS pénurie d’obus made in Europe : l’économie de guerre, cette stratégie que les gouvernements de l’Union semblent incapables de comprendre
Interview
19/04/2024 | Sylvie Matelly |
Défense européenne : « Sommes-nous prêts à mourir ensemble sans les États-Unis ? »
Interview
19/04/2024 | Nicole Gnesotto |