Cyber companies’ aid to Ukraine is vital, report says, but the efforts also have limitations

Ukraine’s response to Russian aggression in cyberspace largely depends on international assistance that was organized in wartime, and a report released Thursday says the “ad hoc” effort offers lessons for the future. 

Much of the cybersecurity aid has been delivered through initiatives such as the Cyber Defense Assistance Collaborative (CDAC), a volunteer group drawn from Western cybersecurity companies and organizations that aims to provide intelligence, technology, training, advisory, and other services to Ukrainian institutions.

CDAC’s involvement has helped many Ukrainian organizations mitigate the effects of cyberattacks, but it has also shown that cyberdefense assistance has its limitations, according to the report published by the Aspen Institute, a policy and education nonprofit.

“In short, CDAC and others providing assistance could achieve more through greater investment in hubs to coordinate activity, full-time management of assistance projects, and deeper contact between leaders and operators on both sides,” the institute says.

Most of CDAC’s efforts lacked long-term vision and coordination, and were mostly organized on the fly — either in the immediate run-up to the conflict or in the midst of the war, the report notes.

More specifically, the report says “CDAC has not yet developed the ability to collect, combine, and assess information on the cyber conflict in Ukraine.” The authors suggest “borrowing from an Institute of War initiative that fuses public information in order to make transparent, trusted assessments of the conflict in the Ukraine.”

Recorded Future, the parent company of The Record, is one of the cyber companies assisting the Ukrainian government.

A report published Thursday by Google cybersecurity experts drew attention to the intensity of the cyber conflict, highlighting the activities of several Russia-linked hacking groups and noting spikes in attacks since the war’s beginning about a year ago.

The ability to provide cyberdefense assistance will be important in the future, the Aspen Institute report says, so other countries should study Ukraine’s successes and mistakes.

“Lessons learned from the ad hoc conduct of cyber defense assistance in Ukraine can be institutionalized and scaled to provide new approaches and tools for preventing and managing cyber conflicts going forward,” the report says.

Establishing early connections

Connecting cyber aid providers with organizations in Ukraine was not easy. What helped is that the country had relationships with CDAC participants prior to the invasion — they worked with the Ukrainian government for several years to establish Ukraine’s national cyber strategy and response program.

Established relationships helped build trust that allowed it to rapidly communicate requests from Ukrainian organizations to those companies that could provide this assistance, according to the report.

To strengthen these relationships, the Aspen report recommends initiating joint cyber projects between assistance providers and recipients, with an emphasis on understanding the recipient’s culture, language and management approaches.

Setting expectations

Finding cyberdefense assistance for Ukraine was relatively easy as many countries were willing to help.

But as the war progressed, the Ukrainians were asking for more than CDAC could effectively provide. That’s why it’s important to identify the needs of the recipient, determine the capabilities of aid providers and set expectations at the beginning of the cooperation.

“Assistance recipients need to know exactly what they can and cannot expect in terms of support,” the report said.

In the case of Ukraine, the CDAC only agreed to provide defensive tech, so Ukraine knew it needed to find other sources of assistance for offensive operations.

Get more insights with the
Recorded Future
Intelligence Cloud.
Learn more.
No previous article
No new articles

Daryna Antoniuk

Daryna Antoniuk is a freelance reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.