17.01.2023

Interview with Vadym Ledney, cyber warfare specialist of the General Staff of the Armed Forces of Ukraine

Vadym Ledney is a cyber warfare specialist of the General Staff of the Armed Forces of Ukraine.

“Cyber military” is a young phenomenon in the field of military affairs and in the world as a whole. Can you share the vision in Ukraine regarding the organization of cyber defence and the way  cyber warfare is conducted by the Armed Forces of Ukraine?

I agree with your statement that cyber forces (cyber military) is a young phenomenon in the army, but I believe that it is highly effective  and promising.

Historically, the Armed Forces of Ukraine began to deal with the issue of activities in cyberspace since 2010. At that time, the US had already created a cyber command as a separate type of its armed forces. And in Ukraine, the “Convention on Cybercrime” was ratified (Law of Ukraine dated September 7, 2005, No. 2824-IV.

Since 2010, the specialists of the Armed Forces of Ukraine in the field of cyber have been studying the experience of the armed forces of other countries in the creation of cyber forces (cyber troops).

The Law of Ukraine “About the Basic Principles of Providing Cyber Security of Ukraine” contains a definition of cyber defence.

Cyber defense – a set of political, economic, social, military, scientific, technical, informational, legal, organizational and other measures that are carried out in cyberspace and are aimed at providing the protection of the sovereignty and defense capability of the state, preventing the occurrence of armed conflict and repelling armed aggression;

Military aggression in cyberspace – implementation of systematic and large-scale actions against Ukraine in cyberspace by foreign states (groups of states), in particular with the involvement of cyber units of military formations, intelligence and special services, including the use of cyberweapons and other special means of influence in cyberspace (in particular, indirectly by concealing sources and their origin).

We consider the implementation of military cyber defence measures as the conduct of the Armed Forces of Ukraine and the components of cyber defence forces.

Cyber warfare – a set of mutually coordinated actions by designated troops (forces) in terms of purpose, tasks, place, and time, aimed at obtaining information about the enemy’s cyber infrastructure, destroying it with all types of weapons or capturing it (disabling it, gaining control), causing damage to it through cyber actions, conducting cyber operations and radio-electronic suppression, protectingone’s cyber infrastructure from cyber intelligence and cyber actions of the enemy.

As part of conducting cyber warfare, we consider the possibility of managing three separate areas: cyber intelligence (cyber reconnaissance), cyber influence, and cyber defence. The specified directions have different tasks, which are dictated by the national security needs of Ukraine.

Cyber intelligence should be engaged in:

  • Intelligence of national security threats in cyberspace;
  • Obtaining intelligence information in the interests of the government and the Ministry of Defence of Ukraine through cyberspace;
  • Obtaining intelligence information in the interests of the Armed Forces through cyberspace;
  • Searching and assessing the vulnerabilities of the enemy’s ITC and critical elements of its infrastructure (cyber infrastructure);

At the same time, the forward-looking Command of Cyber Forces (troops) of the Armed Forces of Ukraine carries out a constant exchange of information with subjects of the intelligence community dealing with cyber intelligence issues.

The sphere of attention of cyber influence is suitable for:

  • Preparation and conducting of strategic offensive cyber operations (Offensive Cyberspace Operations (OCO));
  • Support at the operational level of  cyber operations;
  • Development of cyber influence tools, cyber weapons (software, etc.);
  • Creation of a full cycle of cyber influence (cyber kill-chain);
  • Masking of cyber activities;
  • Demonstration actions;
  • Search and evaluation of the vulnerabilities of Information and Computer Networks (ICN) of the Ministry of Defence of Ukraine and the Armed Forces of Ukraine (pen-testing);

Cyber defence takes care of:

  • Preparation and conducting of Defensive Cyber Operations ( DCO);
  • Identification of new cyberthreats;
  • Development of algorithms and measures against new threats;
  • Forensic (investigation of cyber incidents);
  • Implementation of measures for cyber protection of the state’s critical information infrastructure in conditions of emergency and martial law;
  • Ensuring the protection of ICN (DODIN Operations);
  • Monitoring the traffic and state of the ICN of the Ministry of Defence of Ukraine and the Armed Forces of Ukraine;
  • Identifying cyber incidents and cyber-attacks and responding to them;
  • Eliminating the consequences of cyber incidents and cyber-attacks;

The Cyber Forces Command, in turn, is engaged in the search for vulnerabilities of the ICN of the Armed Forces of Ukraine and the development of security policies and recommendations for the Command of the Communications and Cyber Security Forces of the Armed Forces of Ukraine. The command of cyber forces is also  responsible for the distribution of tasks in the three branches of cyber warfare.

In addition, the Cyber Forces Command of the Armed Forces provides technological support to the Special Operations Forces. In turn, the Special Operations Forces are responsible for information and psychological operations in cyberspace, namely:

  • Monitoring of social networks and electronic media, search and analysis of enemy content;
  • Creation of own content;
  • Placement and promotion of content on information resources;
  • Information countermeasures, levelling of the enemy’s narratives;
  • Blocking and changing the enemy’s content;

Tell us about the purpose and main functions of the cyber forces of the Armed Forces of Ukraine.

The purpose of the cyber forces of the Armed Forces of Ukraine is to protect the sovereignty of the state and repel armed aggression in cyberspace, to conduct defensive and offensive operations in cyberspace.

The main functions of cyber troops should be:

  • conducting cyber intelligence, cyber reconnaissance,
  • planning and conducting defensive and offensive cyber operations (operations in cyberspace);
  • support of informational and psychological operations in cyberspace;
  • organizing implementation within the competence of measures to prepare the state to repulse military aggression in cyberspace (cyber defence), coordinating  the execution of tasks in  preparation  for cyber defence by executive authorities, local self-government bodies and other components of the defence forces.

Additional functions should be:

  • implementation of military cooperation with NATO related to joint defence against cyber threats;
  • implementation of planning and organization of countermeasures against systemic and large-scale actions against the interests of Ukraine in cyberspace by foreign states (groups of states), in particular with the involvement of cyber units of the armed forces of foreign states, by using special means (cyber weapons);
  • implementation of civil-military cooperation on issues of cyber defence of the state.

What units can the structure of cyber forces of the Armed Forces of Ukraine consist of, and what is the prospective structure of the cyber command of cyber forces of the Armed Forces of Ukraine?

We have a clear vision for the Cyber Command structure with five main offices and headquarters:

  • Office of Cyber Intelligence
  • Office of Cyber Operations
  • Office of Information Operations
  • Office of Cyber Protection
  • Office of Infrastructure Provision

In accordance with the necessary set of military units for effective cyber warfare (Cyber Intelligence Centre, Cyber Warfare Centres, Information Protection and Cyber Security Centres in ICN, Logistics Centre, Cyber Laboratories).

The perspective of cyber forces is visualized, as a separate element  of the Armed Forces of Ukraine, the command can be represented by the following diagram:

Interview with Vadym Ledney, cyber warfare specialist of the General Staff of the Armed Forces of Ukraine

Each department in the middle of the cyber command must interact with each other in the performance of common tasks, also each of the departments organizes (manages, controls) the execution of tasks according to the direction in the corresponding component (highlighted in different colours).

It is also necessary to organize interaction in the areas of cyber intelligence and cyber defence with the other main subjects of the national cyber security system (the National Cyber Security Coordination Centre as a working body of the National Security and Defence Council of Ukraine, the State Service for Special Communications and Information Protection of Ukraine, the National Police of Ukraine, the Security Service of Ukraine, the Ministry of Defence of Ukraine, intelligence agencies, the National Bank of Ukraine) and others that are part of the defense forces (State Special Transport Service, Ministry of Internal Affairs of Ukraine, National Guard of Ukraine, State Border Service of Ukraine, State Migration Service of Ukraine, State Service of Ukraine with emergency situations.

security forces – law enforcement and intelligence agencies, state bodies of special purpose with law enforcement functions, civil defence forces and other bodies entrusted with the functions of ensuring the national security of Ukraine by the Constitution and laws of Ukraine;

defense forces – the Armed Forces of Ukraine, as well as other military formations formed in accordance with the laws of Ukraine, law enforcement and intelligence agencies, special purpose bodies with law enforcement functions, which are assigned the functions of ensuring the defense of the state by the Constitution and laws of Ukraine

And if we approach this from a visionary perspective, then the personnel of the cyber forces of the Armed Forces of Ukraine should be formed from:

– Cyber warfare professionals in the relevant field (cyber intelligence, cyber influence, cyber defence) who have undergone training at a specialized military higher institution.

– Alternative service, service in the reserve of citizens of Ukraine (recruited through territorial recruitment and social support centres), after passing the appropriate course training according to the field of activity.