Ukraine defends its cyber infrastructure in the face of attacks from Russia
The rapid development of information and communications technology in Ukraine, the dependence of all spheres of life on cyberspace, and the increase in cyber crime and cyber aggression on the part of Russia in its hybrid war against Ukraine all prove that cyber security is an essential element of national security.
Traditionally, cyber security in Ukraine was viewed broadly as a component of information security. However, existent cyber threats not only underline the urgent need to build efficient cyber capacity and cyber defense systems, but are also significantly changing the role of cyber security. The 2015 National Security Strategy of Ukraine, at last, recognized cyber security as a full-fledged and important part of national security.
According to reports from Ukraine’s Computer Emergency Response Team, the main target of cyber attacks remains the public sector (information and telecommunication systems of the state) and critical infrastructure, mainly in the energy domain.
Recent cyber attacks on energy facilities in several regions of Ukraine resulted in electrical power outages. Thousands of people spent several hours without electricity, and the work of local industry was paralyzed. These attacks, attributed by many experts to the Russian Federation, could be considered as the first example of cyber war, or so-called hybrid war, because they accompanied an ongoing military conflict and caused substantial damage to critical infrastructure in another country.
The use of cyber attacks as a tool of information warfare is another distinctive feature of cyber threats to Ukraine’s national security. Hackers, presumably connected with Russian special services, have been attacking official Ukrainian government websites to post false information and statements. This disinformation is aimed at discrediting the state’s authority and increasing social tensions.
Cyber crime, another threat to Ukrainian cyber security, grew dramatically in recent years. On one hand, Ukraine is among the top five countries in the world in producing highly skilled information technology (IT) specialists, many of whom are outsourced abroad, and each year 16,000 new IT professionals earn degrees in Ukrainian universities. However, some of these specialists can be manipulated by cyber criminals and international organized crime. Often, they are unaware of the real purpose and end use of their work.
On March 15, 2016, Ukrainian President Petro Poroshenko signed a decree enforcing the Ukrainian National Security and Defense Council’s resolution dated January 27, “On the Cyber Security Strategy of Ukraine.”
The strategy was adopted after taking into account the challenges Ukraine faces: the aggressive actions of the Russian Federation and amplification of cyberspace usage by intelligence and special military structures, as well as by terrorists and criminals.
The purpose of the strategy is to create conditions for the safe operation of cyberspace for the benefit of individuals, society and the state. The strategy envisages a wide range of measures to ensure Ukraine’s cyber security. In particular, these measures include the adaptation of state policy aimed at developing and securing cyberspace, compliance with European Union and NATO standards, the formation of a competitive environment in the sphere of electronic communications and the provision of cyber protection services.
According to the document, the Ukrainian Defense Ministry, the State Service of Special Communications and Information Protection of Ukraine, the Security Service, the National Police, the National Bank and intelligence agencies are the cornerstones of the national cyber security system.
The coordinating body in the sphere of cyber security is the National Security and Defense Council of Ukraine under the President of Ukraine, now tasked with creating the National Cyber Security Coordination Center that will be part of the Council.
Yet Ukraine faces challenges to building an efficient cyber security system able to protect the country from emerging cyber threats. These include the need to approve an action plan for implementing the Ukrainian Cyber Security Strategy in 2016, to enhance mechanisms of coordination and interagency cooperation, to develop public-private partnerships based on trust, to enhance technical capabilities and education, to raise awareness about cyber threats, and to become a full member of international initiatives and collaborate in the cyber security domain.
Considering the transnational character of cyber threats, international cooperation with NATO, the Organization for Security and Co-operation in Europe (OSCE) and the European Union, as well as bilateral collaboration with partner states, plays an important role in enhancing Ukrainian cyber security.
At the September 2014 NATO Summit in Wales, the Alliance established a NATO-Ukraine Cyber Defence Trust Fund, whose main goal is to help Ukraine develop technical capabilities to counter cyber threats. The project also trains personnel in the use of these technologies and equipment and provides practical advice on policy development.
Recognizing the importance of developing common international approaches to the cyber sphere and building trust with other countries in cyberspace, Ukraine takes an active part in cyber security international initiatives. Since 2013, Ukraine has been an active member of the OSCE’s informal working group on confidence-building measures, which has developed and implemented a set of measures to reduce the risks of conflict stemming from the use of information and communication technologies.
In 2005, Ukraine ratified the Council of Europe Convention on Cybercrime, though implementing it through national legislation continues. One of the most urgent tasks in the interests of national cyber security is to implement provisions concerning the empowerment of Ukraine’s inquiry and investigation authorities to issue mandatory regulations for network providers on immediately securing and further storing computer data when required for investigation of crime.
The Convention on Cybercrime is an important tool of international cooperation in combating cyber crime, but there is also a strong need to optimize existing information sharing mechanisms, including a mutual legal assistance treaty to ensure quick and adequate response to cyber threats and investigations of cyber crimes at the national and international level.
Today, Ukraine faces a vast range of diverse and sophisticated cyber threats, many of which are totally new. Cyber intrusions are among the most serious challenges to national security. Enhancing cyber security is a must for guaranteeing Ukrainian national security. This requires the development and further management of an effective cyber security system and adequate comprehensive measures based on global best practices and international support. The goal is not only to counter existent cyber threats, but to ensure a balance between national security and fundamental European values.