Andrii Davydiuk
Ph.D in Cybersecurity, NATO CCDCOE Tech Researcher,
SSSCIP of Ukraine Deputy Branch Chief
G.E. Pukhov
Institute for Modelling in Energy Engineering,
National Academy of Sciences of Ukraine
Ukraine/Estonia
andrey19941904@gmail.com
Ensuring cybersecurity is a top priority for Ukraine's national security. With the onset of Russian armed aggression in 2014, the significance of the cyber domain in military operations acquired new importance, leading to a significant increase in cyberattacks. In 2015, Ukraine experienced the first electricity blackout due to a cyberattack, leaving over 230,000 residents without power in certain areas of the western part of the country for up to six hours. With the beginning of Russia's full-scale invasion on February 24, 2022, the approaches and tactics of the adversary became even more effective. Actions in the cyber domain complement information-psychological operations and kinetic attacks, and vice versa.
Since 2014, Ukraine has been a testing ground for cyber weapons that were subsequently utilized by countries in the EU and worldwide to gather intelligence and exert pressure on their political and economic activities. Today, Ukraine has gained a unique experience in countering cyberattacks and has become a strong partner for the EU and NATO in cyberspace, evidenced by the decrease in the number of cyberattacks in 2023 compared to 2022 and the commendable positions of Ukrainian representatives in the international cybersecurity competitions. However, the decrease in cyberattacks is not solely due to the enhancement of experts' competencies and cyber defence capabilities in the security and defence sector. It also stems from the adversary's concentration of efforts on more sophisticated and qualitative cyberattacks. It's essential to understand that Russia's continuous buildup of potential for cyberattacks is perpetuated through its allied countries, compounded by the inadequacy and inefficiency of sanctions in the information and communication technology sphere.
Russia's tactics, taking into account information exchange with partner countries since the beginning of 2023, are starting to change. Cyber weaponry testing is now being carried out on the nations with lesser cyber defence potential than Ukraine, aiming to conserve resources for developing zero-day vulnerabilities and avoiding their premature detection within Ukraine. This affirms the absence of cyber boundaries and risks for several countries during this war.
Ukraine's alignment with the EU and NATO isn't limited to its political, economic, and security interests; it also prioritizes enhancing collective security and resilience among partner nations. To ensure collective security, Ukraine actively collaborates with international cyber security organizations such as ENISA. Key areas of cooperation involve increasing awareness and capacity building to bolster cyber resilience. This includes involving representatives from third countries in EU-level cyber security training or workshops, potential deployments, exchange, and promotion of tools and programs to raise awareness in the field of cyber security, sharing best practices to harmonize legislation and implementation (including NIS2 in the cyber sphere and sectors like communications and energy), knowledge and information exchange regarding the cyber threat landscape to enhance overall understanding of situations, among other aspects.
CERT-UA actively participates in the FIRST forum for computer incident response teams and exchanges cyber threat information with NATO's MISP. Ukraine's security and defence sector are engaged in cyber security training alongside NATO countries. Ukraine's interaction with world nations is not confined to the aforementioned examples but continues to grow, allowing Ukraine to more rapidly integrate into the EU and NATO's cyber security processes, thereby enhancing the maturity of its processes and contributing to collective cyber resilience.
Moreover, the war in Ukraine presents a unique opportunity to practise collaborative actions among partner countries in case of cyber aggression by involving their representatives in military missions, as observed in conditions of combat on the front lines.
The importance of such developments is exceedingly significant, given the rapid advancement in quantum computing and artificial intelligence technologies over the last five years. To better prepare for future challenges associated with aggression in cyberspace, it's pertinent to elevate the maturity of cyber resilience processes and widen the technology gap. Achieving such a disparity can be accomplished through software and hardware updates, systematic training and workshops for strategic-level professionals and technical personnel, organizing and conducting command-staff exercises with international participation, especially in Ukraine's regions, supporting project teams and analysts by establishing project offices, training international law experts in cyber security, and fostering cyber diplomacy. These capabilities will significantly enhance Ukraine's potential in cyber defence, fostering rapid technological progress and elevating the maturity of cyber resilience processes.
As Ukraine faces an increasingly complex and dynamic cyber landscape, the support of strategic allies becomes paramount. Collaborative strategies, especially within frameworks like the EU and NATO, provide Ukraine with essential resources, shared expertise, and a unified front against cyber adversaries. In an era where cybersecurity is a shared responsibility, the collaboration is not just beneficial but imperative for each country to navigate the challenges of the cyber frontier with strength and solidarity.