Ukraine says Russia is coordinating missile strikes, cyberattacks and information operations
Researchers associated with the Ukrainian government on Tuesday confirmed that Russia has coordinated kinetic strikes and cyberattacks to inflict damage on government offices, public service organizations, media companies and communication centers.
In a study titled “Comprehensive Analysis of Russian Warfare Dimensions,” researchers from Ukraine’s Economic Security Council and the independent communication agency Truman said Russia coordinated these activities with psychological operations — also known as PSYOPs — to confuse its targets.
For example, researchers said that Russia hit Ukraine’s energy infrastructure with a series of cyberattacks in late 2022 before launching massive missile strikes. At the same time, Moscow launched a propaganda campaign aimed at shifting responsibility for the nationwide power outages caused by these attacks onto the Ukrainian government, state authorities and private energy companies.
Similarly, the shelling of the city of Lviv in western Ukraine on May 13 was accompanied by a cyberattack on City Hall, while the massive missile strike on Ukraine’s civilian infrastructure on June 20 was accompanied by a cyberattack on Ukraine’s critical infrastructure facilities.
The findings follow a report from Microsoft in December which found possible coordination of kinetic strikes and cyberattacks, though the Ukrainian government was reluctant to speak publicly on the topic at the time.
Such coordination is widespread, although “it is not an absolute constant rule,” the research said.
Cyberattacks have typically been used by Russia to weaken Ukraine and its ability to counter conventional operations, as well as to cut access to information to the civilian population. They also have been used to spread panic, and to undermine trust in the local authorities and international organizations that help Ukraine.
Powerful cyberattacks can also “compensate” for conventional warfare failures, the researchers said. A top cybersecurity official in Ukraine told The Record that as soon as Ukrainian forces liberate occupied cities, Russian hackers hit their already damaged infrastructure with cyberattacks.
Similarly, the researchers noted a possible connection between Russia’s defeats near Kyiv in March and subsequent cyberattacks on telecom infrastructure in the region.
The study found that the priorities of Russian hackers have changed after a year at war. In the first month of the invasion, cyberattacks were directed against the Ukrainian military and government, but now they are mostly aimed at the civilian population. This is also true for missile attacks, the researchers said, highlighting that they have been destroying Ukraine’s energy and telecom infrastructure, as well as residential buildings, for the past several months, leaving millions of people without heat, light, water and shelter.
And although the concept of hybrid warfare — which combines different types of attacks — is not new, Ukraine claims that the world has not learned how to properly respond to it.
Ukraine has already proposed several initiatives to change the way the world looks at wartime hacking. For example, it has pushed to equate cyberattacks on civilian infrastructure with war crimes, and has proposed the creation of a “Cyber United Nations” — a single global organization to help prepare for future attacks.
Ukrainian researchers also suggested expanding the legal interpretation of aggression, adapting the countries’ military doctrines to modern challenges, and limiting the access of authoritarian regimes to modern tech by strengthening sanctions.
“It is commonly believed that cyber-attacks are the weapon of the future,” the research said. “However, the war in Ukraine proved that this future is already here, so defense doctrines and international laws must adapt quickly.”