Scholars
Publications
In The News
Events
Research
Explore SAIS
Scholars
In The News
Events
Research
Explore SAIS

The B.I.P.R. site uses cookies and similar technologies.
By clicking the "Accept" button, or continuing to use our website, you are agreeing to our Privacy Policy and Terms of Service, including our cookie policy.

Accept
Refuse


BIPR | Support for Ukraine's Cybersecurity Will Increase
Global Risk Series

Support for Ukraine's Cybersecurity Will Increase


Albrecht Von Campenhausen, M.A.I.R. 2025

Support for Ukraine's Cybersecurity Will Increase

With Ukraine being the prime target of Russian cyberattacks, western countries are bolstering Ukraine's cyber defense capabilities to reduce the risk of financial data breaches, fraud, and operational disruptions within its territory and beyond.

In 2023, the UK alone doubled cybersecurity support for Ukraine to 25 million GBP. Such efforts set a precedent for stronger global cyber defense and more investment in related technology.

Analysis

The UK's commitment to fund Ukraine's cybersecurity resilience is a response to the growing number of Russian cyberattacks on Ukrainian government, military, and civilian infrastructures. Russia's cyberattacks on Western military and civilian infrastructures have also expanded in scope, volume, and targets. Thus far, Russia has been ill-prepared for Ukrainian resistance and has been unable to fully deploy its arsenal of cyber capabilities. However, Russian cyber operation preparations and the recent usage of destructive malware against Ukraine indicate a new stage in the escalating conflict.

Shifts in Russian Cyber Tactics

Russian destructive cyber operations are unprecedented in scope and volume. Moscow's goal is to further destabilize Ukraine and disrupt the country's functionality on and off the battlefield. The incorporation of cyberattacks in military operations increases overall damage and highlights Russia's increasing focus on cyberwarfare. Over 2,000 cyberattacks targeted Ukrainian organizations in 2022. Over 400 of them affected civilian sectors such as financial services, energy, and telecommunications. This indicates a shift from military to civilian targets in cyber warfare. Since the invasion, ransomware attacks on the Ukrainian financial sector increased by 64%, nearly doubling compared to 2021. Financial institutions suffered over 550 data breaches, with over 250 million leaked records by December 2022. Average payout costs for ransomware attacks surged to 1.6 million USD in 2023, compared to 272,000 USD in 2022. Data breaches cost the financial sector an average of 5.9 million USD. Russia continues to conduct cyberattacks on government/military command centers, emergency services, and other critical infrastructure.

Escalation of Russian Cyberattacks on Global Critical Infrastructure

Russia will further escalate cyberattacks on critical infrastructure beyond Ukraine's borders. Since the invasion, Russian cyberattacks have increased by 300%, targeting NATO countries' critical infrastructure. The New York Department of Financial Services and the US Cybersecurity Infrastructure Agency (CISA) have warned institutions vital for critical infrastructure to be vigilant against cyber threats. In 2017, destructive malware attacks by the most advanced hacker group within the Russian military, "Sandworm," quickly spread across Europe and the US and severely disrupted global commerce. The attack caused more than 10 billion USD in damages, affecting shipping giants like Maersk.

Impact of Cyberattacks

Russia uses four types of cyberattacks against Ukraine:

  • destructive attacks to cause irreversible data or system damage;
  • disruptive attacks, such as Denial of Service, to disrupt operations and services;
  • data weaponization is used for espionage and intelligence purposes; and
  • disinformation campaigns spread Russian propaganda

In the financial sector, attacks disrupt operations, compromise sensitive data, and incur financial costs and reputational damages. They emphasize the need for advanced cybersecurity measures and continuous risk management.

Cybersecurity Support Record

To enhance Ukraine's cybersecurity amid escalating cyber threats, Western allies have bolstered defense across several fronts. The following directly impact the financial sector:
  1. Network Defense: The EU's Cyber Rapid Response Team and the US Cyber Command's "Hunt Forward" teams help protect financial networks against cyber intrusions. They augment the security and safeguard continuity of financial operations and services. This is complemented by UK and USAID-funded private sector security services by Cisco, Microsoft, Google, and Sophos.
  2. Threat Intelligence Support: The FBI and CISA help to fortify financial institutions' security frameworks and protect clients' financial data from cyber threats. These agencies share classified information, such as adversary tactics, with Ukraine.
  3. Capacity Building: Joint training initiatives and Ukraine's inclusion in NATO's Cooperative Cyber Defence Centre of Excellence reinforce the cybersecurity infrastructure within which financial institutions operate.
  4. Hardware Enhancement: SpaceX's Starlink satellite ensures the resilience of financial transactions. It facilitates access to financial services even in disrupted areas.
  5. Cloud-Enabled Resilience: Private companies like Amazon, Google, and Microsoft assist in migrating data and services to secure cloud platforms. This safeguards critical financial data from cyber and physical threats. It ensures continuous financial service availability and safeguards client information.

Western Allies Prioritize Ukraine's Cybersecurity Support

Support agreements with Ukraine are on the rise. Western allies acknowledge Russia's escalating cyberattack efforts. In November 2023, the EU's Agency for Cybersecurity (ENISA) signed a working agreement with Ukraine to improve cyber capacity, share best practices and improve situational awareness. By the end of 2023, the UK had increased funding for Ukraine's cybersecurity capacity building program to 25 million GBP. PM Rishi Sunak urged private sector companies to join these efforts. Norway and the Netherlands are planning to join. Italy will sign a bilateral agreement after Germany, France, and the UK announced similar agreements to help Ukraine resist Russia's hybrid warfare.

Conclusion

The expansion of cybersecurity support to Ukraine signals the acknowledgement of the interconnectedness of global security in cyberspace. Institutions operating in critical infrastructures are particularly subject to cyberattacks. Operating under strict regulation, they must now reassess their cybersecurity strategies and anticipate regulatory change. These will require greater investments in cybersecurity measures.



Albrecht von Campenhausen is a Master of Arts in International Relations candidate at JHU-SAIS. His research interests are security and statecraft with a focus on technology and cybersecurity. Prior to SAIS, Albrecht worked in Geopolitical Risk in Berlin.

More Blog Posts
Colombia is No Closer to Peace Deal
Apr 26
Amelia Thoreson
M.A.I.R. 2025
Violence in Haiti Will Increase in 2024
Apr 26
Delaney Zambrano
Diploma 2024
ECOWAS Exodus Threatens Europe's Energy Security
Apr 12
Eleonora Lucia Cammarano
M.A.I.A. 2025
Labour Will Form the Next British Government
Apr 05
Xavier Tham
M.A.I.R. 2024
Italy-Africa Plan Will Require Collaboration to Succeed
Apr 05
Nassim Ali Ahmad
M.A.I.R. 2025
Sino-Japanese Tensions Will Escalate in the East China Sea
Mar 21
Ray Bowling
M.A.G.R. 2024
Blog Home



About BIPR
Research Affiliation
Funded Projects
Follow BIPR

© BIPR, all rights reserved - Bologna Institute for Policy Research - via Andreatta 3, 40126, Bologna, Italy