The invasion of Ukraine shows why we must be serious about building Europe’s digital shield. Cybersecurity must no longer be seen as a secondary concern. It is essential that we use all available tools and resources to protect ourselves.
Russia invaded Ukraine in February 2022, but the war had begun many years earlier. Since at least 2014, there has been an almost constant barrage of cyber-attacks on Ukrainian critical infrastructure.
One example is the ‘NotPetya’ ransomware attack of 2017, which resulted in over 2000 attacks across the world. Microsoft Defender Security Research estimated that the vast majority of infections hit Ukraine. One of the major targets was the National Bank of Ukraine, as well as government ministries, transport systems and, worryingly, the Chernobyl radiation monitoring system.
As well as destabilising Ukraine, the collateral damage was huge. According to Wired, the White House put the final figure on the damage at $10 billion. Both the UK and US attributed the attacks to the Russian security services, and the EU levied sanctions against individuals in Russia suspected to be involved.
As we have now seen, cyberwarfare can outride traditional warfare. By breaking into the ICT systems of ministries, hospitals, media outlets and other critical infrastructure, cyber-attacks can grind government business to a halt, disrupt vital supplies and sow confusion.
European NATO leaders should urgently increase funding to 3% and dedicate at least 1% of spending to emerging and disruptive technologies (EDTs)”
It is no surprise therefore that malicious cyber-attacks have skyrocketed following the Russian invasion of Ukraine. ESET has identified several new strains of malware, which they have called IsaacWiper and HermeticWizard, and they have even found evidence that a cyberattack had preceded the start of the Russian invasion of Ukraine by a few hours.
So how prepared are European governments today for a potential cyber or military attack?
Unfortunately, numbers show that over the past few years, there has been little political will among European NATO members to contribute to common defence efforts. The US spends more than all of the other 29 NATO members combined. In 2020, it's estimated that the US defence contribution reached over 3.7% of GDP, while the average for NATO’s European members (and Canada) was stalling at 1.77% of GDP, below the 2% of GDP commitment made by all defence ministers back in 2006.
With the current devastating war underway in Ukraine and the imminent Russian threats to the rest of Europe, European NATO leaders should urgently increase funding to 3% and dedicate at least 1% of spending to emerging and disruptive technologies (EDTs).
EDTs such as artificial intelligence, quantum technology and robotics are set to have a tremendous impact on cyber-defence and to revolutionise future military strategies and operations. It is vital that the EU and its NATO allies stay at the forefront of technological advances.
As NATO’s Deputy Director General Mircea Geoană said at our Masters of Digital event back in February:’ “In the 70's, 80% of innovation was produced by governments. Now the ratio has been reversed, today about 90% of security and defence innovation comes from the private sector.”
As cyberwarfare is worryingly becoming more devastating, from political destabilisation to wreaking havoc on energy infrastructure to misinformation, NATO and the EU need to urgently bolster their cooperation to create a more resilient cybersecurity ecosystem based on digital innovation.
Beyond the importance of political will and financial investment, it is equally vital to close the gap in the cybersecurity workforce. According to the latest count, Europe’s shortage of cybersecurity professionals has increased, reaching over 200,000 needed specialists in 2021. In the context of a devastating pandemic and a devasting war, the need for more cybersecurity professionals is expected to outpace available talent.
EDTs such as artificial intelligence, quantum technology and robotics are set to have a tremendous impact on cyber-defence and to revolutionise future military strategies and operations”
The EU should redouble skilling efforts through existing programmes such as the Digital Europe Programme and Horizon Europe. Students and especially young girls and women should be highly encouraged to pursue a career in this field as disappointingly women make up only 20% of the cybersecurity workforce.
Finally, the EU and the US need to harness their collaboration on cybersecurity through the EU-US Trade and Technology Council (TTC). Today, more than ever, regulatory alignment on policies such as the Artificial Intelligence Act is of a paramount importance. As part of our key priorities recommendations for the upcoming TTC meeting, we have called on both allies to initiate a dialogue on mutual recognition of cybersecurity certification regimes.
The Russian invasion of Ukraine has been a wake-up call to all political leaders that collective security should be taken seriously in peace as much as in war. Today, digital technologies are not simply components of security systems; they are at the very heart of these systems. We must ensure that digital innovation is the cornerstone of any European defence shield.
This article reflects the views of the author and not the views of The Parliament Magazine or of the Dods Group