June 21, 2017
By Sergey Sukhankin

On June 14, during the first international Global Cybersecurity Summit, in Kyiv, the secretary of the Ukrainian National Security and Defense Council, Oleksandr Turchynov, stated that “Ukraine has become a playground for the testing of the most up-to-date cyber techniques” by the Russian Federation (, June 14). Earlier, also commenting on Russian aggression against Ukraine, Maroš Kirňák, the director of the cybersecurity program at the Slovak Security Policy Institute, said, “Russia plays a very important role in Central and Eastern Europe, which is reflected in the source of attacks leveled against the region (, June 7). It took Europe seven years—from the 2007 cyberattacks against Estonia, to the war in Ukraine that began in early 2014—to fully recognize the extent of this threat. However, since then, European countries have taken a wide array of responses to counter such dangers in the cyber domain.

Over the past year, the most powerful European Union member state, Germany, has created a foundation for the creation of “cyber troops” under the umbrella of the Bundeswehr. It is expected to be composed of 13,500 military and civilian personnel and tasked with both defensive and offensive functions (, January 15). This move was largely provoked by the skyrocketing number of cyberattacks leveled against the country. In April, Minister of Defense Ursula von der Leyen claimed that “the Bundeswehr has to deal with at least 4,500 cyberattacks on a daily basis” (Deutsche Welle—Russian service, April 14). Aside from boosting financial expenditures for cybersecurity by 27.5 million euros ($30.6 million), Germany is planning to create new institutions (such as the Cyber Innovation Hub) and special structures (the so-called “cyber reserve”—a think tank tasked with collecting cybersecurity information for the Bundeswehr).

Finland has displayed particular decisiveness in how it plans to deal with the Russian cyber threat. In Helsinki, the authorities established the European Center of Excellence for Countering Hybrid Threats (ECE-CHT), an institution supported by the North Atlantic Treaty Organization (NATO) whose tasks will include providing warnings about potential cyberattacks against critical infrastructure, the government, as well as defense and national security structures (, April 11). Meanwhile, Finland’s Cyber Security Strategy for 2017–2020 underscores cyber espionage, disinformation, and hacker attacks against companies, individuals and the state as main matters of concern (, May 9).

The Baltic States, too, have intensified their activities in developing cyber/information security capabilities. Estonia (deemed to be one of the leaders in the EU in terms of the development of its Information Society) has prioritized cooperation with the other Baltic States and countries of Northern Europe as a response to growing information and cyber threats. This is reflected in its Cyber Security Strategy 2014–2017, whose drafting was influenced by the events in Ukraine. Estonia is committed to the modernization of the largest European “cyber-polygon,” which is to be used for training NATO forces and coordinating Alliance activities in countering cyber threats (, January 24). Lithuania, on the other hand, has created a Center for Cyber Security, which is to coordinate the protection of critical IT infrastructure in the country. Whereas, Latvia adopted the Strategy on Cyber Security for 2014–2018, which puts special emphasis on defending against attacks by Russian “trolls” in the online informational space (, June 8). Also in response to developments in Ukraine, the Latvian Parliament (Seim) has criminalized “hybrid and information warfare” (, March 3, 2016). Poland, meanwhile, is experiencing growing apprehension about the possibility of coming under cyberterrorism attacks by non-state actors. Leszek Tasiemski, who serves as the vice president of the Rapid Detection Center at the IT security company F-Secure, noted a necessity of urgent reforms in Poland’s cybersecurity sector (Polskie Radio, May 28).

At this point three main aspects should be underscored. First, many European countries have acknowledged that information and cyber security are inseparable from the security of the state. Second, institution-building has entered a new phase. New structures are being placed under the umbrella of national armed forces and similar agencies—this trend once again underscores a growing recognition of the vitality of information/cyber domains. Third, NATO is steadily becoming a common platform that unites and coordinates the efforts of European countries. In this regard, the Alliance may be increasingly likely today to invoke Article 5 if one or several member states are targeted by a cyberattack that threatens critical military or civilian infrastructure (, May 31).

This being said, perhaps the most impressive advancements in information/cyber security over the past several years were achieved by Ukraine. Though practically defenseless in this domain during 2013–2014, today the country has been able to organize “cyber troops” of its own and introduced an extremely controversial ban on Russian social networks and IT products reportedly employed by Moscow for both intelligence-gathering and cyberwarfare purposes (see EDM, June 7, 15). An exclusive interview with one of the members of Ukraine’s “cyber troops,” which ran last fall in the Ukrainian site, reveals that the structure has grown to 3,000 individuals and has managed to achieve some serious results within a brief interim (, September 25, 2016). Possibly even more importantly, with NATO’s support, Ukraine is currently working on creating a single national cyber security center that will coordinate the activities in this domain of all key ministries and agencies, ranging from the National Security and Defense Council to the Department of Cyber Police to Ukroboronprom, Ukraine’s defense-industry concern (Interfax, April 5).

Finally, some key challenges should be mentioned:

1. Generally, Europe has not developed a clear understanding of Russia’s interpretation of the concept of “information confrontation” (“informatsionnoye protivoborstvo”). The emphasis is made on either “cyber” or “information” aspects, while for Moscow these are purposely blurred (see EDM, May 11).

2. Russian influence in Europe remains significant. Pro-Russian trolls routinely spread disinformation and harass investigative journalists/activists who attempt to disclose Moscow’s activities in Europe

3. Many European experts continue to express hesitancy in directly blaming Russia for cyberattacks on their societies, citing supposed “lack of proof.”

4. As a non-NATO frontline state that is directly targeted by Russian information/cyber aggression, Ukraine has to deal with Moscow on its own, even though this is an arduous task.

If these limitations are not dealt with quickly and in a decisive manner, Europe risks facing even greater challenges. Worsening economic conditions in Russia are likely to push Moscow to undertake even more aggressive steps. In this regard, European hesitance and indecisiveness could be construed in the Kremlin as a sign of weakness, inviting further attacks in the coming months and years.