Soviet-Legacy Vulnerability

• Ukraine inherited its military communications infrastructure from the Soviet armed forces: R-123, R-173, and R-111 VHF radio systems with basic frequency-hopping capability but without modern encryption; these systems operated in frequency ranges well-known to Russian signals intelligence (SIGINT) operators and used encryption architectures that Russian services had long experience attacking; the systems were also physically bulky and power-intensive, reducing tactical mobility
• Voice procedure was a particular vulnerability: Soviet-derived voice procedure emphasised strict protocols but did not have the COMSEC discipline culture of NATO-trained forces; soldiers identified positions, units, commanders, and operational intentions in voice communications in ways that provided Russian SIGINT collectors with high-value targeting and order-of-battle intelligence; this was a cultural and training problem as much as a technical one
• Post-2014 partial improvement: following the 2014 Donbas conflict, Ukraine initiated procurement of Harris Corporation (US) and Motorola Solutions encrypted tactical radios, assisted by US security assistance funding; by 2022 a significant number of Ukrainian frontline units — particularly those assigned to the Donbas contact line — had received Western-standard encrypted radios; but coverage was uneven, with some units having modern encrypted equipment while others retained Soviet-era systems, creating interoperability challenges and forcing some communications to fall back to unencrypted channels
• The command communications problem: even where tactical encrypted radios were available at company and platoon level, the higher-level command communications infrastructure connecting brigade, division, and operational command (command post to command post, over longer distances) relied heavily on military telephone networks and HF radio systems that were less cryptographically protected; the command layer was in some ways more vulnerable than the tactical layer, since higher commands possessed more operationally sensitive information

Russian SIGINT Exploitation

• Russian SIGINT operations against Ukrainian military communications have been among the most consequential Russian advantages in the war; Russia's signals intelligence architecture — combining Orlan-10 drone-mounted ESM sensors, ground-based SIGINT complexes (Leer-3, Zhitel, Torn), airborne SIGINT platforms, and space-based collection — provided extensive coverage of Ukrainian tactical communications in areas where Russian systems had physical proximity
• Documented cases of SIGINT-driven artillery targeting: multiple Ukrainian units reported instances where artillery strikes followed radio transmissions with suspicious speed — timings consistent with real-time SIGINT-to-targeting chains rather than pre-planned fires; the most widely analysed case patterns involved command vehicle strikes following discovered HF command net transmissions, suggesting Russian targeting prioritisation of command nodes identified through SIGINT
• Phone-based location: both sides have used mobile phone IMSI-catcher technology (StingRay-equivalent systems) to locate enemy personnel through their mobile phone signals; Ukrainian soldiers using personal phones near frontline positions risked providing Russian SIGINT with precise GPS-quality location data; this was particularly acute for soldiers who maintained messaging app communication with family members using easily identifiable personal phone numbers — the Russian services could build a picture of a soldier's location over time through pattern analysis of app metadata
• WhatsApp and Telegram vulnerability: end-to-end encryption protects message content but does not protect metadata (who communicates with whom, when, from where) or cellular positioning data; even properly encrypted messaging apps create a location signature through cellular network connection patterns that is readily exploitable by state-level SIGINT; for mass-mobilisation consumer smartphone users with no COMSEC training, this vulnerability was systematic and widespread

Encrypted Radio Deployment

• Western military assistance has dramatically expanded Ukraine's inventory of encrypted tactical radios since February 2022; key systems include: Harris/L3Harris AN/PRC-163 multi-channel multi-band radios (US); Harris RF-7800 series (US, widely distributed); Motorola Solutions encrypted digital radios (various models, funded through US and UK assistance); ASELSAN military radios (Turkey, included in Turkish aid packages); and Codan Communications HF systems for long-range command communications
• Frequency hopping: modern encrypted tactical radios use frequency-hopping spread spectrum (FHSS) technology that makes interception by conventional SIGINT equipment extremely difficult; FHSS-equipped radios change frequency thousands of times per second according to a pre-programmed pseudo-random sequence shared between communicating radios; intercepting FHSS communications requires specialised wideband receivers and substantial analytical resources, significantly raising the cost and time required for Russian SIGINT exploitation
• Distribution challenges: sufficient encrypted radios to fully equip Ukraine's expanded wartime military would require millions of handheld and vehicle-mounted sets; Western production capacity has not kept pace with Ukrainian demand; the result is a tiered distribution where the highest-priority units near the line of contact receive priority allocation of encrypted radios while rear-echelon and newly formed units may still rely on older equipment; this creates persistent vulnerabilities in the force that Russian SIGINT operators can exploit where coverage gaps exist
• PACE planning (Primary, Alternate, Contingency, Emergency): NATO-trained Ukrainian commanders have increasingly implemented PACE communications planning — designating a primary encrypted radio channel, an alternate encrypted channel, a contingency means (satellite phone or relay), and an emergency means (physically delivered message or pre-planned pyrotechnic signal); PACE planning reduces the risk that communications disruption leads to loss of command and control, a frequent failure pattern in under-trained forces

Commercial Messaging App Problem

• The widespread use of commercial messaging applications — primarily Telegram, WhatsApp, and Signal — for military communications has created a persistent COMSEC challenge; the appeal is understandable: these apps are familiar to soldiers, work on personal smartphones, offer encryption (particularly Signal), and allow rapid formation of group chats that can coordinate small units and logistics; but their use violates fundamental OPSEC principles and has created documented intelligence vulnerabilities
• Telegram is the most serious case: Telegram's server-side infrastructure is technically accessible to law enforcement under certain conditions, and its encryption model (server-side keys for standard chats, though end-to-end encrypted "secret chats" are available) means group messages are not fully protected; more importantly, Telegram group membership lists, shared location pins, phone number associations, and post metadata all provide exploitable intelligence to adversarial collection operations; Russian military intelligence (GRU) and FSB are known to maintain extensive Telegram monitoring operations; the Ukrainian security service (SBU) has documented multiple instances of operational security breaches through Telegram group activity
• Signal's stronger security model does not eliminate the problem: Signal provides strong cryptographic protection for message content but the underlying phone's cellular connection still creates location data accessible to network-level surveillance; a soldier using Signal on a personal SIM card near a combat position still creates a location signature through cellular positioning; and interpersonal communication patterns with identified personal numbers can be combined with captured device analysis or informant reporting to build operational intelligence pictures
• Ukrainian institutional response: Ukraine's military intelligence and security services have issued repeated directives restricting commercial communications app use in frontline areas; enforcement has been inconsistent given the culture of smartphone communication in a mobilised civilian force; the most effective solution has been providing alternative communications means (encrypted military radio, official messaging platforms) that are more convenient for legitimate unit communications, reducing the incentive to use personal phones for operational purposes

Delta Battlefield Management System

• The Delta battlefield management system, developed by Ukrainian company InformNapalm / Ukrainian military-technology ecosystem and subsequently adopted and further developed by the Ministry of Defence, represents Ukraine's most significant indigenous communications and intelligence integration achievement; Delta integrates multiple intelligence streams — drone reconnaissance imagery, OSINT, ground observer reports, captured equipment data, and friendly unit positions — into a common operational picture accessible to commanders at multiple echelons on tablet or laptop interfaces
• Delta's key capabilities: real-time common operational picture (COP) enabling multiple headquarters to share the same battlefield picture without voice radio transmission; geotagged enemy position reporting enabling rapid targeting without voice coordination; integration with Ukrainian artillery fire control systems (particularly Kropyva fire control) to reduce the cycle time from target observation to fire mission completion; and an offline-capable mode for areas with disrupted communications infrastructure
• The system has been credited by Ukrainian commanders with dramatically reducing the time required for fire mission execution: target observation to first round reportedly reduced from an average of 30–40 minutes (typical for voice-coordinated artillery with manual grid conversion) to 5–10 minutes using integrated digital data link; this acceleration has tactical significance in engagements where the target — particularly Russian command vehicles and artillery — moves or is reacquired after firing
• Security architecture: Delta's security design incorporates end-to-end encryption, role-based access control limiting each user to only the operational information relevant to their role, and secure authentication; the system's development incorporated advice from Western cybersecurity partners; Ukraine has declined to share detailed technical specifications, consistent with protecting the operational security of a system that Russian cyber operations have actively targeted

EW Countermeasures and Frequency Management

• Russian electronic warfare jamming of Ukrainian communications has been continuous throughout the war; Russian EW complexes (Krasukha-4, Murmansk-BN, Lepestok, Borrisoglebsk-2) have targeted multiple frequency bands used by Ukrainian tactical communications; the effect is electromagnetic noise that disrupts clear communication and forces Ukrainian units to either cease radio communication, shift frequency, or accept degraded communications quality
• Frequency management: effective military communications requires systematic management of which units operate on which frequencies to avoid mutual interference and to prevent adversarial exploitation of known frequency assignments; Ukrainian forces have progressively improved frequency management discipline, shifting more rapidly away from compromised frequencies and implementing regular rotation schedules that deny Russian SIGINT stable long-duration collection against known channels
• Fibre optic last-mile: in stabilised defensive positions where Ukrainian units occupy fixed locations for extended periods, the deployment of field fibre optic cables provides a physically unjammable, electromagnetically silent communications link; fibre carries no radio frequency emission detectable by SIGINT collection; Ukrainian units defending prepared positions have experimented with fibre optic voice and data connections to adjacent positions, protecting critical communications from both EW jamming and SIGINT interception simultaneously
• Starlink integration: SpaceX's Starlink satellite internet terminals, provided in large numbers through Ukrainian government procurement and international donations, have provided Ukraine with a broadband data communications capability independent of terrestrial infrastructure; Starlink enables Delta system data synchronisation across geographic distances without HF radio, supports encrypted voice-over-IP communications between command posts, and provides a backup communications path when terrestrial links are severed by kinetic or EW interference; Russia's attempts to jam Starlink terminals have achieved only partial, intermittent success against Starlink's jamming-resistant phased array antenna designs

Assessment

• Ukrainian military communications security has improved substantially across the war — moving from near-total vulnerability in 2022 to a mixed picture by 2026 in which critical communications are increasingly protected while weaknesses persist in newly mobilised units, rear echelon operations, and individual soldier OPSEC discipline; the direction of travel is positive and the rate of improvement compares favourably with what might be expected given the scale and speed of military expansion
• The war has demonstrated that communications security is not primarily a technology problem — it is a doctrine, training, and culture problem; the most damaging vulnerabilities have been behavioural (soldiers using personal phones, commanders transmitting on compromised frequencies rather than shifting, units not implementing PACE planning) rather than purely technical failures; closing the cultural gap between military communications security norms and the smartphone usage habits of a mobilised civilian force is the central ongoing challenge
• For Russia, SIGINT remains a significant tactical advantage in areas where Ukrainian encrypted radio coverage is incomplete, but the advantage has narrowed significantly from the early war period when large portions of Ukrainian tactical communications were effectively transparent; Russia's own communications security has been observed to be weaker than Ukraine's in multiple documented incidents, suggesting neither side has a commanding overall COMSEC advantage, and both continue to exploit the other's vulnerabilities where accessible
• The Delta system and associated digital integration of the Ukrainian military represents a generational leap in battlefield management capability that positions Ukraine's armed forces to operate with a level of digital situational awareness that will outlast the current conflict; the institutional and technical knowledge embedded in Delta's development community constitutes a strategic capability asset for Ukraine's long-term defence posture

Frequently Asked Questions