Ukraine’s wartime experience provides blueprint for infrastructure protection

When cyberattacks and missile strikes converge on the same targets, infrastructure resilience becomes more than a technical mandate; it becomes a matter of national survival. For Ukraine, this is not a hypothetical future scenario. On the contrary, it has been daily reality for more than a decade.

Since 2014, Ukraine’s power grid, banking system, telecommunications networks, and digital infrastructure have faced sustained and increasingly sophisticated attacks. Yet these systems continue to function, adapt, and evolve, offering the world one of the most comprehensive case studies for how national infrastructure can endure under unrelenting cyber-kinetic pressure.

Ukraine’s experience reveals clearly that defending critical infrastructure is no longer simply a matter of cybersecurity. It requires a fundamentally different approach grounded in cyber-physical resilience, decentralization, system redundancy, institutional autonomy, and the capacity to sustain essential services, even when networks fail.

Industrial control systems were not designed for modern cyber warfare. The systems that operate electrical substations, power distribution logistics, and grid balancing typically prioritize availability and uptime rather than cyber defense. Russia exploited this structural vulnerability in 2015 and 2016, when Ukraine became the first country in history to suffer a nationwide power outage triggered by a cyberattack.

The same attacks that exposed digital fragility also revealed Ukraine’s greatest source of strength: Analog resilience. Even as digital control systems were compromised, engineers were able to manually isolate impacted grid segments, reroute power, and restore transmission through mechanical overrides and localized network segmentation.

The lessons are clear. While digital modernization delivers efficiency, full digital dependency creates systemic brittleness. Meanwhile, resilience can be enhanced through layered systems that incorporate manual fallbacks, localized control, and the ability to physically outmaneuver a digital attack. And while the ability to manually connect electricity to an electrical substation was not by design, the lack of digitalization at the time of the attacks proved to be an advantage in terms of service restoration speed.

The global takeaway from Ukraine’s grid defense is not a rejection of modernization; it is a rejection of exclusively digital modernization. True resilience requires hybrid architectures in which digital innovation is paired with analog redundancy, segmented control, and last resort options when networks are taken down.

Stay updated

As the world watches the Russian invasion of Ukraine unfold, UkraineAlert delivers the best Atlantic Council expert insight and analysis on Ukraine twice a week directly to your inbox.

If the Ukrainian power grid demonstrated the value of technical redundancy, Ukraine’s banking sector has shown the value of institutional autonomy. The National Bank of Ukraine (NBU) has emerged since the onset of Russian aggression as one of the most effective national actors in defending and sustaining critical infrastructure under attack. This has not only been due to advanced cybersecurity measures, but also thanks to operational freedom to act in line with the pace of the threat environment. The NBU has rapidly introduced mandatory security protocols, created a dedicated incident response unit, synchronized directly with law enforcement, and deployed real-time regulatory updates to address emerging vulnerabilities.

This capacity for decisiveness has helped ensure continuity in one of the country’s most essential sectors. Even under sustained digital attack, Ukrainians could still access their bank accounts, make electronic payments, and rely on national financial infrastructure without systemic interruption.

The most innovative aspect of this resilience came in the form of the Power Banking Initiative, a nationwide network of bank branches retrofitted for operational continuity during extended outages. Equipped with alternative energy sources, satellite communications, secure cash storage, and offline transaction capacities, these branches ensured uninterrupted access to currency, transfers, and basic banking services during power blackouts and infrastructure disruptions.

Eurasia Center events

Online Event Fri, December 12, 2025 • 11:00 am ET

Report launch: Analyzing stagnation and militarization in the Russian economy

Economy & Business Europe & Eurasia Politics & Diplomacy Russia

Ukraine’s experience confirms that the boundary between cyberattacks and conventional warfare is often blurred. In many cases, the two elements are sequenced, synchronized, and structurally interdependent. Cyber operations can blind infrastructure sensors, disrupt communications, compromise operational decision-making, and erode trust in essential systems, often in direct coordination with physical strikes.

Resilience does not depend on preventing breaches, but on the ability to sustain essential services when breaches succeed. This requires a hybrid framework that integrates digital security, infrastructure continuity planning, and decentralized operational responses.

Alignment with EU and NATO standards will accelerate interoperability with allied infrastructure defense systems and enable long-term investment security. Compliance must move beyond voluntary adoption to formal certification, standardized auditing, and enforceable resilience benchmarks for infrastructure operators.

Ukraine’s national bank has shown the importance of sector-specific response units. This model should expand to the energy, telecommunications, transportation, healthcare, and regional government systems. In order to be effective, response units require independent monitoring authority, 24/7 threat detection, digital forensics, and integration into NATO and EU cyber fusion hubs.

Infrastructure resilience also demands institutionalized public-private intelligence sharing. A legally protected, mandatory, real-time intelligence exchange will shorten detection timelines and prevent cascading failures. Critical infrastructure owners must integrate into national security information-sharing with liability protections, rapid alert systems, and reciprocal intelligence flows.

Looking ahead, a national resilience investment fund should pool Ukrainian government resources, EU support, World Bank guarantees, EBRD/EIB financing, and private capital to enable infrastructure segmentation, micro-grid deployment, backup power systems, secure cloud environments, and hardened data centers. However, none of these technical investments will succeed without sufficient human capital. Ukraine should aim to develop a minimum of 10,000 new security specialists through university partnerships, military-civilian pipelines, veteran reskilling programs, and national cyber reserves.

Today, Ukraine possesses infrastructure resilience tested continuously under real cyber-kinetic attack. This unique experience should form the basis of international efforts to enhance critical infrastructure resilience. Ukraine can lead an international training center, host multinational resilience exercises, publish attack anatomy case files, and shape new NATO and EU doctrine. This would allow Kyiv to position itself not only as a defender, but as an architect of resilient infrastructure strategy.

Dr. Oleksandr Bakalinskyi is a Senior Researcher at the G. E. Pukhov Institute for Modeling in Energy Engineering at the National Academy of Sciences in Ukraine. Maggie McDonough is the Senior Vice President and Chief Innovation Officer at the Baltimore Development Corporation. She was previously affiliated with the Purdue Applied Research Institute (PARI) and Purdue’s Center for Education & Research in Information Assurance and Security (CERIAS), where she served as a technical advisor on global cyber security resilience programming.

Share

Issue briefs and reports

Fast Thinking

New Atlanticist

Inflection Points

UkraineAlert

MENASource

Econographics