Hybrid Warfare and Cyber Attacks in Modern Conflict and Global Security

Steve Clarke, Head of Penetration Testing at CyberLab, explores the evolving threat landscape shaped by hybrid warfare and cyber attacks, with a focus on the conflict in Ukraine and its global implications.

This blog covers:

• The Conflict in Ukraine and Cyber Warfare
• Information Warfare and Disinformation
• Malware Spillage Beyond Borders
• Russia Targeted by Anonymous
• How to Protect Your Business and Data
• How to Book Your Free Security Consultation

Hybrid warfare – where conventional military tactics are combined with cyber attacks, disinformation, and sabotage – has become a defining feature of modern conflict.

Ukraine remains a frontline example, having faced relentless cyber aggression since 2014, including the infamous 2015 power grid attack and the 2017 NotPetya malware incident.

In 2022, Russia launched a full-scale invasion of Ukraine, preceded by cyber operations such as the deployment of HermeticWiper, designed to erase data and cripple systems. These attacks exploited endpoint and server misconfigurations, often executing with local admin privileges.

In 2025, Ukraine continues to face hybrid threats, including GPS jamming, drone interference, and coordinated disinformation campaigns. Despite this, experts praise Ukraine’s cyber defence strategy, which includes partnerships with big tech firms and international allies.

Disinformation remains a core tactic in Russia’s hybrid playbook. From fake news to social media manipulation, these campaigns aim to destabilise societies and erode trust in institutions.

While large-scale cyber attacks on Western infrastructure have not materialised as feared, experts warn that Russia’s cyber capabilities are likely being recalibrated for future use.

Ukraine’s experience offers lessons: proactive communication, media literacy, and civil society engagement are key to countering narrative warfare.

Hybrid cyber weapons often lack geographic constraints. Malware like NotPetya and AcidRain have caused global damage, affecting systems far beyond their intended targets.

With limited operational controls, these threats can persist for years, making patch management and system hardening essential.

Hacktivist group Anonymous has claimed responsibility for cyber operations against Russian state assets, including website defacements, TV broadcast takeovers, and data exfiltration.

These actions mark a shift from traditional DoS attacks to more targeted and symbolic disruptions.

The UK’s National Cyber Security Centre (NCSC) continues to update its guidance for organisations of all sizes. Key recommendations include:

• Patch Management: Ensure timely updates across all systems
• Access Control: Use strong authentication and limit privileges
• Monitoring: Implement logging and anomaly detection
• Internet Footprint: Minimise exposure and harden public-facing assets
• Human Factors: Train staff to report phishing and ensure offline backups are recoverable.

CyberLab supports over 28,000 organisations with tailored security solutions, helping businesses assess risk and strengthen their defences.