Russia’s war on Ukraine has spread far beyond the trenches of eastern Donbas – now the Kremlin can target virtually anyone with its cyberattacks.
Since 2016, the number of computer viruses spreading in Ukraine online has surged. While not causing physical damage like shelling, the attacks can nevertheless paralyze vital systems, such as energy grids or payments systems. In many cases, Ukraine is a testing ground for attackers, and the country faces cybersecurity threats that have never been seen before anywhere else.
An attack in June with a virus called NotPetya proved how vulnerable Ukraine’s computer systems are – the attack paralyzed banking systems, ministries, media outlets, and lots of services. In response to constant attacks, the government adopted the law on cybersecurity in October, but experts say this may not be enough to protect all systems.
Cybersecurity expert Marina Krotofil says that communication systems and networks in Ukraine “are not protected at all, so basically, everything is at risk.”
Krotofil will be coming from the United States to be one of the panelists at the Tiger Conference Cybersecurity breakout session on Dec. 5. There, she will discuss with other experts the various cyber threats Ukraine faces, and best practices that it needs to adopt.
Krotofil works as a principal analyst at intelligence-led security company FireEye, Inc. Recalling the attack in June, she said that the broad scale of the infection revealed a lot of interdependencies. For instance, people couldn’t pay for food in grocery stores because the cashier’s desks were infected, but neither could they withdraw cash, as many banks and ATMs were also affected.
“I think this was new for the entire world,” she said. “It turned out to be so powerful and so effective – literary the entire country was paralyzed.”
Viruses that attack electricity grid systems are particularly dangerous, as they affect every sector as well. Such attacks on state electricity companies led to power outages in December 2015 and December 2016.
Old technology, unlicensed and out-of-date software are among the factors contributing to system fragility, says Cornelius Granig, the CEO of tech consulting company K-Advisors, who will also be a panelist at the conference.
“Cyber threats are global – they do not stop at countries who have problems with their infrastructure,” Granig said. “The opposite is going on: If a country is vulnerable, no matter how pure or developed the country is, the probability that an attack can do a lot of harm is very high.”
Granig says it’s almost impossible to determine where an attack is coming from. And even if the source is determined, the attackers can switch to using other internet protocol addresses.
But Dmytro Shymkiv, the deputy head of the Presidential Administration and the moderator of the session, attributed 99 percent of the cyberattacks against Ukraine to Russia in an interview with the Kyiv Post in November.
To protect the system against attacks and reduced the dangers, Krotofil says Ukraine should adopt a comprehensive government program to address the weak security of Ukrainian infrastructure.
Krotofil would also like to talk at the session about methodological approaches to building a security program. As recovering after every attack is costly, she said companies should assess the weakness of their systems and develop a plan to address them before, rather than after an attack.
Meanwhile, Ukraine should also strengthen its cooperation with international organizations such as the European Union Agency for Law Enforcement Cooperation (Europol), which conducts cross-border activities to counter computer crimes. Ukraine signed an agreement on cooperation with Europol in December.
Involving civil society would be another solution, Granig says. He plans to create an organization called the Ukrainian Cyber Defense Center, where experts and activists will assess cyber threats and come up with ways to defend systems against them.
Besides local experts, who are well familiar with the vulnerabilities of their systems, he plans to engage foreign professionals, hoping to “help the Ukrainian government to modernize the country and to protect the information society from cyberattacks.”