The UK Brings Cyberwarfare Out of the Closet

The UK’s 2025 Strategic Defence Review (SDR) details a plan to integrate its military defensive and offensive capabilities through increased use of cyber, AI, and digital warfighting.

Like the US, the UK is known, but not publicly proven, to engage in offensive cyber operations, even against allies. Among Snowden’s leaks was information about Operation Socialist, which ran from 2010 to 2013. GCHQ successfully used a Quantum Insert attack against Belgacom (Belgium’s largest telecoms provider). 

Despite this, the UK has generally insisted that it does not engage in cyberwarfare – until now. The new SDR (PDF), published June 2, 2025, concentrates on integrating the UK’s offensive and defensive military capabilities on land, sea, and air – and in cyber.

This is a military review, but naturally includes real time collaboration with “the UK Intelligence Community [MI5, MI6, and GCHQ], to achieve maximum effect in response to national security challenges.” A major part of the review is the full and open acceptance of the role of cyber and the electromagnetic spectrum (CyberEM), together with increased use of AI in both defensive and offensive posture; and the need to integrate these capabilities.

“To maximize the benefits of cutting‑edge technology and of the common digital architecture, Defence must also make a concerted effort to develop the necessary digital, AI, cyber, and electromagnetic warfare skills that are central to modern warfighting.”

CyberEM is described as the heart of modern warfare. “It is the only domain contested by adversaries every day,” says the report. For example, the UK’s military networks reportedly received 90,000 ‘gray zone’ attacks over the last two years. (A gray zone attack is designed to disturb or weaken adversaries without triggering a full-scale military response.) Different UK forces already operate in the CyberEM domain, but independently. These operations are both offensive and defensive, including the UK’s own gray zone activities against the networks or technologies used by adversaries. 

The SDR proposes coordinating these activities under a new CyberEM command operating as a single point of authority. Its purpose is to cohere and even encourage but not execute cyber activities – acting as a ‘hub’ “integrating the full range of military operations and bringing coherence to how Defence understands, develops, and accesses capability with allies and industry.”

The office is also intended to set the overarching strategy for electromagnetic spectrum operations, including liaising and aligning with NATO’s approach. 

The effect of this new cross-defense integration and coordination can be seen in the emergence of a new Digital Warfighter group and the digital targeting web. Together, they allow the deployment of digital and conventional warfighters on operations side-by-side; while the targeting web (a common data fabric rather than a website) connects sensors, deciders and effectors.

The review accepts that it has learned lessons from Ukraine, and adds, “This [targeting web] creates choice and speed in deciding how to degrade or destroy an identified target across domains and in a contested cyber and electromagnetic domain. For example, a target might be identified by a sensor on a ship or in space before being disabled by an F-35 aircraft, drone, or offensive cyber operation. Informed by AI and supported by a common synthetic environment, the targeting web epitomizes how the Integrated Force must fight and adapt. Its very existence contributes to deterrence.”

The latest UK Strategic Defence Review owes much to current geopolitics, from Ukraine’s successes to the growing threat to Europe from Russia. But it is equally clear that this new approach, comprising a major defense overhaul, increased funding, and focus on working with NATO allies also owes much to the US actions of President Trump. Whatever his precise purpose in criticizing NATO, it has made Europe realize that it should not, perhaps must not, be so reliant on American military strength. The whole of Europe is engaged in a process of rearming.

But what is equally clear is that this rethink of military responsibilities is as much about offensive capabilities as it is about defensive capabilities – and that warfare in the modern age cannot be separated from cyber either offensively or defensively.

Related: Countries Shore Up Digital Defenses as Tensions Raise Threat of Cyberwarfare

Related: Mikko Hypponen Leaves Anti-Malware Industry to Fight Against Drones

Related: Leaked Documents Detail Russia’s Cyberwarfare Tools, Including for OT Attacks

Related: The Lessons From Cyberwar, Cyber-in-War and Ukraine