How Ukraine Has Resisted Russia's Cyber Offensive

These companies have provided expertise, resources, and sometimes direct assistance in securing Ukraine's digital infrastructure. Anti-DDoS assistance provided by companies like Cloudflare and Google was crucial for keeping much of Ukraine's infrastructure up and running against the onslaught of Russian distributed-denial-of-service attacks.

Companies like Amazon and Microsoft helped move Ukrainian governmental operations and data into the cloud and, as a result, minimized the impact from both kinetic and cyber wiper attacks from Russia. Georgii Dubynski, Ukraine's deputy minister for digital transformation, believes that Ukraine's partnerships with private entities in the West have played a crucial role in its cyber defense and resilience.

Nick Beecroft from the Carnegie Endowment highlighted that:

As a result, over 10 million gigabytes of Ukrainian Government and economic data were saved by taking it out of Ukraine and putting it into the cloud.

Ukraine's deputy prime minister and minister of digital transformation Mykhailo Fedorov even stated that Amazon Web Services“made one of the biggest contributions to Ukraine's victory by providing the Ukrainian government with access and resources for migrating to the cloud and securing critical information.”

Microsoft will continue to offer cloud services to Ukrainian Government institutions, including the military, schools, universities and hospitals, free of charge through 2024, according to Fedorov.

This extension is part of the US$540 million in free services, technical support, equipment and grants provided by Microsoft to Ukraine. Beyond financial savings for the state budget, this support has been crucial in digitizing Ukraine's government and protecting key government information from being destroyed or lost in Russian attacks.

As a result of being a strong supporter of Ukraine, providing extensive support for its cyber defense, Microsoft itself has been a target of Russian cyberattacks. Microsoft recently announced that the Russian state-sponsored hacker group Nobelium, known for the sophisticated SolarWinds attack, targeted its corporate systems. The company reported that Nobelium accessed the email accounts of some senior leadership team members late last year.

Western investment into Ukraine's cyber defenses since 2014 has helped Ukraine withstand Russian attacks. Western countries have provided Ukraine with advanced technological tools and infrastructure to strengthen its cybersecurity.

This has included sophisticated software for detecting and mitigating cyber threats, hardware to bolster network security, and platforms for enhanced monitoring and analysis of cyber activities, with companies like Microsoft providing threat intelligence data to Ukraine.

A significant factor in Russia's failed cyber offensive was its underestimation of Ukraine's cyber defense capabilities. Western support and investments in Ukraine's cyber infrastructure since 2014 have significantly bolstered its defenses.

Russian cyberattacks didn't fail outright. Rather, nearly 10 years of cyber war and significant Western investment, including public-private partnerships, have helped forge a strong defense.

Therefore, Ukraine's ability to respond quickly to and mitigate the effects of Russian cyberattacks has diminished the impact these attacks might have had. David Luber, deputy cybersecurity director at the US National Security Agency (NSA), in commenting on the strategy of defending forward, highlighted that:

Protecting Ukraine's networks also protects Western networks. Since 2014, the United States has significantly contributed to enhancing Ukraine's energy security, providing over $160 million in technical assistance.

This collaboration saw the US Department of Energy working closely with the Ukrainian Government to fortify the resilience of Ukraine's energy infrastructure and improve national response strategies, particularly in the wake of cyberattacks targeting the country's electric grid.

These efforts led to a marked reduction in the effectiveness of Russian cyberattacks, which had previously caused considerable damage following Russia's initial invasion of Ukraine in 2014.

By 2022, thanks to these strengthened defenses, Ukraine's energy infrastructure remained robust against the cyber threats. As a result, Russia resorted to the use of cruise missiles and drones in an attempt to disrupt and destroy Ukraine's power grid.

Russia has failed to successfully integrate cyber and conventional attacks on the battlefield. One of the primary issues was the apparent lack of synchronization between Russia's cyber operations and its ground forces.

Effective integration requires that cyberattacks be timed and targeted to complement and enhance the effectiveness of physical military actions. But while Moscow aimed to utilize cyberattacks to gather intelligence in Ukraine,“Russian brutality and incompetence” reduced their ability to take advantage of the intelligence,” according to a Carnegie Endowment study .

Russia's inadequate preparation to create coordinated strikes on critical targets provides lessons on what not to do in cyber war. Cyberattacks, says a CSIS study , are most effective“when combined with other weapons, including conventional delivery systems, precision-guided munitions, unmanned aerial vehicles, and electronic warfare. This combination can cripple command networks and advanced weapons systems and contribute to the attrition of opposing forces.”

With Western support, defense has proven to be king in the cyber war between Russia and Ukraine. Russia's cyber war against Ukraine has faced a robust global response, with countries and international organizations providing to Ukraine extensive cybersecurity assistance that has helped the country thwart Russia's offensive.

Microsoft President Brad Smith believes that the Russia-Ukraine cyber war has showed that“a new form of collective defense” has“proven stronger than offensive cyber capabilities.”

Ukraine's cyber defense has relied on a coalition of partners supporting its defense, including governments, private companies and NGOs, versus Russia as a major cyber power.

Sign up for one of our free newsletters

• The Daily ReportStart your day right with Asia Times' top stories
• AT Weekly ReportA weekly roundup of Asia Times' most-read stories

Private companies predominantly own and manage the world's computer code, equipment and network infrastructure, and they invest heavily in network surveillance to ensure those are kept running. Simultaneously, academic institutions, governments and nonprofit organizations diligently seek out software bugs, providing regular updates to these companies about any shortcomings or vulnerabilities they discover.

As a result, there are robust ecosystems in place to assist with cyber defense – even more so in Ukraine's case, where Western governments and private companies have bolstered its defense. Developing a sophisticated cyber weapon can take years, but it can take seconds to delete the code that hosts the vulnerability.

David Kirichenko
is a Ukrainian-American security engineer and freelance journalist. Since Russia's full-scale invasion of Ukraine in 2022 he has taken a civilian
activist role .

This is the seventh and final part of a series,“Lessons from the first cyberwar.'”Read part one , part two , part three , part four , part five and part six . These articles are excerpted, with kind permission, from a report the author presented at the UK Parliament on February 20 on behalf of the Henry Jackson Society. The original report includes extensive footnoting to show the sourcing of facts and quotations.