Ukraine Deputy Cyber Leader on Lessons From Russia-Ukraine Cyberwar
As the conflict with Russia intensified into war earlier this year, the cyberattacks on Ukrainian interests didn’t come as a surprise to Victor Zhora, who recently spoke via video link with BlackBerry CEO John Chen at BlackBerry’s recent Summit 2022.
Zhora, Ukraine’s deputy cyber leader, explained that the Ukrainian government expected attacks on government agencies, as well as critical infrastructure in the private sector including media, telecom and finance. He detailed a considerable rise in cybersecurity incidents within the first weeks of the war. “We didn’t have time to even think about how scary the attacks can be, we are simply doing our best job to protect our country and hopefully we will be more successful than the attackers,” Zhora said.
Zhora cited several reasons why the Ukrainian government successfully fended off these attacks. Most notably, it’s due to what he characterized as the lack of an attack strategy from their adversary. “We see a rather opportunistic behavior,” he said. “The absence of a strategy gives us the opportunity to just fix vulnerabilities, counteract [attacks] and provide incident response and defend our digital borders,” he continued.
As time goes on, Zhora said he “remains concerned that attackers will use that time to develop new tools, new technologies or plan new offensive cyberattack operations against our country and against other countries, as well,” he added.
Zhora expressed gratitude to the global cybersecurity community, including their private sector partners and governments that have helped Ukraine bolster its cyberresiliency. Zhora said Ukraine has received hardware, cloud services, software and cybersecurity intelligence assistance. “We get a lot of help from volunteers. We were able to conscript the best experts from the private sector in Ukraine. And we have joined forces with volunteers who continue working in the private companies in cybersecurity, and use their free time to help us,” Zhora said.
Priorities and Advice for Others
Since the war began, Ukraine’s challenges in cybersecurity have evolved and shifted. In the early weeks leading up to and during the war, the Ukrainian government started moving its infrastructure and crucial databases and information systems out of the country and to cloud infrastructures located abroad. “We changed our legislation to allow this,” Zhora explained.
Currently, because of the attacks on the energy grid, the highest priority is keeping the power system stable. “We need to maintain the operation of our data centers and our communication networks. Obviously, without power they will not work,” he said, and as for cybersecurity, the focus is on maintaining the confidentiality, integrity, availability and accountability of systems.
When asked about lessons learned, Zhora said no country can protect itself alone in the contemporary interconnected world. Zhora explained that there’s no chance for nations to successfully protect themselves and be isolated from other responsible countries within cyberspace. “Exchanging information about threats can be the most efficient way to build a robust cybersecurity ecosystem, which can counter these threats that Ukraine is currently facing and that can reappear in future,” he said.