Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Shashank Joshi Profile picture
@shashj
Nov 30, 2022 23 tweets 11 min read Read on X
.⁦@olliecarroll⁩ & I write on lessons from the cyber conflict in Ukraine. Tho’ it’s been intense, many say Russia has underperformed. That’s partly due to Ukraine’s superb defence. Others argue that offensive cyber power has also been misunderstood. economist.com/science-and-te…
The early view was that cyber had played a minimal role in the war. Officials pushed back strongly against that. In September NCSC head said Ukraine was "most sustained and intensive cyber campaign on record". Two NATO officials published below in April.
foreignaffairs.com/articles/ukrai…
Others argued the nature of the Russian cyber campaign had evolved over time, with a shift to simpler and lower-cost operations to enable a higher tempo of wartime attacks. This is what @gabby_roncone & John Wolfram of Mandiant told me. economist.com/science-and-te… Image
Many argued that Russia's cyber campaign looked misleadingly feeble because Ukraine's defence was so strong. In August the head of GCHQ called it "arguably seen the most effective defensive cyber activity in history." economist.com/by-invitation/…
In June, Microsoft wrote about "a new form of collective defense. This war pits Russia, a major cyber-power, not just against an alliance of countries. The cyber defense of Ukraine relies critically on a coalition of countries, companies, and NGOs." blogs.microsoft.com/on-the-issues/…
This Carnegie piece summarised the intensity of international co-operation around Ukrainian cyber defence. "diverse partners are rallying to shared values and upending previous assumptions that the cyber attacker will always get through."
Clearly, extensive (and in some cases secret) foreign assistance was a crucial part of this defensive effort. For instance @US_CYBERCOM had a sizeable in Ukraine from December, identifying Russian operations on Ukrainian networks. UK & others also involved
Many have drawn broader implications from this. In September Lindy Cameron, CEO of UK's defensive cyber-security agency @NCSC, argued the key lesson was not that cyber is defence "dominant", but "in cyber security, the defender has significant agency"
Others emphasise Russian failings—many similar to those seen in Ru conventional military forces. This is Marcus Willett, GCHQ's first director cyber. "The war has exposed some key weaknesses in Russian cyber capabilities compared with, especially, the US"
Image
.@gavinbwilde pointed out Russia has far less experience of integrating cyber into military ops than the US. @ILDannyMoore described "significant operational failings in almost every single [known] attack that they have ever carried out in cyberspace" economist.com/science-and-te…
On top of all that, there's the view that cyber power has been misunderstood. Some argue we under-estimate how hard & costly big destructive attacks are (@LenMaschmeyer: direct.mit.edu/isec/article/4…) or degree to which cyber is an intelligence contest (tnsr.org/roundtable/pol…)
.@ciaranmartinoxf points out Stuxnet may have distorted expectations. "In truth, argues Mr Martin, Stuxnet was the “Moon landing” of offensive cyber, an exquisite one-off that required superpower resources to execute rather than...a staple of cyberwars" economist.com/science-and-te…
As Thomas Rid wrote in March: "Cyberwar has been playing a trick on us for decades..It keeps arriving for the first time, again & again, & simultaneously slipping away into the future." Cyber is: "digitally upgraded intel. operations at the edge of war" nytimes.com/2022/03/18/opi…
Final thought: the war is ongoing, the cyber campaigns on both sides are evolving and there is a great deal we don't know or can't see. The lessons are contested & preliminary. I hope the piece gives a flavour of the debate & the views on different sides. economist.com/science-and-te…
I also wrote a short survey of some of the ideas in the piece for @TheEconomist's weekly science newsletter. Sign up here: economist.com/newsletters/si…
We write in the piece: "judging a cyber-campaign by the volume of malware is like rating infantry by the number of bullets fired". @DanWBlack of NATO offers a contrary view: Russian campaign as a "cumulative strategy" to create "critical mass of pressure"
Another excellent survey of Ukr cyber ops, by @JonKBateman. "Russian cyber “fires” (disruptive or destructive attacks) may have contributed modestly to Moscow’s initial invasion, but since then they have inflicted negligible damage on Ukrainian targets" carnegieendowment.org/2022/12/16/rus…
"Intelligence collection—not fires—has likely been the main focus of Russia’s wartime cyber operations in Ukraine, yet this too has yielded little military benefit." carnegieendowment.org/2022/12/16/rus…
"To meaningfully influence a war of this scale, cyber ops. must be conducted at a tempo that Russia apparently could sustain for only weeks at most. Moscow worsened its capacity problem by choosing to maintain...global cyber activity v non-Ukr targets" carnegieendowment.org/2022/12/16/rus…
"Militaries that plan for major war should ask whether they can realistically meet the high bar of producing and sustaining cyber fires at meaningful levels. Meeting this bar may require huge standing cyber forces" carnegieendowment.org/2022/12/16/rus…
"The rapid regeneration of cyber capabilities is another key hurdle. Given limited wartime cyber capacity, militaries may need to experiment with wave tactics: short bursts of intense cyber fires followed by periods of stand-down and regeneration." carnegieendowment.org/2022/12/16/rus…
"China’s cyber forces are probably larger than Russia’s, but they have carried out far fewer cyber fires. Would they execute an even bigger and more effective cyber salvo at the outset of a Taiwan invasion, or bungle the opener due to inexperience?" carnegieendowment.org/2022/12/16/rus…
Constraints on Russian cyber performance in Ukraine: small size of Russian cyber forces, slow to regenerate "cyber capability" once used, resilient Ukrainian defences
carnegieendowment.org/2022/12/16/rus… Image

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Shashank Joshi

Shashank Joshi Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @shashj

Shashank Joshi Profile picture
Apr 3
An interesting essay on how US intelligence agencies judged Soviet intentions and capabilities & how that changed over time. "...probably incorrectly believing there was also a Soviet proclivity to prepare to launch a war if conditions seemed propitious" cia.gov/resources/csi/…Image
"...considerable [Soviet] exaggerations of Western bellicosity and capabilities, including planning for initiation of war. Soviet intel estimates, like those of the United States and NATO, were always predicated on initiation of war by the other side" cia.gov/resources/csi/…
'It is clear in retrospect that what had been needed in 1976 was not a hard-line Team B, but a more imaginative and far-seeing "Team C."' cia.gov/resources/csi/…Image
Read 4 tweets
Shashank Joshi Profile picture
Apr 2
I've been reviewing many of the past year's US & European military & intelligence assessments of how long it would take Russia to rebuild its military capability and the timeline on which any threat to NATO could unfold. A brief thread below which summarises these assessments.
Norway intel service: "At the earliest, Moscow may be able to fully realise these plans [for military expansion e.g. Karelia] five to ten years after the war in Ukraine is over." In some areas Russia has "next to no reserves" for the next two years. etterretningstjenesten.no/publikasjoner/…Image
Denmark intel: "no threat" now & "some years" for new units to be ready, but Ru more willing to use force "if it believes...NATO...is unable to maintain its military superiority, does not respond to Ru mil activities or no longer presents a united front." fe-ddis.dk/globalassets/f…Image
Image
Read 22 tweets
Shashank Joshi Profile picture
Mar 26
I wrote a piece on China’s evolution into a bigger, more sophisticated and more threatening cyber power over the past decade, and particularly in the last few years. I also look at the pivotal role played by China’s private sector ecosystem in that shift. economist.com/china/2025/03/…
A few sources. Ciaran Martin’s very good survey from a few days ago gazumped mine. rusi.org/explore-our-re…
Recorded Future has tracked the shift in Chinese cyber activity with some good data. go.recordedfuture.com/hubfs/reports/…Image
Read 7 tweets
Shashank Joshi Profile picture
Mar 24
Absolutely incredible. The Trump admin accidentally adds the editor of the Atlantic to a Signal group. Then Pete Hegseth sends him details of the US strikes on Yemen hours ahead of time incl. "precise information about weapons packages, targets & timing" theatlantic.com/politics/archi…
Walz: "it will have to be the United States that reopens these shipping lanes [Red Sea]. Per the president’s request we are working with DOD and State to determine how to compile the cost associated and levy them on the Europeans" theatlantic.com/politics/archi…
Stephen Miller: "...if Europe doesn’t remunerate [for Houthi strikes], then what? If the US successfully restores freedom of navigation at great cost there needs to be some further economic gain extracted in return" theatlantic.com/politics/archi…
Read 6 tweets
Shashank Joshi Profile picture
Mar 23
Witkoff on UK troop proposals. “it’s a combination of a posture and a pose and…simplistic. I think there’s this … sort of notion of we’ve all got to be like Winston Churchill, the Russians are gonna march across Europe. I think that’s preposterous” singjupost.com/transcript-of-…
Witkoff transcript is just eye popping: “Why would they want to absorb Ukraine? For what purpose, exactly? They don’t need to absorb Ukraine. That would be like occupying Gaza…They want stability there… But the Russians also have what they want” singjupost.com/transcript-of-…
Witkoff on US-Russia cooperation: “Share sea lanes, maybe send LNG gas into Europe together, maybe collaborate on AI together. If we can get past technology migration. Who doesn’t want to see a world like that?” singjupost.com/transcript-of-…
Read 7 tweets
Shashank Joshi Profile picture
Mar 22
America’s main negotiator with Russia appears to be completely captured by Russian propaganda. Witkoff: “there have been referendums where the overwhelming majority of the people have indicated that they want to be under Russian rule.” pravda.com.ua/eng/news/2025/…Image
The Russians must be dumbstruck they their opponents have managed to find perhaps the most gullible man on the planet. Putin “told me a story, Tucker, about how when the president was shot, he went to his local church and met with his priest and prayed.” pravda.com.ua/eng/news/2025/…Image
‘"I don’t regard Putin as a bad guy. That is a complicated situation, that war, and all the ingredients that led up to it," Witkoff noted.’ pravda.com.ua/eng/news/2025/…
Read 4 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

Send Email!

:(