Russia-Ukraine Cyber Conflict Tracker

Russia-Ukraine Cyber Conflict Tracker

The SIPA-ACI Russia-Ukraine Cyber Conflict Tracker is an initiative born out of the need to provide an empirical basis for evaluating the complex landscape of cyber operations within the context of the 2022 Russian invasion of Ukraine. This project, conducted in partnership between Columbia University's School of International and Public Affairs and the Army Cyber Institute at West Point, strives to deliver transparent, data-driven insights.

There is a significant and diverse set of cyber activities taking place in the context of the 2022 Russia-Ukraine war. In many ways, the nature of the cyber dimension of the conflict challenged and surprised experts and practitioners. However, drawing inferences about the implications of the cyber activities that are taking place as part of the conflict depends on a rigorous and empirical approach. Our project, therefore, aims to illuminate the threat actors, targets, types of incidents, and geographic scope of this cyber activity, enabling researchers to develop a clearer understanding of the role of cyberspace in modern warfare.

Objectives:

Our primary objective is to assemble a comprehensive dataset of cyber incidents related to the 2022 Russia-Ukraine war. This will serve as a springboard for conducting in-depth academic and policy analysis and sharing our findings with policymakers, researchers, and the public. 

We continuously refine and adapt our data collection approach to ensure we fulfill these objectives as comprehensively and effectively as possible. It is a dynamic and ongoing process, given the evolving nature of this conflict.

• Tracking Cyber Operations: Our project tracks and documents cyber operations directed at Ukraine, Russia, and other actors associated with the conflict. We categorize cyber incidents based on their type, targets, and outcomes, offering a nuanced analysis of the threat landscape. We organize this data into a comprehensive database, which we hope will serve as a valuable resource for understanding the dynamics of this conflict.
• Understanding Patterns of Cyber Activities: We leverage this data to uncover patterns of malicious cyber activity as well as identify potential correlations between cyber events and the broader dynamics of the military campaign. Identifying patterns and trends is crucial in comprehending how the threat landscape is evolving and the impact of these cyber operations on the overall conflict.
• Contributing to Transparency: The project's overarching goal is to provide a transparent and data-driven perspective on the cyber dimension of modern warfare. Policymakers, researchers, and the general public will gain valuable insights into the nature of cyber operations in this conflict, allowing for informed decisions and a deeper understanding of this critical aspect of contemporary warfare.

Methodology:

• Data Sources: Data collection relies on publicly available sources, including court filings, social media, government reports, private sector cybersecurity reports, and more. Each cyber incident requires two independent sources of information, such as a formal industry or government report and a media publication.
• Coding: We categorize events based on their phase within the conventional military campaign, threat actor name, type of cyber operation, scope, target country, and other relevant attributes.
• Threat Actors: The project identifies known threat actors associated with each incident, distinguishing between pro-Russian, pro-Ukraine, and unknown parties. 
• Level of State Responsibility: We take into account known, pre-existing relationships between threat actors and governments to evaluate the involvement of state actors in these cyber operations.

Target Audience:

• Researchers and Academics: The project seeks to serve academics specializing in cyber warfare, international relations, and conflict dynamics by offering a publicly available dataset that can be used for research and analysis, as well as in the classroom.
• Policymakers: This project can also help policymakers make informed choices and develop effective strategies in areas related to national security, foreign policy, and cyber defense.
• General Public: In the spirit of transparency, this project also aims to engage the general public by providing a clear, data-driven perspective on the cyber dimensions of modern warfare and allowing anyone interested in contemporary geopolitics to gain a deeper understanding of this critical aspect.

Project Members:

Erica Lonergan, Assistant Professor at Columbia SIPA

Jason Healey, Senior Research Scholar at Columbia SIPA

Grace B. Mueller, Lecturer at Southern Methodist University

Shawn Gibson, Columbia SIPA'2024

Former Project Members:

Margaret Smith, Modern War Institute at West Point 

Christopher Smith, Columbia SIPA'2023