Großbritannien ist auf Putins Cyberkrieg nicht vorbereitet. Aber ein europäisches Land hat die Antwort

Missiles, drones and tanks dominate the headlines when it comes to [Russia’s war against Ukraine](https://inews.co.uk/topic/russia-ukraine-war?srsltid=AfmBOoqn0ibOTZR5PYEoKdQH2onojvYYDlgll2LzzxN0gpGwihhL8q4R&ico=in-line_link). But there is a growing, borderless threat – and Britain is already on the front line.

Russia is targeting everything that keeps the UK functioning: hospitals, telecoms, companies and other vital components of critical national infrastructure (CNI). Airports, power plants, even the nuclear deterrent are all likely targets for [Moscow’s escalating cyber warfare campaign](https://inews.co.uk/news/russias-secret-hybrid-war-against-uk-escalating-how-we-know-4480987?srsltid=AfmBOoqL8MMeH6IfcjkmQlsFXW4-O6NZLr2es03WQLEaQRBXjYt9fbt8&ico=in-line_link).

In the past year, the UK’s CNI was hit by more than 200 major cyber incidents, and hostile states including [Russia](https://inews.co.uk/topic/russia?srsltid=AfmBOoofGLR0m3QR47oLFxoFem17w90o7jxSwCrguGslMM648SIUr2rM&ico=in-line_link) are now increasingly targeting the systems behind key services, according to Richard Horne, chief executive of the National Cyber Security Centre (NCSC), an arm of GCHQ. He warned in April that the UK could face “hacktivist attacks at scale” if it were dragged into a war.

Those 200 major attacks were more than double the year before, Dan Jarvis, the new Defence Secretary, said in April. “That number tells me the front line isn’t coming – it’s here,” he added.

From distributed denial-of-service attacks against UK local government in an attempt to [disrupt normal web traffic](https://inews.co.uk/news/world/putin-plans-target-uk-disrupting-daily-lives-4441300?ico=in-line_link), to GRU Unit 26165, a military cyber unit sanctioned for allegedly conducting hacking and leaking operations, Russian-backed groups have launched dozens of such attacks in recent years, and advances in AI will only increase that threat.

Blaise Metreweli, the head of MI6, said last year that as tensions with Russia rose, Britain was already caught in “a space between peace and war”, and developments in AI and quantum computing would help to rewrite the reality of conflict.

# Why Britain’s risky ‘legacy’ tech challenges its safety

Yet Britain isn’t ready, according to Ukraine’s cyber defenders, who are working around the clock to defend vital infrastructure that is under near-constant [cyber attack](https://inews.co.uk/news/technology/russia-cyber-warfare-failed-ukraine-threat-uk-2404924?srsltid=AfmBOooFGiLryTFoeyviA0XqQuxA6Ghblu4HeLwUzVwOQz2ffGqJx16g&ico=in-line_link).

Bureaucratic hurdles are hindering Britain’s ability to defend itself. A Public Accounts Committee (PAC) report warned last year that [there was a significant gap](https://inews.co.uk/news/uk-unprepared-vulnerable-russian-cyber-attacks-heres-why-3580126?srsltid=AfmBOor4Hbtd7Rl3Fv2OcAJx8uvDIlJgpJdreu4_Ee4U9IPr0pIIRAHb&ico=in-line_link) between cyber threats and the government’s response. “Alarmingly, the government estimates that [risky legacy IT systems](https://inews.co.uk/news/business/whitehall-gets-a-wake-up-call-as-government-it-systems-face-severe-cyber-threat-3506680?srsltid=AfmBOoq7kiJPzOvhSzzgIYEnOGP1p7TSSxJqDRTO5lURsKhV9qTxRlub&ico=in-line_link) make up 28 per cent of the public sector’s IT estate, and substantial gaps also still remain in its understanding of the estate’s resilience to attack,” it said.

Russia, on the other hand, faces no such hurdles, and continues to hone its cyber operations, directly applying lessons learned on the battlefield.

The UK can learn from the rapid innovation undertaken by the main target of Russia’s aggression. The pace of defence technology development in [Ukraine](https://inews.co.uk/topic/ukraine?srsltid=AfmBOoopOcGkNvGrMdfpqWYpYpouXKEwf4S9_SGx6rsRmrJafdgm1zG5&ico=in-line_link) is arguably unmatched by any other country. Ukraine’s cyber defenders have had to learn lessons fast, and they now want to share them with Britain and other allies.

Instead of testing new technologies in simulated environments, where failure of new technologies simply means going back to the drawing board, the stakes are immeasurably higher in Ukraine. The reality of unmanned aerial vehicle (UAV) [jamming tools](https://inews.co.uk/news/world/ukraine-drone-killing-interceptors-turning-tide-against-putin-4393440?srsltid=AfmBOooqqWOxesc93mGP9X8PriQxbnpNpO6EBtE2icM-U7CbrBktsYV-&ico=in-line_link) not working effectively on the battlefield can result in soldiers being killed or maimed by explosive Russian drones.

“Research and development cycles here are measured not in months or years, but in days. Our defence technologies are [born out of immediate necessity](https://inews.co.uk/news/world/ukraine-strongest-position-for-years-war-critical-phase-4422894?srsltid=AfmBOop0260HW55vIh4_gniUPlfhL3Yt1VNJ4ou4yahJcML9PGE5WdHT&ico=in-line_link) and shaped directly by battlefield realities,” says Andrii Hrytseniuk, CEO of BRAVE1, a platform created by Ukraine’s Ministry of Digital Transformation to develop innovative military technologies.

“This wartime innovation ecosystem is unique,” explains Hrytseniuk. “Unfortunately, it’s an experience Ukraine has gained at a tremendous human cost and it cannot be replicated under peacetime conditions.”

Hrytseniuk believes Brave1’s experience could prove vital for other countries to build more effective defence systems quickly. “What Europe can learn from Ukraine is how to build faster, more adaptive and user-driven defence solutions. While the context may differ, the mindset and approach are transferable. We could help Europe build more agile, resilient defence capabilities for the future,” he tells *The i Paper*.

# How Ukraine is winning the cyber race

At the start of the full-scale invasion in 2022, Oleg Naumenko, CEO at Kyiv-based cybersecurity firm Hideez, quickly realised the scale of damage Russia could inflict on critical infrastructure if the proper protection measures were not put in place.

“We started offering our services free of charge to help critical infrastructure providers secure access and protect their staff,” Naumenko tells *The i Paper*. “But it quickly became clear that the demand far exceeded what we could handle alone.”

There was no time for the normal long procurement cycles or planning meetings, with the invasion drastically reducing rollout schedules. “The biggest challenge was time,” he adds.

By partnering with Swedish cybersecurity company Yubico, creator of YubiKeys, USB-sized physical security devices that replace passwords with phishing-resistant logins, Hideez distributed more than 30,000 of these devices to Ukrainian public and energy sector organisations, as well as soldiers.

Even the most advanced cyber defences will be irrelevant if a soldier or high-ranking government official falls prey to sophisticated phishing attacks and inadvertently hands login information to a Russian hacker.

“In modern warfare, cyber defence is [not a secondary concern](https://inews.co.uk/news/world/survival-skills-cyber-security-how-nordic-nations-prepare-war-russia-3784969?srsltid=AfmBOorB973oDzbf3rgN3IGacrsebWS785f9nk0G1o_GgI6quCM59wPj&ico=in-line_link). Using passwords today is like defending yourself with weapons from the last century,” says Naumenko. “You need modern tools and the ability to deploy them at speed, even in chaos.”

In April, Britain’s NCSC backed up those comments, recommending that consumers drop passwords and adopt passkeys – a stored “digital stamp” for app and website logins – instead.

Before the invasion, many firms treated cybersecurity as a tick-box exercise, according to Andriy Varusha, co-founder & chief operating officer of Berezha Security Group (BSG), a Ukrainian cybersecurity firm. Focused on penetration testing, where a simulated cyber attack is performed on a system to identify security gaps, Varusha and his team used to see that only around half of businesses bothered to fix the issues found during these cyber audits.

Today, Varusha cannot recall the last time a company did not return for a retest to ensure its systems were protected from potential Russian [cyber threats](https://inews.co.uk/news/uk-risk-cyber-9-11-internet-wipe-out-3950820?srsltid=AfmBOopoU8WAIFYpdHS1vPLw0AMP4kDuhM_CNh6NpsEfzU2oekYkK0yN&ico=in-line_link). “Companies really care about their vulnerabilities; the perception of risk has absolutely changed,” he says.

BSG has also been inundated with requests from Ukrainian organisations of all sizes seeking guidance on how to train employees to resist social engineering attempts – which includes tricking people into giving out confidential information. “That’s one of the attacks that is very, very heavily used in the Ukrainian reality after the invasion. A lot of the attacks happen due to human behaviour and not actually technical vulnerabilities,” he says.

One of the most important lessons Varusha believes countries like the UK need to learn is to move away from housing all technology assets and staff [under one roof](https://inews.co.uk/news/politics/secret-camera-found-whitehall-reported-security-services-4463667?srsltid=AfmBOooo5HOMR6awpdLDqiW7xUavLAPx6qC5xuWC_Q6RmWaDgO6-LVIS&ico=in-line_link). He recalls speaking to representatives of foreign companies who were amazed at how Ukraine kept on working, despite being under regular attack.

“But the answer is decentralisation; it is resilience,” he explains. “If you depend on a centralised resource, in case of an extraordinary threat and the resource becomes unavailable, whether this is a server or a cloud, then you’re screwed.”