Private-sector action in wartime: lessons from Russia's invasion of Ukraine.
By Jason Cole, CyberWire staff writer.
Jun 14, 2023

Russia's invasion of Ukraine was conducted in all five domains, and private companies rendered important assistance to Kyiv in the fifth domain, cyberspace.

Private-sector action in wartime: lessons from Russia's invasion of Ukraine.

With the war in Ukraine people recognize the actions of Western countries as sending ammunition and machines of war, but what many don’t realize is that private industries have been just as instrumental to the defense of Ukraine as Governmental arms support. Yesterday, the R Street Institute held a conference to discuss the impact of private cyber security firms on the war in Ukraine. The panelists, varied by their profession, discussed the lessons learned and successes of various private business actions. 

The cybersecurity sector and its effect on the war in Ukraine.

Geoff Brown, Vice President of Global Intelligence Platforms at Recorded Future, explained that “[cyber] intelligence and incident response” volunteered by private businesses paved the way for governments to release technologies to Ukraine. Adding to this, Joanna Lahaie of the Department of State, said that private businesses outpaced the reaction times of the US government and their agility was crucial to the securing of some of Ukraine’s networks. 

There are many instances of private businesses assisting Ukraine in its fight, Microsoft’s work against FoxBlade, and Starlink’s persistent satellite internet infrastructure to name a few. But as Melanie Teplinsky, of American University Washington College of Law, remarked, Mandiant’s work to secure the networks of NaftoGaz, Ukrainian oil and natural gas supplier was particularly instructive. Mandiant found the malware they were looking for, and removed it, but the networks kept coming under attack. Eventually Mandiant realized that the Russians were plugging into the captured hardware of NaftoGaz and reuploading their malware. Ultimately, geographic cyber quarantine areas were established as the Russian soldiers moved through Ukraine capturing plants and stations. This showed the ability of a private business to find threats, neutralize them and continue searching for further intrusions. 

Lessons learned from public-private action during Russia’s war.

All the panelists nodded as Ms LaHaie explained that there needs to be a model to figure out how to bring the assets of the US government and private cybersecurity firms to bear to a conflict, as well as means established to train the receiving parties to operate on their own. She explained that not all governments can afford the services brought to them in a time of crisis, so the quicker the assisting parties can train the besieged parties the better. “Give a man a fish, and so on,” Mr. Brown added. Additionally, Mr. Brown advocated a non-compulsory framework for private businesses to cooperate and communicate in a time of crisis, so that no two companies are stepping on each other’s toes.