Things can change as quickly as they can happen and, recently, the pace of change has been so profound that what we considered ordinary a few months ago is now extraordinary. As the long-standing relationship between the United States and the European Union (EU) undergoes an endurance test and with the war in Ukraine not showing signs of resolution any time soon, the EU is asked to rethink its own place in the global order.
The pressing question for Europe is how to co-exist with its unfriendly neighbor, especially if it ends up losing the unwavering support of its closest ally. If, indeed, the US is considering a major NATO policy shift and if Putin’s plan is to destroy Europeans’ normal life and to divide the west, as President Zelenskyy has indicated, then Europe must focus on its own survival. To this end, the EU has stated that it is ready to mobilize as much as 800 billion euros to beef up its defense. “Europe is ready to massively boost its defense spending”, said European Commission President Ursula von der Leyen. “Both to respond to the short-term urgency to act and to support Ukraine but also to address the long-term need to take on much more responsibility for our own European security. Europe is in its era of rearmament” she noted.
As Europe thinks what its defense strategy entails, one of its biggest challenges will be to make good use of that money, especially investing in and stimulating technological innovation. This includes a myriad of different things from creating new products and services to adapting existing technologies to military use and developing new approaches to defense. However, first and foremost, the EU must support, defend and lead an Internet that is open and decentralized. If the EU is serious about arming itself, it must lean on the open Internet. This entails supporting three main properties:
Keep it Neutral
On February 28, 2022, the Minister of Digital Transformation, Mykhailo Fedorov, contacted the Internet Corporation for Assigned Names and Numbers (ICANN) – the body that is responsible for the management of the Internet’s Domain Name System (DNS) – requesting that the organization imposes “strict sanctions against the Russian Federation in the field of DNS regulation.” The official request asked ICANN to revoke Russia's country code top-level domains (ccTLDs) – .ru, .рф, and .su – from the DNS root zone, as well as invalidate TLS/SSL certificates within those domains. The Government of Ukraine also called for the shutdown of DNS root servers operating within Russia. A similar request was also sent to RIPE NCC, one of the five regional registries responsible for the allocation of IP addresses, to withdraw “Russia’s Local Internet Registries’ (LIR) rights to use their assigned IPv4 and IPv6 addresses and the blocking of their DNS root servers”. Both organizations declined Ukraine’s requests.
Despite everyone’s personal feelings, that was the right move. It is important that the Internet is, and remains, neutral and apolitical, two properties that provide significant guardrails for security. A neutral Internet ensures that no political ideology is favored, helping to maintain it as a shared, cooperative ecosystem, reducing opportunities for attack by adversaries looking to exploit politically charged systems.
At the same time, neutrality keeps protocols and infrastructure transparent and standardized, making it easier to defend. Proprietary or politically influenced systems can introduce security vulnerabilities due to lack of interoperability and hidden agendas, creating distrust among users, business and governments. In this context, trust is essential for the uptake of secure practices and for international cooperation on cyber norms. If the Internet becomes politicized, it is easier for states to justify using cyber tools as political weapons and make it harder for them to collaborate. If the Internet’s history is of any indication, state actors are more likely to work together on threats if the infrastructure is not politically biased.
A neutral Internet infrastructure ensures that military and government communications are not throttled, blocked, or prioritized based on third-party interests. At the same time, trust in infrastructure is essential for the military to operate securely over civilian networks, especially during crises. To this end, trust and neutrality in Internet pathways help ensure that data exchanged between allies is not tampered with or intercepted, given that defense agencies need a neutral and reliable digital landscape to monitor and respond to threats effectively, otherwise routing manipulation, for example, BGP hijacking, could be exploited to intercept or delay defense-related traffic.
Internet neutrality ensures open and fair access, while trust ensures reliability and security. Together, they form the backbone of resilient, coordinated, and effective modern defense systems.
Keep it Decentralized
In 2021, Unstoppable Domains, a decentralized DNS provider, helped activists in regions with Internet censorship by offering .crypto and .zil domain names that could not be easily blocked or taken down by governments. Over the past three years, the Ukrainian government and individuals did use the .crypto domain for donations and fundraising, as they were trying to increase their resources to fight the war with Russia.
The main premise of the Internet’s architecture is that it is not controlled by a single entity; instead, it operates on a decentralized network of servers and systems, which means that, if one part fails, others can continue to function. In the Internet, multiple pathways for data exist that travel across its networks. If one route becomes unavailable for whatever reason, data can be routed through alternative pathways, ensuring continuous connectivity. This is achieved because of the standardized protocols (like TCP/IP) that are designed to handle errors and manage data flow efficiently. These protocols help maintain communication even in adverse conditions, such as war. If packets are lost or corrupted during transmission, TCP can detect this and request retransmission, enhancing reliability.
The Internet is built on a layered architecture that allows different systems and technologies to communicate efficiently. This architectural design is key for defense governance as multiple layers can better protect systems and data. Generally, for defense to be strategic, it should leverage multiple security measures to protect the integrity, confidentiality and availability of the network and the data that exists in it. Defense in depth is a cybersecurity strategy, which is applied across the Internet building blocks and aims at securing each one of them. Examples include, the DNS Security Extensions (DNSSEC), which add protection to the DNS system; the HTTPS/TLS protocol, which encrypts data in transit; the Border Gateway Protocol (BGP) route filtering, which helps protect the routing infrastructure; and, the firewalls and Intrusion Detection Systems (IDS), which protect data as it flows through networks. Just like the Internet is layered, so is defense in depth and, the idea is that one can apply security measures at each layer of the Internet stack. If one layer fails, another is there to stop the threat.
For defense to be effective, the requirement is to have a decentralized and open Internet; data, control and services must be distributed across many nodes instead of being concentrated in a few centralized servers or systems. In the current Internet model, state actors can keep communication and coordination tools running even under hostile conditions making it harder for attackers to bring the whole system down. At the same time, and considering that critical infrastructure, like undersea cables, data centers and satellites can be subject to attacks, as recent incidents have shown, a decentralized Internet allows feedback systems, including mesh networks or local nodes, to take over basic communications. To this end, an open and decentralized Internet becomes important for defense purposes to resist attacks, as military comms can continue even if major networks are hit; to secure communications through encrypted and decentralized messaging apps; and, to verify supply chains, through blockchain applications that can track food, fuel, gear and ammo movements.
The value of the decentralized Internet has been evident during the war in Ukraine. According to a report by the UN, “Ukraine will need at least $1.79 billion to restore its telecommunications sector to pre-war levels” as Russia has “destroyed completely or seized” the networks in parts of the country. This, however, has not prevented the Ukrainian defense forces from communicating either through meshed networking solutions or satellite connections. The Internet’s decentralized architecture has helped Ukraine to keep communication channels alive within and outside of the country.
Keep It Simple, Stupid (KISS)
The Ukraine war saw a significant use of crowdsourced information and digital mapping tools. From the early days of the invasion, both the Ukrainian government and international organizations encouraged civilians to use social media and mapping platforms to report on attacks, movements, and other developments. This enabled a decentralized form of war reporting that supplemented traditional media.
One notable example was the interactive war map shared widely by various news outlets and humanitarian organizations, which was built on OpenStreetMap data. These maps not only showed the locations of active fighting but also highlighted bombed hospitals, damaged infrastructure, and refugee camps. Civilians used simple tools to contribute their observations, often in the form of GPS coordinates or photos sent via social media, which were then added to these live maps. It was a global, open collaboration that reflected the power of the internet and the principle of simplicity in action.
Simplicity is an important principle that plays a significant role both in security and Internet architecture as it reduces the chances for errors, makes systems easier to understand and improves reliability. This means fewer bugs, easier auditing and fewer dependencies.
Despite its perceived complexity, the Internet is inherently simple. Its end-to-end principle is all about keeping the network as dumb, fast and general-purpose as possible, while pushing complexity – like error handling, data integrity checks, etc. – to the edges, in other words to the applications and devices that actually use the network. This aligns with the KISS principle, because a simple core means that fewer things can go wrong, while making it easier to scale and maintain high performance. The idea is that the edges – the clients and servers – can customize functionality to their needs without burdening the entire network.
That’s what made the Internet successful, reliable and resilient. The network does not care what kind of data it moves around; it is just about ensuring that packets of data reach their destination. All the “smart” stuff, like TCP transmissions, encryption, or video encoding, happen at the endpoints. The end-to-end principle has strongly influenced how security is implemented in the Internet - from end-to-end encryption to trust and authentication, the responsibility is placed at the endpoints.
Simplicity matters in times of war. Simple, robust tools, like radios or signal encryption, are less likely to fail under attack, while complex systems are more likely to be disrupted. Unintercepted communication systems are also important. KISS aligns with both privacy and decentralization, something that has been evident in Ukraine where secure messaging apps, satellite comms, and decentralized coordination tools have been essential. These tools often rely on KISS design principles for rapid deployment and reliability. In this context, the open Internet acts as both a shield and a sword.
Conclusion
An open Internet is a central pillar of modern defense, fostering innovation, cross-border collaboration, and rapid information sharing among European countries and allies. This connectivity enables the detection of cyber threats and coordinated responses that are essential to Europe’s security. The open internet empowers citizens to organize, advocate, and hold governments accountable by enabling grassroots support movements, refugee coordination, and the spread of vital real-time information. A vibrant digital economy, built on open access and innovation, can only foster and enhance Europe's defense autonomy.
Maintaining an open, global, and interoperable internet is crucial for defense because it facilitates effective communication, collaboration, innovation, and resilience across borders. It strengthens cybersecurity, enables global intelligence sharing, ensures economic stability, and supports military and humanitarian coordination. In a world where security threats, including cyberattacks, misinformation campaigns, and strategic rivalries, transcend national boundaries, the open internet is a cornerstone for a strong, interconnected defense posture.
If the internet becomes fragmented or heavily controlled, it could create vulnerabilities that adversaries might exploit, isolating nations and making it harder to respond effectively to emerging threats. Europe cannot defend itself effectively if, first, it does not defend the open Internet.
Disclaimer: The views in this article are solely those of the author and do not necessarily reflect the views of the European Union.
