Cyber and participation in hostilities

Ukraine: Cyber and participation in hostilities

Following Russia’s recent invasion of the territory of Ukraine, on 26 February 2022, Ukraine’s Minister of Digital Transformation announced the creation of a government-led volunteer cyber army. His call, unique from a State in a situation of armed conflict, is a call to Ukrainian talent, to encourage them to “continue the fight on the digital front.” Whilst this call is addressed to Ukrainians, in the context of the global outcry against Russia’s invasion and military attacks on civilians, and by the nature of the Internet, the call has likely resulted in participants from all over the world. 

The response has led to multiple efforts to aid and assist those affected by the armed conflict, with the development of communication channels, and efforts to disseminate information probably outside of the purview of state involvement. The actual impact of this volunteering is still difficult to assess, as there is no clarity on the actions taken or their impact. This can be compared to any “CrowdSourcing” initiative: a problem is posed via the Internet, and it is hoped that people from anywhere on the planet will contribute to a solution. 

Challenges with engagement    

However, whilst the parallels are interesting, the Ukrainian situation is very different. It is an international armed conflict. If individuals answer the call and attack or defend military targets, they could be treated as combatants and through their involvement escalate the conflict. Within the volunteer efforts listed, there exist proposed actions that are more offensive in nature, as for example proposing participants carry out measures intended to disrupt .ru (Russian) infrastructure. 

Such engagement does not happen in a legal vacuum. International humanitarian law regulates situations of armed conflict. Its objective is twofold: to limit the means and methods of warfare and to limit its effects for example on persons who are protected – civilians, the wounded and sick, and detainees.  There are modalities to govern what constitutes a legitimate military objective during the conflict, and regarding the distinction between status of combatants and military or civilians.  

The involvement of cyber experts to participate in military attacks (whether offensive or defensive) has implications for these individuals who may unknowingly lose their civilian status and their legal protection as civilians under international humanitarian law. Should anyone decide to respond to a call to arms and participate in this conflict, they must ask themselves the following questions: what is their certainty that their actions will not cause damage to civilian populations, including the very populations they wish to protect?  Will they still be considered civilian, or do they expose themself to potential repercussions of counter-attack (cyber or kinetic) -and/or potential prosecution?  Do they know the laws of war e.g. of what is a legitimate target and what is not?  

There is also an important risk to the global cyber ecosystem by such calls for participation, with potential spillover effects anywhere, and what was not perceived as permissible before is now perceived as permissible and vice versa. 

 Additional considerations with involvement are likely to include the inadvertent disclosure of material content that can aid military objectives by the occupying force. The transparency afforded by social media to share video, and other media to the world can equally be of use by the military. Such communications pose challenges since the objective to shine a light on the conflict can equally aid and assist the armed forces. 

As is often the case when it comes to the Internet, operational reality is changing faster than the clarification of the law. There is no doubt that many analysts of international law will look at the issue, but in the meantime, as we call for restraint and caution, vulnerable populations are more than ever in need of support and protection. 

To this end, the CyberPeace Institute provides volunteers with practical ways to help vulnerable civilian communities to build resilience against cyberattacks. How can you help? You can support the collective effort of protecting vulnerable communities for example through the CyberPeace Builders.

The CyberPeace Builders 

The CyberPeace Builders is a cybersecurity volunteer network operated by the CyberPeace Institute, created for the sole purpose to help humanitarian organizations elevate their cybersecurity resilience. The network is made of cybersecurity experts carefully selected from reputable companies, matched with selected NGOs for short-term punctual engagements. 


Stéphane Duguin, Chief Executive Officer, CyberPeace Institute

Raj Samani, Member of Advisory Group on Internet Security, European Cybercrime Centre (EC3) in The Hague 

©Copyright 2022:  The concepts and information contained in this document are the property of the CyberPeace Institute, an independent non-governmental organization headquartered in Geneva, unless indicated otherwise from time to time throughout the document. This document may be reproduced, in whole or in part, provided that the CyberPeace Institute is referenced as author and copyright holder.


Support the CyberPeace Institute

Individual lives can be changed dramatically by the acts of cyber criminals. We need your support to assist victims of cyberattacks in the NGO, humanitarian and healthcare sectors.


Subscribe to our newsletter

Receive monthly news on what’s happening at the Institute: our impact, publications, events and important milestones.