Today, Ukraine is at the forefront of the global struggle for democracy and freedom, but tomorrow the front could be Taiwan. Preparations for war with China are currently underway, and Taiwan is purchasing and stockpiling advanced weapons from the West to better withstand a full-scale invasion. Taipei is also closely monitoring Ukraine and learning from its war experience against Russia. An often overlooked learning moment was Ukraine's ability to mount an effective cyber defense, led by a dispersed group of supporters nicknamed the “cyber army.” Taiwan should seek to implement a similar framework and develop its own cyber army in the event of a Chinese invasion.
Russia's full-scale invasion of Ukraine has sparked the first all-out cyberwar between two nation-states. At first, many feared that Ukraine would suffer a “digital Pearl Harbor” in the face of an all-out Russian attack, but that time never came. Russian cyberattacks failed and Ukraine, with the help of Western public and private partnerships, resisted the Russian cyberoffensive. At the same time, Ukraine's Ministry of Digital Transformation has spearheaded efforts to create an IT army to ensure maximum resilience. Given the obvious advantages of this strategy in the case of Ukraine, the lesson for Taiwan becomes clear: don't wait until you are attacked to build up your cyber capabilities; rather, preventive measures should be taken to strengthen the peacetime force.
Ukraine's cyber army made a significant contribution to Ukraine's cyber offensive against Russia, carrying out a range of diverse and effective attacks. These include leaking Russian central bank documents, disrupting internet services in Russian-occupied territories, neutralizing one of Moscow's main internet providers, and targeting private companies to hinder economic activities. Such tactics would be useful in supporting Taiwan's efforts to defend itself against China.
At its peak, the group had several hundred thousand members. Yet focusing solely on subscribers can be misleading, as the IT army's attacks have grown in effectiveness and scale despite declining subscriber counts on associated Telegram channels. The main tactic of the IT army revolves around denial of service (DDoS) attacks. The approach is simple but effective, involving the coordination of a large number of computers to launch a concerted attack on a specific network or website. By flooding the target with an overwhelming volume of requests, the system becomes overloaded and eventually crashes.
According to its own estimates, the IT army has inflicted economic losses on Russia estimated at between $1 billion and $2 billion. Therefore, the cyberwarfare waged by the group represents a new and innovative form of sanctions against their adversaries. Ted (which is a call sign), the spokesperson for the IT Army of Ukraine, said that “economic exhaustion plays a decisive role in the outcome of conflicts, and cyber operations, including DDoS attacks and the interventions of computer hackers are powerful tools to achieve this. objective. » Such tactics, namely inflicting “economic exhaustion,” would also be relevant in the Taiwan context.
The IT army's campaign against Russian Internet service providers led to a 40% disruption of their resources at one point, causing significant service interruptions. Russian news site Kommersant wrote that “the number of DDoS attacks against Russian companies doubled year on year in the first quarter. Especially companies in critical sectors… Roskomnadzor speaks of having repelled almost three times more attacks in the first quarter alone than in the whole of 2023.” Furthermore, while Russia has invested billions dollars in building its own satellite Internet network, the Ukrainian IT army launched an attack in April 2024, which took out “two of the largest providers, Astra and Allegrosky” for several days.
Building Taiwan's IT Army
Building a volunteer IT army presents a significant challenge due to its inherently decentralized nature, where members rely more on their own skills than formal training. Fortunately, these skills have been developed in our increasingly digital world, opening the door to normal citizens participating in cyber warfare. In the case of Ukraine, the government also intervened by developing legislation that would establish a more formal legal structure for the IT army. Taiwan should also consider adopting similar legislation to build a legal structure for future eventualities.
For example, Ukrainian legislation would open the door to foreign volunteers and potentially grant them legal protections to participate in hacking activities on behalf of Ukraine. Vasileios Karagiannopoulos, associate professor of cybercrime and cybersecurity at the University of Portsmouth, believes that if the IT army were integrated into Ukraine's cyber reserves, it could help provide legal protection to civilians participating in cyber warfare by offering “legal protection as combatants, potentially protection” from prosecution for their actions during the war. Taiwan will also need to consider the legal framework for creating its own cyberwarfare capabilities, both for its own citizens and for volunteers from around the world who come to Taiwan's defense.
Taiwanese Foreign Minister Joseph Wu previously said the country was preparing for a potential war with China, which could occur as soon as 2027. If that timeline is even remotely possible, Taiwan should immediately mobilize all available resources to prepare for this future conflict. because the importance of cyberwar can only grow in the meantime. China's deep integration and reliance on technology will also make it more vulnerable to attacks from a willing cyber army. In fact, successful cyber operations conducted by Taiwan could potentially inflict substantial economic and operational losses on China, thereby limiting some of China's military power projection.
Taiwan should actively apply key lessons learned from Ukraine’s IT army. For example, while Ukraine has developed a strategic plan to quickly mobilize its cyber army in wartime, Taiwan should also develop a detailed plan to quickly build its own digital defense force. Similarly, inspired by how Ukraine established secure communication channels to effectively manage its cyber operations, Taiwan should also implement secure systems to coordinate its cyber army and target the enemy's vulnerabilities.
Furthermore, recognizing the benefits of international collaboration, as in the case of Ukraine's cyber army, Taiwan should explore strategies for recruiting foreign volunteers, thereby strengthening the global reach and capabilities of its own cyber forces. To facilitate this effort, Taiwan should preemptively develop legislation – mirroring Ukraine's efforts to legally integrate its cyber volunteers – providing a formal structure providing legal protections and defining the roles of participants within Taiwan's cyber reserves. .
Taiwanese intelligence services will also need to identify vulnerabilities, prepare botnets and establish gateways well in advance to quickly penetrate China's digital systems. This preparatory work is essential to ensure that in the event of conflict, Taiwan can quickly and effectively target critical Chinese infrastructure and systems. Therefore, to ensure that operations can be scaled up to carry out large-scale DDoS attacks and other cyberwarfare offensives, the Taiwanese government will need to reach as many people as possible willing to join the fight. This strategy will likely need to include the creation of educational materials that can be widely shared on social media to recruit younger people interested in becoming educated and participating in DDoS efforts.
However, not all preparations will be technical. One of the limitations that the Ukrainian IT Army faces is engaging with a non-specialist audience. To expand the work of effective botnets and DDoS attacks, more people are needed to join the attacks. But the average civilian citizen does not consider themselves capable of carrying out cyberattacks. The reality is that anyone can follow simple instructions to download a tool and allow their computer's processing power and Internet access to be added to the botnet and help flood enemy networks to bring them down in war .
The Ukrainian IT Army has proven itself to be an effective fighting force against Russia in the cyber domain. As Taiwan prepares for potential conflict with China, it must take all necessary steps to prepare not only for the physical battlefield but also for the digital battlefield.
David Kirichenko is an independent journalist and research associate at the Henry Jackson Society, a think tank based in London. He can be found on the social media platform X @DVKirichenko.
