WASHINGTON — After watching Ukraine take on Russia in both the real world and in cyberspace, a top American cyber official said the Defense Department must “think very differently” about how it will fight in both realms in the future.
Mieke Eoyang, deputy assistant secretary of defense for cyber policy, told the Aspen Institute Cyber Summit today that the war “is a really important conflict” for DoD to understand, and one of the things she’s seeing “is the context of the armed conflict dwarfs the cyber impacts” of the war.
“When you think about the physical destruction relative to the cyber disruption of what happens here, things that Russians tried to disrupt via cyber… did not have the strategic impact that they wanted, and they sought to destroy those things physically,” she continued.
Still, Eoyang said DoD is now thinking about cyber operations in the context of armed conflict in four ways:
- Making sure government-to-government communications and networks are secure, shown in how DoD’s communications with Ukraine have helped enable its defense and intelligence sharing.
- The importance of secure communications within the military, like how Ukraine’s military has been able to share information with forward commanders.
- In the informational space, thinking about what it means for Ukrainian citizens to be able to communicate with the world and tell their stories through social media platforms like TikTok, Twitter and Facebook, which “has denied Russian the information environment that they want to prosecute this conflict.”
- The inherent value in ensuring “essential” government functions. “As you look at attempts to destroy the kind of essential data that makes a country a country…such as passport records, birth records, property records…What do governments need to be able to continue to operate its essential function?” Eoyang said.
“As we think about that in the Department of Defense, those first two things are things that we have a lot of expertise in and can help countries deal with,” she said. “Some of those other things are new to us and are part of whole of government efforts. But I think that we have to think very differently about how we think about armed conflict and cyber in light of this conflict.”
Eoyang added one of the things that make the Ukraine conflict “different” is the “tremendous influence of non-state actors, both the private sector’s assistance to Ukraine, but also individuals who have, not wearing the uniform of any particular country, who are coming to the assistance of one side or another.”
One of those efforts includes the all-volunteer hacktivist group IT Army of Ukraine, established during the onset of the war Feb. 16 that has amassed over 200,000 subscribers on Telegram (though it’s unclear how many are actively engaged in cyber operations) to address attacks that targeted Ukrainian government and bank websites.
In pre-recorded remarks shown at the Billington Cybersecurity Summit in September, Ukraine’s Deputy Prime Minister and Minister for Digital Transformation Mykhailo Federov said the IT Army during the first three days of the war allegedly shut down a number of Russian websites and propaganda TV channels and on a weekly basis attacks a number of websites.
Prior to the invasion, Ukraine didn’t have an established cyber force like other countries, Georgii Dubsynskyi, Ukraine’s deputy minister of digital transformation, said at a panel during the summit. “Maybe it was our mistake, but we just decided to do that before the war,” he said.
Still, Russia underperformed on the cyber front, Eoyang said.
“I think we were expected much more significant impacts than what we saw,” she said. “And I think it’s safe to say that Russian cyber forces, as well as their traditional military forces, underperformed expectations.”