Home Pay off US and EU cyber investments in Ukraine pay off amid war

US and EU cyber investments in Ukraine pay off amid war

0

Recent US and European cyber defense investments in Ukraine are being tested following Russia’s invasion of the country.

In the weeks and months leading up to the conflict, the United States and the European Union (EU) deployed a team of cyberwarfare experts to help prevent Russian cyberattacks from disrupting the country’s critical infrastructure.

A new EU cyber rapid response team of 12 experts and a ‘forward search’ team with US Cyber ​​Command have been sent to Ukraine to search for active cyber threats inside networks and strengthen the country’s cyber defenses.

This was in response to a wave of cyberattacks that targeted local banks and Ukrainian government websites – including parliament and the foreign and defense ministries – weeks and days before the invasion. Russia has denied any involvement.

The West began actively investing in Ukraine’s cyber defenses after the power grid hack in 2015 and the Petya malware attack in 2017. The power grid attack left more than 200,000 people without power for several hours while the Petya malware disrupted major Ukrainian institutions including banks, ministries and businesses.

James Turgal, vice president of cybersecurity firm Optiv, said the attacks were a wake-up call for Ukraine and the West to put in place defensive measures to detect and prevent such attacks.

“Western countries, including the United States, learned a lot from how the Russians did it,” Turgal said. “It was certainly in our interest – and certainly in Western Europe’s interest – to help the Ukrainians in this area so that we understood what tactics and procedures were being used by the Russians.”

Turgal explained that part of this Western assistance is helping Ukrainians understand the different types of cyberattacks as well as determining where they come from and how they entered the system, how far they spread to through networks and how to deconstruct them.

With the help of the West, Ukraine has become more resilient since the first cyberattacks, especially since it is particularly vulnerable to Russian attacks since most of its infrastructure was built by Moscow during the Soviet era. .

“The original core ecosystem that Ukraine operates on was built by the Russians,” said Turgal, former executive assistant director of the FBI’s information and technology branch. He added that the country probably designed new technologies and modernized some of its infrastructure when it became independent from the Soviet Union.

Turgal also said that “Ukrainian cyber-ecosystems are much stronger than they were before 2015,” partly due to the cyber assistance provided by the West.

The United States’ commitment to assisting Ukraine was recently expressed by US Under Secretary of State Wendy Sherman, who said this is a critical time for the United States and its allies. to strengthen their cyber defenses and help countries, including Ukraine, that have been victimized by Russia. aggression, including cyberattacks.

Sherman said the United States had invested $40 million since 2017 to help Ukraine develop its information technology sector, following numerous Russian-based cyberattacks that targeted Ukraine’s critical infrastructure. Ukraine, including its power grid and financial system.

“Our NATO allies and European partners have also made significant contributions to help improve Ukraine’s cybersecurity,” Sherman said, adding that the investments have helped Ukrainians “maintain their internet and the flow of information, even in the midst of a brutal Russian invasion”.

Spokesperson for the Ministry of Defense John KirbyJohn Kirby Sunday shows the preview: Russian invasion of Ukraine extends into week three GOP senators urge Biden to expedite transfer of air power and air defense systems to Ukraine echoed that sentiment when he told reporters at a March 9 briefing that the United States had “helped overtime improve [Ukraine’s] resilience in cyberspace, and I think some of that resilience is visible as well.

Kirby added that just because there haven’t been devastating cyberattacks launched by the Russians doesn’t mean they haven’t tried. It could be that “Ukrainians have improved their ability to be resilient,” he said.

Western governments aren’t the only ones sharing their cyber expertise with Ukrainians. The private sector, including tech companies such as Google, Amazon and Microsoft, has also partnered with the Ukrainian government to help counter cyberattacks, said Jason Blessing, cyber expert and researcher at the American Enterprise Institute. .

Blessing said the private sector has also been at the forefront of providing technical support and cyber expertise to Ukrainians, especially after the invasion.

Hours before the Russian invasion, Microsoft said it detected new malware – known as FoxBlade – attempting to disrupt Ukraine’s digital infrastructure. The tech company said it shared the information with the Ukrainian government and was able to deconstruct it within three hours.

Even though cyberattacks appear to be Russia’s new weapon of choice, Blessing said the biggest threat at the moment is physical attacks, such as bombings, which can destroy critical infrastructure.

“There is reason to be cautious about the type of cyber activity that could take place on Ukrainian networks. We cannot ignore this. But I think the biggest threat right now is literally physical attacks on infrastructure which can cause the same effect and are much cheaper,” Blessing said.

“As the conflict drags on, cyber will be a component. It’s already the case. But there will likely remain inexpensive and unsophisticated methods that have already been used,” he added.

Western governments have also speculated as to why Russia hasn’t launched much more devastating cyberattacks on Ukraine, as it did in 2015 and 2017. Some cyber experts say Russia is likely assessing its options on whether launching a destructive cyberattack is worth it, especially in the face of economic sanctions imposed by the West.

Other experts believe that even if Russia has the capability to launch destructive cyberattacks against Ukraine, it probably chooses not to completely destroy the country’s critical infrastructure, especially if it plans to take over Ukraine. .

“Yes [Russian President Vladimir PutinVladimir Vladimirovich PutinTrump tears into Biden amid Ukraine conflict Bipartisan group of senators to meet with officials, visit refugee sites in Poland Republicans seize on rising gas prices amid Ukraine conflict MORE] going to take over a country, they can’t completely destroy all the infrastructure because they’re going to settle there, and then they’ll be responsible for the [damage]said Tom Stefanick, visiting scholar in the Brookings Institution’s Foreign Policy Program.

Stefanick said Putin was likely strategic in how he uses cyberattacks on Ukraine because it can be expensive to rebuild such critical infrastructure. He also said the Russians were likely using unsophisticated cyberattacks, such as distributed denial-of-service attacks, to disrupt just enough but not entirely to destroy key sectors.

In a statement to The Hill, the FBI said it is “dedicated to investigating and combating any malicious cyber incident affecting Ukraine’s critical infrastructure.”

“We are working with our partners, domestically and internationally, to identify, disrupt and deter these targeted cyber threats,” an FBI spokesperson added.