In early May, the State Department announced a doubling to $10 million of U.S. assistance to Ukraine for the strengthening of its cyber defenses. The increased funding is an important signal that the U.S. stands with Kyiv as it faces a sustained and evolving cyber threat from Russia, yet addressing the ceaseless barrage of cyber attacks from Moscow will take more than the added funding.
Currently, Ukraine serves as the proving grounds for Russian offensive cyber capabilities. Moscow’s efforts have ranged from conducting information operations during its annexation of Crimea in 2014, to destructive cyber attacks on Ukrainian critical infrastructure in 2016, to the spreading of NotPetya malware in 2017. As a result, Russia has advanced its cyber capabilities while stretching the U.S. and NATO’s ability to respond. It is clear that if the U.S. fails to address the Russian cyber threat abroad, Russian cyber activities in the United States may progress from network intrusions and information operations to more destructive cyber attacks.
The U.S. could help Kyiv’s efforts to counter the Russian cyber threat by supporting and encouraging Ukraine’s membership in NATO’s Cooperative Cyber Defence Centre of Excellence (CCDCOE) based in Tallinn, Estonia. The Centre, best known for its annual live-fire cyber exercise Locked Shields, is open to non-member partners of NATO. Ukraine is currently a NATO partner country and its participation in the Centre would follow the precedent set by Austria, Finland, and Sweden. NATO previously established a Cyber Defence Trust Fund for Ukraine to help Kyiv develop technical capabilities to counter cyber threats. While the trust fund demonstrates a clear commitment to improving Ukraine’s security, history has demonstrated that Ukraine needs more assistance to be able to defend against an active cyber threat.
Joining the CCDCOE would greatly improve Ukraine’s ability to train and respond to modern malware threats. In addition to the benefits of collaborating and learning from other CCDCOE members, Ukraine would also have the opportunity to participate in Locked Shields and other Centre sponsored trainings and conferences. Participating in CCDCOE exercises would provide Ukraine the opportunity to test its current cybersecurity strategy and response plan, identify areas where that strategy has failed, and work with CCDCOE partners on best practices for strengthening its cyber defenses, all in a simulated environment.
The U.S. should pursue increasing bilateral and multilateral support to ensure Ukraine can contain and roll back Moscow’s continuing cyber offensive. Russia’s use of Ukraine as a proving ground also enables the Kremlin to test American red lines and the international community’s readiness to respond to escalating cyber attacks. If the lesson that Moscow learns is that it can undertake increasingly actions with impunity, then cyber escalations in Ukraine likely will not stop there.
Trevor Logan is a cyber research associate at FDD’s Cyber-Enabled Economic Warfare Project, and Boris Zilberman is deputy director of congressional relations and a Russia analyst at FDD. Follow them on Twitter @TrevorLoganFDD and @rolltidebmz.
Follow the Foundation for Defense of Democracies on Twitter @FDD. FDD is a Washington-based, nonpartisan research institute focusing on national security and foreign policy.