Pentagon Cyber Policy Cites Learnings from Ukraine War

Written by

The Pentagon’s strategy for proactive disruption of malicious activity has been influenced by the unfolding events in Ukraine, according to a classified document sent to Congress.

The US Department of Defense’s 2023 DoD Cyber Strategy is not immediately available to view, but a fact sheet summarized some of the key points for public consumption.

“Since 2018, the department has conducted a number of significant cyberspace operations through its policy of defending forward, actively disrupting malicious cyber activity before it can affect the US Homeland,” it noted.

“This strategy is further informed by Russia’s 2022 invasion of Ukraine, which has demonstrated how cyber capabilities may be used in large-scale conventional conflict.”

Read more on Russian cyber operations in Ukraine: Russian Hackers Use Western Networks to Attack Ukraine.

The Pentagon claimed these experiences have largely shaped its current approach to cyber, in which it will drive:

  • Integrated deterrence, which combines cyber operations with “other instruments of national power”
  • Activities that fall below the threshold for armed conflict, in order to “frustrate” adversaries
  • Continued commitments to international allies and partners

Russia’s invasion of Ukraine saw an unprecedented blurring of the lines between conventional conflict and cyber-warfare, with online operations often used ahead of kinetic attacks.

Just two months in, Microsoft claimed that at least six Russian state-aligned actors launched 237 campaigns against Ukrainian targets, including destructive attacks, espionage and misinformation campaigns.

Cyber-threats have also spilled out of the immediate region to hit critical infrastructure organizations in other countries. One report claimed UK financial services firms had seen an 81% increase in attacks since the start of the war.

Unsurprisingly, the DoD report lists China, Russia, North Korea and Iran as its chief state adversaries. Also mentioned are “violent extremist organizations” and international criminal organizations.

Editorial image credit: Casimiro PT /

What’s hot on Infosecurity Magazine?