The IT Army of Ukraine
The IT Army of Ukraine was stood up in an ad-hoc manner without a clearly structured and proven plan. Born out of necessity, the IT Army subsequently evolved into a hybrid construct that is neither civilian nor military, neither public nor private, neither local nor international, and neither lawful nor unlawful. This CSS Cyberdefense Report by Stefan Soesanto provides the first-ever comprehensive analysis of the IT Army’s structure, tasking, and ecosystem.
For several years prior to the Russian invasion on 24 February 2022, the principal idea of creating a cyber volunteer army had been bouncing around in Ukrainian government circles. In part, those discussions were informed by the success of the Estonian Defence League's Cyber Unit and other efforts around the globe to organize, incorporate, and surge civilian IT volunteers into existing military structures in times of need.
In contrast to these well-established and purely defensive cyber volunteering efforts, the IT Army of Ukraine was stood up in an ad-hoc manner without a clearly structured and proven plan. Similarly, the absence of a Ukrainian military cyber command likely also pushed Kyiv to think creatively about how to combine its nascent military and intel cyber capabilities with a massive, willing, and global civilian IT community in the defense of the nation.