Russia launched a wave of massive cyberattacks that sought to cripple all Ukrainian military and civilian infrastructure in conjunction with its brutal full-scale invasion of Ukraine in February 2022.
In addition to the tanks, planes, and ships that invaded Ukraine by land, air, and sea, these cyberattacks attempted to disable Ukraine’s digital infrastructure, access to financial services, and energy grid.
Fortunately, Ukraine had some help in combatting this assault. A consortium of private companies, named the Cyber Defense Assistance Collaborative (CDAC), sprang up to assist Ukraine in fending off these attacks. The alliance included leading U.S. cybersecurity experts and private sector companies and provided Ukraine with “operational cyber defense assistance.” Existing public-private collaborations also helped, such as the U.S. government-led Joint Cyber Defense Collaborative (JCDC).
These joint efforts continue to deter the Russian threat to this day. But what about the next one? And what if it’s closer to home?
Along with Russia, China, North Korea, and Iran – the other components of the so-called CRINK states – represent a serious cyberthreat to the United States and our allies. We must do a much better job at protecting critical U.S. infrastructure and vulnerable supply chains from state-sponsored attacks, as well as from other rogue actors.
China “presents the broadest, most active, and most persistent cyber threat to government and private sector networks in the United States,” according to the 2024 State Department U.S. Cyberspace and Digital Policy Strategy. Russia, meanwhile, “is refining its cyber espionage, cyberattack, influence, and information manipulation capabilities to threaten other states and to weaken U.S. alliances and partnerships,” it said.
Cooperation among these states is “growing more rapidly in recent years, reinforcing threats from each of them individually while also posing new challenges to U.S. strength and power globally,” the 2025 Annual Threat Assessment of the U.S. Intelligence Community also points out.
This is true across all domains, including cyberspace.
What cybersecurity experts fear most is a “zero-day attack,” in which the target of the strike is unaware of the vulnerability and thus has no time to respond to it or provide an immediate fix.
The most famous example of a zero-day attack is the Stuxnet virus deployed against Iran’s nuclear program in 2010, which also became a watershed moment in cybersecurity.
In the United States, zero-day attacks have targeted our health care system, municipal water facilities, and energy facilities. So far, the damage from these attacks has been limited, but as our adversaries grow bolder and become more coordinated, these attacks will be more dangerous.
Adversarial cyberattacks against critical targets are “constant,” and we may never be able to accurately predict when the “big attack is going to happen,” retired Air Force Lt. Gen. Harry Raduege, who served as the Director of the Defense Information Systems Agency (DISA), warned last month at the 10th Annual Cyberfuture Summit, held at the George W. Bush Presidential Center. The conference sought to address pressing concerns regarding cyberspace and emerging technologies, such as artificial intelligence (AI).
The advent of the age of AI adds another complex layer to cybersecurity, as systems become more automated and human oversight can often be lacking. Solutions suggested by experts at the conference centered on persistent vigilance, constant learning, and adhering to best practices, such as those in the National Institute of Standards and Technology (NIST) Cybersecurity Framework and the Responsible and Secure Future for AI Framework (RSAIF). These resources provide a comprehensive guide for government, industry, and organizations to reduce cybersecurity risk and to ensure responsible use of AI technologies.
James Doggett, the CEO of Semperis, summed it up: “When it comes to AI, you need to realize that you can’t stop it – even though we try hard to slow it down.”
It’s imperative that we marshal these technologies faster and better than the CRINK adversaries that seek to do us harm.
