Hello, Cyber Builders! 🖖
The Munich Cyber Security Conference on February 13, 2025, was a wake-up call. I attended last week in snowy Munich, and these conversations there need to be shared.
I am diverting from cybersecurity and entrepreneurship, so I wrote this first two-part report based on what I saw and heard. Today, we focus on rare firsthand accounts from Ukraine’s top cyber defense officials—the few people with real, lived experience in modern cyber warfare. Next week, we’ll explore the conference’s broader takeaways.
Ukrainian officials didn’t sugarcoat it. They described relentless cyberattacks—power grid shutdowns, sophisticated disinformation campaigns, and nonstop digital assaults designed to disrupt and destabilize. But this isn’t just Ukraine’s battle. It’s Europe’s lesson. As the English expression goes: “battlefield lessons.”
Cyber warfare isn’t a future threat. It’s here. It’s evolving. And yet, European nations still hesitate to act together.
So, what’s the way forward? A coordinated European cyber defense—one that moves beyond compliance checkboxes and builds an accurate, resilient cybersecurity industry, a task force with thousands of professionals, and a defense strategy.
The question is: Will Europe step up before the next crisis, or will it wait until the damage is irreversible?
Officials, entrepreneurs, and experts from around the cyber industry took every seat. I was left standing up to hear the testimonials. The room was packed, with high ceilings, dark wood panels, and tension in the atmosphere. Everyone knew this wasn’t just another cybersecurity talk but a war briefing.
Ukrainian officials outlined some of the elements used in modern cyber warfare. This strategy involves manipulating reality rather than just hacking systems.
Cyber operations have become central to intelligence gathering. Ukrainian officials outlined how state-sponsored hackers methodically collect intelligence, military logistics, and infrastructure schematics.
Intruders do not target only classified data. Stealing practical information from local businesses or governments is extremely useful for strategizing military operations and predicting responses from enemy defenders.
The newest AI techniques also contribute to these operations. When data is stolen, many files can be automatically categorized with the right prompt; the large language model can follow instructions and “understand” where intelligence value is in the document collected.
Moreover, although it could be seen as an old and outdated technique, phishing is a massive way to distribute malware and hijack computers. Using AI, attackers can use advanced spear-phishing to send a personalized email to a victim. These emails are harder to detect and distinguish from legitimate requests.
These campaigns don’t operate in isolation—they also leverage digital platforms and social media to amplify their reach.
Cyber warfare isn’t just about stealing data—it’s about controlling what people believe. Fear is a weapon.
The deliberate spread of false narratives is designed to destabilize societies from within. Officials described how Ukraine has been bombarded with AI-generated fake news, deepfake videos, and coordinated disinformation campaigns meant to break public morale and erode trust in institutions.
Moreover, recent policy changes by platforms like X (formerly Twitter) and Meta have unintentionally amplified these narratives. These platforms have become unwitting allies in information warfare by loosening content moderation policies and prioritizing engagement over truth. This will have a profound impact worldwide.
By canceling the second round of the presidential election, the Constitutional Court highlighted the importance of addressing voter manipulation on TikTok in favor of a far-right candidate.
Romania’s response to election manipulation is a lesson for democracies – Le Monde.
A recent case? The Romanian election manipulation. Using bot networks and deepfake propaganda, attackers successfully shifted voter sentiment, proving that these tactics can destabilize any democracy—not just Ukraine’s.
The third pillar of cyber warfare is direct sabotage. This isn’t about stealing data or influencing opinions. It’s about crippling essential services. Power grids, water systems, hospitals, railways—nothing is off-limits. Ukraine’s officials detailed how cyberattacks have targeted everything from military logistics to emergency response systems, proving that in modern war, a well-timed cyberattack can be as devastating as an airstrike.
It reminded me that one of the defining moments in modern cyber warfare happened in December 2015. A sophisticated malware attack struck Ukraine’s power grid, targeting legacy systems (IEC 104) and modern control protocols (IEC 61850). For the first time in history, a nation was plunged into darkness by a cyberattack.
Few of us were actively researching this at the time. Researchers at Dragos, ESET, and my team at Sentryo were among the few who saw the scale of this threat early. I remember publishing a report on it with NATO experts—one of the first deep dives into how cyberattacks could weaponize industrial systems. This was an emerging threat discussed in expert forums or conferences. Today, it’s a reality that impacts millions of citizens.
European politicians discuss defense and security. I am not attending these highly urgent meetings, which may have many items on the agenda. However, they must build a coordinated cyber task force.
European nations debate deploying troops to maintain peace, reinforce borders, and counter military aggression. But when it comes to cyber defense, they have remained silent.
Ukrainians are very grateful for all the support from the cybersecurity community. Large companies like Cisco and Google/Mandiant are helping provide manpower, CTI, tools, and operational support. I know how much individuals and cybersecurity professionals are committed to helping. I praise this support from the private sector.
Borders don’t limit cyber warfare. Yet European responses still are. Each country is left to defend itself, while state-backed threat actors operate with full coordination and deep government funding. This isn’t sustainable.
Without a joint European cyber force, nations remain vulnerable. Ukraine has shown how devastating these attacks can be—what happens when the next target is a European power grid, election, or financial system?
The lack of urgency is alarming. But it’s not too late—if Europe acts now.
One of the clearest messages from Ukrainian officials was this: there are no rogue actors in this war.
Forget the idea of independent hacktivists or lone cybercriminals. The Russian government has vetted, approved, and orchestrated every major cyberattack against Ukraine. These are not random breaches—they are coordinated, strategic, and designed for maximum impact.
Ukrainian officials stressed that these cyber operations constitute state-directed warfare rather than digital vandalism. Groups such as Sandworm, Fancy Bear, and APT29 function under government control and utilize state-level resources and intelligence to carry out their objectives.
What does this imply? Each cyberattack represents a geopolitical action. Nevertheless, numerous European nations still show reluctance to respond to these digital aggressions with the same urgency as they would to physical attacks.
The message from the Munich Cyber Security Conference was clear: It is not a Ukrainian problem. It is an urgent and collective problem.
Ukraine is sharing lessons and inviting us all to build defense systems. Ukrainian officials made it clear: they are open to collaboration and innovation. They made it loud and clear: “The old world of compliance checklists and acceptable risk calculations is over.” Cyber warfare demands real-world experimentation, hands-on exercises, and joint defense strategies.
Europe needs to act more, learn from the Ukrainian experience, and prepare for what is yet to happen. Cyber warfare is already shaping the future of conflict. The question is—who’s ready to fight it?
Europe needs to act. You—whether a policymaker, cybersecurity expert, or citizen—play a role in demanding a stronger defense. What’s your take? Drop a comment below. 👇
Laurent 💚
