Future of Digital Security

Technology, Warfare, and Russia’s Invasion of Ukraine: IST’s Anniversary Assessment

By Alice Hunt FriendSophia Mauro on February 24, 2023

One year ago today, Russian ground and air forces invaded Ukraine with the goal of annexing the country. In the year since, Russia and Ukraine have engaged in a conflict that has implications for cyber applications in military contexts, nuclear deterrence, crisis communications, and disinformation. Though this conflict, with its tank columns and artillery, may appear to be a throwback to twentieth century confrontations, it is also an incubator for the future of international conflict. The technology tools Russia and Ukraine are using in combat today–and the very different ways in which the two countries are using them–will shape patterns of coercion across the spectrum of diplomacy and conflict tomorrow and beyond.

Prompted by the one-year anniversary of Russia’s invasion, the Institute for Security and Technology took stock of the major tech trends the war in Ukraine has revealed, accelerated, and even redirected. Among them: 

  • The reach and impact of cyber tools in military contexts
  • The relationship between traditional nuclear deterrence and “non-escalatory” technologies 
  • The disruption of governments’ monopoly over drone deployments with plentiful, low-cost, commercial platforms 
  • The resilience of savvy populations to disinformation tactics
  • The cooperation between public and private sector actors 

Across these trends, a common theme stands out: the skills of the user define the utility of the tool. The Ukrainian government, with help from its partners, is simply better at using modern technologies than Moscow. The savvy uses of these tools have allowed Ukraine (and its Western sponsors) to circumvent Russia’s nuclear deterrent. They have mounted cyber defenses and adapted commercial drones to the contemporary battlefield. Meanwhile, for all its pre-war talk about its military build-up and the specter of its cyber prowess, Russia’s own efforts have stalled or fizzled outright. Merely having high tech tools is not enough if a combatant doesn’t use them well.

As we approach the one-year anniversary of the conflict, we sat down with a few of IST’s cyber and nuclear specialists and asked them to reflect on these trends and what they might mean for the future. The major lesson the ISTeam is taking away from the conflict so far? Don’t overdetermine tech trends on the basis of a single case. As the discussion of cyber tools shows, the match between Russia and Ukraine is not necessarily a good proxy for peer competition. Different conflicts will involve different combatants with another range of strengths, weaknesses, and friends. Western observers in particular should take care when applying lessons from this war elsewhere.

Cyberwar | Nuclear Weapons | Digital Disinformation | IST Ukraine Content


What has the war in Ukraine revealed about the impact of cyber tools on strategic success?

Elizabeth Vish: We did not see the “cyberwarmageddon” that some commentators had predicted, but from the beginning of the war, cyber attacks against Ukrainian targets have been constant and substantial, including as part of the pre-invasion hostilities. I think we can assume that from now on, cyber tools will be significant in the run up to war, and also very important early in a war. But the Russo-Ukrainian war also suggests cyber wanes in importance as kinetic operations escalate.

Although the kinetic invasion was a shock, the cyber effects operations perpetrated during this conflict are best seen as a continuation of the pre-war effort. Remember that Ukraine has been under cyber attack from Russia for nearly a decade, with NotPetya as potentially the high water mark in terms of destructive effects. Many of the things imagined under the scenario of cyberwar–power plants shut down, government agencies’ networks locked, deleted or destroyed data–have been perpetrated by Russian actors onto Ukrainian entities at least as early as 2014.  The two operations officially attributed by the United States and partners during the war–the attacks against Viasat and the Sandworm Botnet–are just two examples of dozens identified publicly over the past year.

Are there any cyber tools that are particularly impactful in the war? Conversely, are there any surprisingly unimportant cyber capabilities? 

Megan Stifel: I see public-private partnerships as having been critical to Ukrainian war efforts. For example, at IST’s Securing Data Flows event that I moderated last October, AWS panelist Anitha Ibrahim provided a particularly illuminating example. She explained that only a week before the invasion, the Ukrainian parliament passed a law allowing its data to be moved from physical, in-country servers to the cloud. This example, as well as other efforts undertaken under the umbrella of cyber defense assistance were instrumental in limiting the digital effects of Russian attacks and those of Russian-aligned proxies. Public-private partnerships, whether in a conflict zone or outside an area of hostilities, must be coordinated to be effective. The cyber defense assistance undertaken in the context of this conflict has evolved the trust necessary to effectively and efficiently coordinate at this moment. Next, these stakeholders need to build the methodology and strategies for scale.

What should be our main cyber lesson from the first year of the Russo-Ukrainian war?

Elizabeth Vish: My takeaway is that we can draw lessons for specific types of war, but that we should avoid drawing generalizations from this war and applying them to war between equally matched powers. What happens when governments are actively using bullets and bombs is very different from the stealth threat to civilian and military systems across the globe. Just because there wasn’t a “cyberwarmageddon” this time around, doesn’t mean that network defenders should get complacent.


What’s the role of nuclear weapons in this war? 

Sylvia Mishra: Russia invaded Ukraine under the shadow of nuclear weapons. Throughout the crisis, President Putin openly engaged in nuclear saber rattling. Russia also conducted military drills with nuclear submarines and mobile land based missiles. President Putin repeatedly used nuclear blackmail to deter the United States and NATO from directly intervening in the crisis. Russia’s nuclear threats did not result in Ukraine backing down, nor did the West discontinue its military assistance. 
But the risks of nuclear escalation have not lessened. Ahead of the first anniversary of the invasion, Russia announced that it will halt participation in the New START nuclear arms treaty. This suspension comes after Russia had previously halted mutual inspections of nuclear weapons sites and participation in the bilateral consultative commission with the U.S. Russia’s suspension of participation from the treaty undermines the nonproliferation and arms control regime. It is a severe blow to the virtually non-existent mutual trust between the West and Russia, and increases the importance of advancing nuclear risk reduction measures and enhancing crisis communication.

How useful have traditional crisis communications links between Russia and western capitals been? Have the hotlines been used or useful?

Sylvia Mishra: The crisis communication line created between the militaries of the U.S. and Russia has been useful; it was reportedly used once to avert crisis escalation in Eastern Europe. When a missile landed in Poland, a NATO member state, U.S. officials are said to have initiated a call through the ‘deconfliction’ line to get clarification on Russian military actions. 

In my view, effective, secure, and timely communication between U.S. and Russian officials has proved useful in preventing a miscalculation that can spark military escalation. Encouragingly, the U.S. and Russia continue to maintain several channels of communication to discuss and engage in critical security issues. There are reports of White House national security adviser Jake Sullivan and CIA Director Bill Burns also maintaining contact with Russian officials during the Ukraine crisis. 

As the Ukraine crisis moves into the second year, it is worth noting that while several NATO members have bilateral hotlines with Russia, there are no multilateral crisis communications active today. With hostilities and mutual mistrust at an all-time high, the West, Russia, and other nuclear armed countries will need to figure a way to engage with each other. There must be communication channels that act to deter a nuclear exchange – whether deliberate or accidental.

What should be our main lesson in nuclear deterrence from the first year of the Russo-Ukrainian war?

Philip Reiner: I think we can hark back to the notion of an “acceptable” conflict space created through the existence of a nuclear deterrent, the stability-instability paradox unfolding before our very eyes. What has been impressed upon me by how this conflict has unfolded is how nuclear weapons are here to stay: Russia successfully used their nuclear weapons to deter the West from stopping the invasion. The West has used their nuclear weapons to deter Russia from advancing against NATO, but also to an extent to deter Russian direct action against western military support to Ukraine. Unfortunately, the Ukraine conflict points to a future of likely expanding nuclear proliferation and the increased salience of nuclear weapons rather than a decreased reliance. This is yet another example of how Putin’s folly in Ukraine has made the rest of the world less stable and secure for years if not generations to come.


IST has worked on digital tools and disinformation in Ukraine specifically. What can Ukrainians and those who support them do to communicate safely in a contested information environment?

Sophia Mauro: One of the primary tactics of the Russian propaganda machine is disinformation, disseminated via video, photos, and information. As we engage with news and content about the war online, one of the most powerful things we can do is remain vigilant against disinformation. In Towards A Safer Ukrainian Media Ecosystem and Civil Society: How OSINT Can Help, released by IST in partnership with the Atlantic Council Digital Forensic Research Lab, authors Natalia Antonova, Roman Osadchuk, and Lukas Andriukatis offered tangible, accessible methods to combat this threat. 

They outline ways to identify and debunk propaganda using open source tools. For example, when watching a YouTube video about the war, you can determine the source, capture screen grabs of video footage and reverse image search to find their origin, or use a plugin to estimate the video’s reach and metrics. If receiving information about the war via Telegram, the authors suggest ways to analyze channels, track similar messaging across channels, and monitor lists of channels tied to Russian propaganda efforts. 

Moscow has bombarded Ukrainians and Russians alike with disinformation. Most Ukrainians appear resilient to Russian narratives, but has this disinformation campaign worked inside Russia?

Sage Miller: Russian disinformation has been far more effective inside Russia than outside. The Kremlin has spent years perfecting a whole-of-government approach which bombards its citizens with constant overt and covert disinformation. Narratives that have gained traction include those accusing Ukrainians of being Nazis, as well as Ukraine and the West at large of being “Russophobic.” The Russian Internet Research Agency and other government disinformation sources have also deflected from accusations of war crimes by reintroducing news articles about U.S. war crimes into its domestic media ecosystem. With the war in Ukraine stalling, the Kremlin is escalating its domestic disinformation campaigns, which continue to be startlingly effective against its own citizens.


IST has addressed Ukraine across our portfolio of projects: