UK to contribute up to £25m to Ukraine cyber defences

The UK is to expand the successful Ukraine Cyber Programme (UCP) with up to £25m between now and 2025 to support Ukraine’s cyber security defences, helping Kyiv’s ability to detect, respond to and prevent Russian cyber attacks, and protect its critical national infrastructure and frontline government services

The package, which comprises £16m in UK funding and the potential for a further £9m contribution from international partners, will also help to develop and support Ukraine’s forensic cyber capabilities, helping to analyse system compromises, attribute attacks to known threat actors, and build evidence to better the chances of successfully prosecuting Russian threat actors in the future.

The existence of the UCP was previously classified, and the government only revealed its existence in November 2022. It was stood up in the days immediately after Russia’s invasion of Ukraine on 24 February, and in the past 16 months has contributed world-leading expertise drawn from both the private and public sector to the Ukraine’s digital defence.

It has helped Ukraine fight off a number of cyber attacks orchestrated by the Russian state, including destructive wiper malware attacks.

Prime minister Rishi Sunak said: “Russia’s appalling attacks on Ukraine are not limited to their barbaric land invasion, but also involve sickening attempts to attack their cyber infrastructure that provides vital services, from banking to energy supplies, to innocent Ukrainian people.

“This funding is critical to stopping those onslaughts, hardening Ukraine’s cyber defences and increasing the country’s ability to detect and disable the malware targeted at them.”

Joseph Jarnecki, research fellow at the Royal United Services Institute (Rusi) think tank, said the new spending reflected the continued importance of Ukraine’s cyber defence to the war effort.

“The programme represents a new, more direct form of international cyber support as it procures cyber security providers to directly deliver technical products and services for national cyber defence. Moreover, it prioritises immediate operational effects to strengthen Ukraine’s cyber defence over longer-term efforts to improve Ukrainian national capacities,” he said.

However, added Jarnecki, while the UCP has been quite impactful, it remains important to contextualise its efforts.

“The decisive factors in Ukraine’s cyber defence have been its own preparations as well as the large-scale support from big tech companies such as Microsoft, Google, and AWS. The UCP has been effective in plugging gaps but does not achieve systemic effects. Additional funding for the UCP will increase the scope and scale of its activities. For example, expanding the number of networks where UCP implementors can respond to cyber incidents,” said Jarnecki.

Jarnecki said the UCP had the potential to be a valuable learning opportunity for the British government for dealing with future cyber crises – recent years have seen large-scale cyber campaigns against other states besides Ukraine, including Albania and Costa Rica.

He argued that the UK could and should start building structures and processes today to muster international cyber support in anticipation of future hostile cyber campaigns against friendly states, and could be doing much more to engage with Nato allies. Jarnecki described Nato’s ability to respond when a member state experiences a large scale cyber attack as “insufficient” and said the alliance needed a clearer approach to providing cyber support.