Digital Front Lines

Thank you for engaging with this special report on cyber operations in armed conflict. While Russia’s invasion of Ukraine may be the first example of large-scale hybrid warfare, it will likely not be the last. As cyber operations in warfare evolve, we must work to keep pace by improving cybersecurity and setting and upholding expectations that will limit threats to innocent civilians in this new domain of conflict.

For governments, this means investing in cybersecurity, especially when it comes to protecting critical infrastructure. Having a well-organized and trusted national computer emergency response team (CERT) in Ukraine has been a key differentiator throughout Russia’s invasion, enabling rapid response to cyber incidents and coordination with partners across sectors and countries. Migrating critical data to the cloud has also proved an effective cybersecurity measure. These should be priorities for all governments thinking about national security and defense.

The technology industry also has responsibilities when it comes to cyber operations in armed conflict. Without ever engaging in offensive activity itself, the tech sector can and should work to deter cyber operations in three ways: 1) by hardening defenses through improved cybersecurity of our products, 2) by working directly with CERTs and other authorities to protect against cyberattacks, and 3) by sharing information on cyber incidents.

I am especially optimistic about the potential for industry to now leverage artificial intelligence as a game-changing technology for security, to autonomously detect and mitigate malicious activity and thereby reduce the impact of cyber operations. Given the resources required to develop and operationalize this next generation of AI, this should give an asymmetric advantage to defenders moving forward.

Improving defenses is only half the equation; we also need more accountability for actors engaging in reckless cyber operations. International humanitarian law (IHL) prohibits attacks on noncombatants and critical civilian infrastructure. Things like kinetic attacks on hospitals, for instance, would be considered war crimes. We cannot afford to allow ambiguities to creep in when it comes to applications of IHL to the online environment. It is therefore encouraging to see the International Criminal Court paying close attention to this issue and weighing whether charges are warranted based on cyber operations in Ukraine.

I want to thank the contributors to this report and our partners at FP Analytics for providing such a comprehensive analysis of these issues and bringing this timely discussion to the fore. While there remain important questions, we must learn from these events to ensure that in future armed conflicts clear guardrails are set around the use of cyber operations. Microsoft looks forward to continued cooperation with partners across stakeholder groups to protect and defend the peaceful use of technology.

Brad Smith is Vice Chair and President of Microsoft. In this role, he leads a team of more than 1,500 business, legal and corporate affairs professionals located in 54 countries and operating in more than 120 nations. He plays a key role in spearheading the company’s work on critical issues involving the intersection of technology and society, including cybersecurity, privacy, artificial intelligence, environmental sustainability, human rights, immigration and philanthropy. In his bestselling book, coauthored with Microsoft’s Carol Ann Browne, Tools and Weapons: The Promise and the Peril of the Digital Age, Smith urges the tech sector to assume more responsibility and calls for governments to move faster to address the challenges that new technologies are creating. The New York Times has called Smith “a de facto ambassador for the technology industry at large” and The Australian Financial Review has described him as “one of the technology industry’s most respected figures.” He has testified numerous times before the U.S. Congress and other governments on these key policy issues.