The Ukrainian Way of Digital Warfighting: Volunteers, Applications, and Intelligence Sharing Platforms

The Ukrainian military situational awareness platform Delta (Дельта) is at the heart of this CSS report. Initially developed in 2015 by Aerorozvidka (Аеророзвідка – then military unit A2724), the platform is currently owned, maintained, and upgraded under the auspices of the Center for Innovation and Development of Defense Technologies within the Ukrainian Ministry of Defense (Центром інновацій та розвитку оборонних технологій Міністерства оборони України).

Starting from the war in Donbas in 2014 to the Russian invasion in 2022, the origin and evolution of Delta provide a near perfect case study to trace the development of digital warfare thinking in Ukraine. For this CSS cyber defense report, Delta serves as the red thread to introduce to the reader a host of digital platforms, mobile applications, and Ukrainian volunteer groups that helped to shape Delta. As the war in Ukraine has entered its third year, the story of Delta provides a window into Ukraine’s miltech revolution. This report provides analysts, researchers, and policymakers with a comprehensive understanding as to (1) what opportunities and stumbling blocks volunteer groups had to overcome in their bottom-up push for change, (2) why and how Aerorozvidka pushed for the adoption of a concept known as ‘network-centric warfare’, and (3) how Russia has reacted to Ukraine’s digital warfighting efforts.

The report’s focus on digital warfare encompasses primarily systems and applications that deal with information generation and dissemination. This spans from mobile applications used to transmit data on incoming Russian air breathing threats to platforms designed for orientation and situational awareness on the kinetic battlefield. Academic literature does not necessarily distinguish between the term digital warfare and cyber warfare. They are broadly considered to mean the same thing. While this report has no intention of creating new definitions, for the author the term digital warfare encompasses a three-step process: (a) generating data and information from various intelligence sources, (b) using digital applications and platforms to store, process, and disseminate said data and information, and (c) utilizing these applications and platforms to make tactical decisions on the kinetic battlefield. Digital warfare thus describes the digitalization of the kinetic battlefield (i.e. information and data enrichment and sharing). This definition stands in stark contrast to the term cyber warfare, which can be narrowly defined as conducting offensive cyber operations against adversarial digital systems. Network-centric warfare is the conceptual idea on how to utilize digital warfare products so that they can unfold their potential and help increase combat power. That being said, digital warfare is tied to cyber at the hip. As the kinetic battlefield is becoming increasingly digitalized, cyber threat actors from across the spectrum naturally pivot to target these systems – particularly during an ongoing international armed conflict. This can encompass anything from transmitting false data and information, breaching applications and platforms, and disseminating fake ones. This report will thus also in part cover the cyber component to Ukraine’s digital warfighting.

Chapter one explains the circumstances as to who, why, and how Aerorozvidka was founded. What activities the group conducted on the battlefield and why they were eventually absorbed into the Ukrainian Armed Forces as unit A2724. In two sub-chapters, the reader will also be introduced to the history and impact of (a) ArmySOS and their proprietary software product Kropyva, and (b) Eugene Maksymenko’s ComBat Vision.

Chapter two dives into the development of Delta and why it was moved into the Center for Innovation and Development of Defense Technologies. It explains Delta’s origin within the NATO-Ukraine C4 Trust Fund and the importance of the alliance’s Tide Hackathons for the development of Delta until its release at NATO’s TIDE Sprint 2022 in Virginia Beach, USA. It also explains Delta’s fallout with the Ukrainian company Everest.

Chapter three informs the reader about the activities of Aerorozvidka NGO, including the functioning of its situational centers and the importance of Starlink for the wide adoption of Delta in in the aftermath of the ViaSat hack.

Chapter four explains what cybersecurity measures have been implemented by the Center for Innovation and Development of Defense Technologies and Aerorozvidka NGO to protect Delta and its users. It also highlights significant cyber- and information warfare incidents conducted by a variety of hostile actors to breach and discredit the platform. 

Chapter 5 introduces to the reader an assortment of mobile applications that feed crowdsourced intelligence data and information into the Delta platform.

Chapter 6 informs the reader about the Terminal system, which functions similarly to Delta and was also first deployed during the defense of Kyiv in February 2022.

Chapter 7 dives deeper into the impact of the ViaSat hack. Explaining the significance of Ukrainian satellite reseller Datagroup and highlighting the importance of satellite internet access for specific application such as GIS Arta.

Chapter 7.2 briefly discusses the relationship between GIS Arta and the Ukrainian charity foundation Coma Back Alive, and the latter’s role in supporting Ukrainian offensive cyber operations.

Chapter 9 concludes the report with an assortment of further thoughts.