Why the West should intensify cyber pressure on Russia and how to do it
According to Politico, the European Union is already seriously considering offensive cyberattacks on targets critical to Russia’s defence economy and, for the first time in history, is ready to officially shift from defense to counter-strike.
From Denmark to Czechia, allies have already authorised offensive cyber operations at the legislative level, while Italy’s defence minister recently published a 125-page plan.
These decisions are timely, because the number of Russia’s hybrid attacks is only growing.
Under such conditions, traditional cyber defence is important but insufficient. What’s needed are tools capable of changing the economics of aggression and making it unprofitable.
Read more about how this can be achieved in the column by Ilona Khmeliova, Secretary of Ukraine’s Economic Security Council: Making cyber sanctions effective: 10 steps to increase pressure on Russia.
The author notes that as governments search for tools to counter Russian hybrid attacks, increasing attention is being paid to cyber sanctions and technological restrictions against Russia.
"Cyber sanctions are not just another item on a long list of restrictions. They are a tool that transforms digital harm into real economic and reputational costs.
Asset freezes, bans on financial transactions, visa restrictions, blocking access to Western technologies – all of this hits hacker groups, their sponsors, and the states that shelter them," Khmeliova writes.
She explains that the EU created its cyber sanctions regime back in 2017 within the Cyber Diplomacy Toolbox.
The United States operates based on Executive Orders 13694 (2015) and 13757 (2016). The United Kingdom introduced its own cyber sanctions regime after Brexit.
However, in practice these tools remain fragmented, Khmeliova warns. Overlaps in sanctions lists are still limited. Moreover, the restrictions are often political or even declarative.
A new study by Ukraine’s Economic Security Council proposes 10 concrete steps to resolve these problems.
Among the proposals is the creation of a unified global online registry of cyber sanctions to avoid situations where a sanctioned individual in one country faces no obstacles in other jurisdictions.
"Creating a unified global online registry of cyber sanctions is a simple but necessary step that will make international cyber threat counteraction far more effective," Khmeliova argues.
In her view, if such a registry gains wide international support, it will become not only a technical tool but also a mechanism for evidence-gathering and a basis for international accountability for those who organise or sponsor cyberattacks.
"Of course, launching such a registry will require close international cooperation, harmonised standards, data protection and integration of existing national databases. But the result is worth it: transparency, coordination and real accountability in cyberspace," she emphasises.
Strengthening cyber defences is unquestionably critical for Ukraine.
Khmeliova stresses that Ukraine is paying an extremely high price for lessons learned on this battlefield, which is why it has both the moral right and the practical expertise to propose new rules to the world.
According to the author, a unified cyber sanctions registry, coordinated attribution, sectoral technology restrictions, cooperation with the private sector and readiness for proactive defence are concrete steps that can and must be taken now.
"Those who invest in these tools today will win tomorrow’s war. And not only in cyberspace," concludes the Secretary of Ukraine’s Economic Security Council.