Cyber Warfare Lessons From the Russia-Ukraine Conflict

Cyber Warfare Lessons From the Russia-Ukraine Conflict

The Russia-Ukraine war has taught us a lot about cyber warfare. After all, it’s the first time ever that a world-class cyber power is simultaneously engaged in a kinetic war. But before we can fully grasp the lessons that have surfaced over the past year, we first have to understand what role cyber plays as part of active kinetic warfare, as well as the criteria that determines its effectiveness.

Breaking Down Cyber in Warfare

The main roles of cyber in warfare include: 1) espionage, 2) sabotage, 3) propaganda, and 4) disruptions usually caused by distributed denial-of-service (DDoS) attacks targeting government, electrical, and economic/financial institutions. I believe cyber warfare is two parts information warfare using cyber tactics and techniques and one part cyber warfare with actual destruction.

Cyberattacks with strategic or military implications can include the manipulation of software, data, knowledge, and opinion to degrade performance and produce political or psychological effects. Introducing uncertainty into the minds of opposing commanders or political leaders is a calculatable military objective. Manipulating public opinion to damage an opponent’s legitimacy and authority in both domestic and international audiences also is valuable. Some actions may provide only symbolic effect aimed at a domestic audience, but this too is valuable for a nation at war.

So, how can we judge the effectiveness of cyber warfare attacks? My more than two decades of experience serving as an FBI agent taught me that the criteria for success in deploying cyber offensive tactics lies across five areas:

Cyber Warfare in the Russia-Ukraine Conflict

Russia has largely been cited as an “aggressor” in its conflict with Ukraine. But it is important to remember that because cyber knows no boundaries, any country or hacktivist group can join the battle with impunity — it is one of the ways cyber is fundamentally different from traditional warfare, and a dynamic that both sides have benefited from and been victimized by.

Russia holds a broad definitional concept of information warfare, which includes intelligence, counterintelligence, deceit, disinformation, electronic warfare, debilitation of communications, degradation of navigation support, psychological pressure, degradation of information systems, and propaganda.

As used by the Russian military, cyber power is a key facet of hybrid warfare and is an important enabler in the Russian political strategy to oppose NATO’s expansion and cohesion. Cyberattacks can be targeted specifically toward and with the purpose of eliminating key networks but also can be used as a tool to intensify the fog of war by sowing confusion within command-and-control networks. If local political and military leaders can’t get ahead of and develop an accurate estimate of quickly developing events, critical hours or even days can be gained with which an adversary can create facts on the ground that cannot easily be reversed. As part of its military campaign, Russia used myriad cyberattacks against computers in Kyiv, Poland, the European Parliament, and the European Commission prior to rolling tanks across the Ukraine border.

Here are just a few examples of cyber warfare tactics used in the Russia-Ukraine conflict:

Even though Russia is considered one of the most dangerous cyber-nation-state actors, the use of cyber warfare tactics against Ukraine leading up to and currently during their one-year-old unprovoked war shows that offensive cyber techniques, when used as a separate warfighting domain, does not necessarily offer magic solutions and miraculous shortcuts to achieving strategic military goals. Similar to when the Russian Army deployed cyberattacks against Georgia in 2008 and Syria after that armed conflict, when the Russia-Ukraine war ends, we will have another example for history to judge the effectiveness of Russian cyber-enabled warfare.

Lessons Learned So Far

Cyber warfare is real, and it is playing out in various theaters across the world — some visible, as in the Russia-Ukraine conflict, and others behind-the-scenes. There will be many lessons learned from these actions, but here are a few takeaways we have so far:

There is no question that cyber power is being wielded as a strategic weapon alongside the use of kinetic force in the Russia-Ukraine conflict. And cyber warfare allows power and force to be democratized and sold on the Dark Web, available to anyone with technical skills — irrespective of borders, authorities, or affiliations. Because of this, we must start to think ahead of the threat and develop strategies to respond to these challenges at scale.