Emma Logan (UK Delegation) condemns Russia’s sustained pattern of malicious cyber behaviour against the UK and our partners.

Thank you, Mr. Chair. As we have heard today, threats in cyberspace are evolving and can take many forms.

We continue to see a sustained pattern of malicious cyber behaviour by the Russian state, and by cyber criminals allowed to operate from Russian territory with impunity, against the UK and our friends and partners.

Threat to Ukraine

This pattern of malicious cyber behaviour includes a long-running campaign of hostile and destabilising activity against Ukraine, the tempo of which increased significantly in the run up to and immediately following Russia’s illegal invasion on 24 February 2022.

Together with partners, we have exposed multiple instances of malicious cyber activity by Russia, including the deployment of malware against the Ukrainian banking sector on 15 and 16 February 2022, and an attack on a communications company on the 24 February that caused outages for several thousand Ukrainian customers, with tens of thousands of terminals damaged, rendered inoperable and irreparable.

In addition to harming their intended targets, these incidents have had wider destabilising consequences – affecting ordinary people and businesses across the OSCE region. For example, the 24 February attack affected windfarms in one country and internet users across Europe.

In addition, the Kremlin continues to use information operations to undermine Ukrainian sovereignty, create false pretexts and obscure the truth. It regularly uses propaganda and disinformation to sustain its support base, attack rivals, and erode international support for Ukraine. Georgia and Moldova are among the states suffering on the frontline from these underhand tactics.

Threat to the UK

Even before it launched its illegal invasion of Ukraine, we judged Russia posed a significant, enduring, and direct cyber threat to the UK.

Our National Cyber Security Centre has confirmed that Russian cyber actors have conducted a malign programme of activity in recent years, including attempted interference against our media, telecommunications, and energy infrastructure.

This threat has not changed significantly since the start of its invasion, but Russia’s risk appetite has grown significantly.

UK response

As was made clear by our recent Integrated Review Refresh, the UK is working with our partners to meet these challenges head on and to hold the perpetrators to account.

Public attribution

We have publicly attributed malicious cyber activity to Russia where we have had compelling evidence to do so and it was in our national interest. I have already given some examples, related to Ukraine, but there are others. For example, in April 2021 we attributed the SolarWinds compromise to Russia’s foreign intelligence agency, the SVR. This forms part of a pattern of behaviour ongoing since 2011, predominantly aimed at overseas governmental, diplomatic, think-tank, healthcare and energy targets for intelligence purposes.


We have also used our cyber sanctions regime to impose a direct cost on those responsible for malicious cyber activity. For example, together with partners we have imposed asset freezes and travel bans against members of Russia’s military intelligence agency, the GRU’s, destructive cyber unit.


As outlined in our National Cyber Strategy, the UK will continue to strengthen our cyber resilience.

Support to partners

And importantly, we also will continue to support our partners to build their own resilience.

For example, we announced a £6.35 million package of cyber support to Ukraine last year, including the provision of daily cyber threat intelligence and technical assistance to the MFA to protect their websites from Distributed Denial of Service attacks.

Lastly, on disinformation, we have established a new directorate in our Foreign, Commonwealth and Development Office to build our capability to assess and respond to the hostile manipulation of information. And we have committed to provide additional funding to the BBC World Service to counter disinformation.

Mr. Chair, not only must Russia withdraw its troops from Ukraine and end its brutal and illegal war, it must act as a responsible actor in cyberspace, and refrain from spreading dangerous disinformation. The UK will continue to do everything we can to protect ourselves and our partners from these threats and we would welcome further discussion on these topics in the OSCE Security Committee as the threats remain live.

Thank you.

Published 29 March 2023