The IT Army of Ukraine
Structure, Tasking, and Eco-System
OPEN ACCESS
Loading...
Author / Producer
Date
2022-06
Publication Type
Report
ETH Bibliography
yes
Citations
Altmetric
OPEN ACCESS
Data
Rights / License
Abstract
For several years prior to the Russian invasion on 24 February 2022, the principal idea of creating a cyber volunteer army has been bouncing around in Ukrainian government circles. In part those discussions were in-formed by the success of the Estonian Defence League's Cyber Unit and other efforts around the globe to organize, incorporate, and surge civilian IT volunteers into existing military structures in times of need.
In contrast to these well-established and purely defensive cyber volunteering efforts, the IT Army of Ukraine was stood up in an ad-hoc manner without a clearly structured and proven plan. Similarly, the absence of a Ukrainian military cyber command likely also pushed Kiev to think creatively about how to combine its nascent military and intel cyber capabilities with a massive, willing, and global civilian IT community in the defense of the nation. Born out of necessity, the IT Army subsequently evolved into a hybrid construct that is neither civilian nor military, neither public nor private, neither local nor international, and neither lawful nor unlawful.
As of this writing, the IT Army consists of two parts: (1) a continuous global call to action that mobilizes anyone willing to participate in coordinated DDoS attacks against designated – primarily civilian - Russian infrastructure targets; and (2) an in-house team likely consisting of Ukrainian defense and intelligence personnel that have been experimenting with and conducting ever more complex cyber operations against specific Russian tar-gets. Both parts of the IT Army are purely offensive in nature and serve to bring willing amateurs (civilians) and dedicated professionals (civilian, military, intel) into one – most likely – hierarchically organizational structure.
In addition, the IT Army has also given rise to an eco-system that includes Ukrainian-owned IT companies and individuals located outside of Ukraine, as well as Ukrainians living in Ukraine working for Western companies. This eco-system has been continuously creating new tools, generating know how, identifying new targets, and fulfilling other intelligence support functions to underpin Ukraine’s offensive efforts in cyberspace.
Permanent link
Publication status
published
External links
Editor
Book title
Journal / series
Volume
Pages / Article No.
Publisher
Center for Security Studies (CSS), ETH Zürich
Event
Edition / version
Methods
Software
Geographic location
Date collected
Date created
Subject
Cyber conflict; Cybersecurity policy; Cyber war
Organisational unit
03515 - Wenger, Andreas / Wenger, Andreas