The war in Ukraine has been a litmus test for many cyber conflict dynamics, chief among them the use of cyber capabilities on the battlefield and private sector defensive activism. But Ukraine’s response to Russia’s illegal invasion has also highlighted the role of hacker activists. The IT Army of Ukraine—an informal group of civilians, military, and intelligence volunteers—has emerged to target Russian digital infrastructure with cyberattacks. However, the rag-tag group of hacktivists operate in a legal and strategic grey area that threaten Ukraine’s war effort.

Because of the group’s unclear legal status, Ukrainian officials are proposing a law to turn the IT Army into formal cyber reserves. This legal initiative certainly has implications for the digital battlefield. But it is also set to offer lessons to Western democracies—including the United States—looking to develop a surge capacity to supplement active duty cyber warriors.

For Ukraine, transforming the IT Army into reserves helps reduce two strategic risks to the war effort. For one, establishing military command and control over the civilian hackers will prevent the derailment of official cyber operations. The IT Army has frequently knocked Russian servers offline by overloading them with traffic requests. Such uncoordinated civilian attacks can interfere with government cyber operations that require sustained access to Russian networks.

The law would also mitigate unintended conflict expansion. In addition to Russian infrastructure, the IT Army of Ukraine has attacked targets in Belarus for the regime’s support of Putin. But cyberattacks against Kremlin-friendly regimes risks drawing third parties into the fight via retaliation. Murky attribution compounds this danger: although the IT Army operates independently from the actual army, there is some evidence of coordination between the two. The perception that the Ukrainian government is directing IT Army cyberattacks would provide more incentive for a country like Belarus to retaliate.

Moreover, codifying the IT Army resolves two legal concerns: it will clarify combatant status and curtail illegitimate cyberattacks against civilians. The IT Army is not an official military body, but its contributions to the Ukrainian war effort gives Russian forces the leeway to deem individual members legitimate targets for retaliation. Formal legal status would define when civilian hackers are combatants or noncombatants. Simultaneously, reserve classification places legal bounds on cyberattacks against civilian infrastructure. Although the IT Army has gone after largely symbolic targets—such as disrupting the Russian government system that tracks vodka supplies—its proclivity for attacking civilian targets belies international legal and normative expectations for democratic cyber conflict.

But more broadly, Ukraine’s cyber reserve initiative offers a wartime test of the democratic mobilization and direction of digital volunteers at scale. Ukraine is drawing inspiration from how Estonia incorporated hackers into its own military reserve system beginning in 2008. The Baltic nation has effectively boosted its latent cyber capability. However, surge capacity remains untested in conflict: Estonia’s cyber reserves emerged from a peacetime defensive effort in response to Russian cyberattacks in 2007.

In contrast, Ukraine’s wartime context can answer whether cyber reserves serve a purely defensive role or if they can meaningfully be integrated into and augment intelligence collection or offensive cyber operations. At the same time, the war in Ukraine also provides a test for scaling up the use of cyber reserves. Estonia’s cyber reserve model works in part because the country is so small. But Ukraine is significantly larger than Estonia, and the Kremlin’s digital onslaught is touching every aspect of Ukrainian society.

The United States and its allies have a vested interest in the successful transition of the IT Army of Ukraine into a reservist force. For example, US lawmakers are pushing to stand up civilian cyber reserves under the Department of Defense and the Department of Homeland Security. Ukraine offers real-time feedback on developing a formal cyber surge capacity under fire. The US and its European NATO allies have an important opportunity to both support Ukraine’s initiative and draw lessons for bolstering their own respective cyber reserve capacities.

The post The Significance of Building Cyber Reserves in Ukraine appeared first on American Enterprise Institute – AEI.