Проект USAID «Кібербезпека критично важливої інфраструктури в Україні». Оновлення кіберсектору

The USAID Cybersecurity for Critical Infrastructure in Ukraine Activity (the Activity), implemented by DAI Global LLC, is designed to reduce cybersecurity vulnerabilities in critical infrastructure (CI) sectors and transform Ukraine from a compromised, reactive cybersecurity actor to a proactive cybersecurity leader. Recognizing the complexity of the threat posed by Russian hybrid warfare, the Activity has adopted a multi-sector approach that engages government, businesses, and academia to improve Ukraine’s cybersecurity for CI. Through three strategic objectives, the Activity is improving the enabling environment for cybersecurity, strengthening Ukraine’s cybersecurity workforce, and stimulating market development to promote Ukrainian cybersecurity products and services.

This publication is made possible by support of the American people through the United States Agency for International Development (USAID). Its contents are the sole responsibility of the USAID Cybersecurity for Critical Infrastructure in Ukraine Activity and do not necessarily reflect the views of USAID or the U.S. Government.

SUMMARY

INCIDENTS

  • Cyber attacks on Ukraine’s critical infrastructure (CI) are increasing and evolving.
  • Ukraine experiences a combination of internet disruptions and cyberattacks following Russian missile strikes.
  • Russia’s offensive cyber capabilities largely underwhelm since the start of the war; however, concern is growing in anticipation for an expanded Russian cyber offensive against Ukraine this winter.

PUBLIC SECTOR DEVELOPMENTS

  • USAID supports a National Tabletop Exercise (TTX) to help strengthen Ukraine’s coordination efforts against cyber attacks.
  • The National Cybersecurity Coordination Center (NCCC) approves cybersecurity entity interaction hierarchy for cyber incident response and establishes the National Cyber Incident Response Plan, and holds multiple roudtable discussions with the support of USAID.
  • The EU sets up a cyber lab for the Ukrainian Armed Forces.

LEGAL DEVELOPMENTS

  • The State Service of Special Communication and Information Protection of Ukraine (SSSCIP) is officially designated as primary responsible body for CI security.
  • USAID supports the development of Cybersecurity Professional Standards in Ukraine.
  • USAID supports a SSSCIP roundtable discussion on a national protection system for critical infrastructure.

PRIVATE SECTOR DEVELOPMENTS

  • USAID supports the IT Arena, one of Eastern Europe’s largest tech events, to promote ‘Ukraine 3.0: Brave. Resilient. Digital.
  • Amazon Web Services (AWS) provides USD 75 million to Ukraine for the services to migrate state registers and other vital state databases to the AWS cloud environment.
  • AWS launches the IT Skills 4U program, specifically designed to help the people of Ukraine to build tech skills and cloud computing careers.
  • SpaceX continues offering Starlink services for connectivity redundency in Ukraine.
  • Microsoft pledges more financial and technical support.
  • Ministry of Digital Transformation (MDT) and Recorded Future sign a Memorandum of Cooperation.

 

INTERNATIONAL COOPERATION

  • USAD organizes the first working meeting between the United States Cybersecurity and Infrastructure Security Agency (CISA) and SSSCIP to kick-off their cooperation and discuss implementation plan for the Memorandum on Cooperation the organizations signed in July 2022.
  • USAID delivers 50 diesel generators to maintain power for the Government of Ukraine (GOU) to provide alternative electricity supply for government entities and critical information infrastructure in the event of power outages.
  • International allies pledge farther bilateral and multilateral support to boost Ukraine’s cybersecurity resilience amid intensifying conflict targeting CI.
  • The GOU participates in multiple cybersecurity conferences sharing Ukraine’s experience and promoting support for boosting cybersecurity in the country.
Figure 1: Deputy Chairmen of SSSCIP, Oleksandr Potii and Viktor Zhora, attending a USAID-facilitated inaugural working meeting between CISA and SSSCIP, alongside colleagues in Kyiv, on November 23, 2022.

INCIDENTS

Cyber attacks on Ukraine’s critical infrastructure increasing and evolving

SSCIP reports that the number of cyber attacks on Ukraine’s CI keeps increasing, with hackers deploying cyber espionage, disrupting access to public information services, and destroying data of information systems. Over 24 billion information security events took place in the past quarter (Q3, 2022), and the number of regisitered and processed cyberincidents increased from 64 to 115. Attacks attributed to Russian intelligence and military organizations and other Russian IP addresses are on the rise, with threat actor UAC-100 (Gamaredon) identified as a big attack unit. On October 10, 2022, Russian hacktivists from the Cyber Army group announced that they’d hacked the websites of the Lviv Chamber of Commerce and one of Ukraine’s armored vehicle producers. On October 21, CERT-UA issued a warning on possible Cuba Ransomware (ROMCOM) attacks against national and local CI networks. The malware gives threat actors the ability to perform file operations on the host, stealing data, spawning spoofed processes, and initiating reverse shells, among other capabilities. On November 8, CERT-UA detected a mass email campaign containing malicious links that were sent on behalf of SSSCIP, attributed to the persistent UAC-0010 group ‘Armageddon,’ associated with the FSB. On November 11, a new data wiper Ransomware strain attributed to the ‘From Russia with Love’ (FRwL) group also known as ‘Z-Team,’ called ‘Somnia’ hit multiple organizations.

On October 14, 2022, the Microsoft Threat Intelligence Center identified and shared evidence of a novel ransomware campaign called ‘Prestige,’ deployed by Sandworm, a Russian cybermilitary unit of the GRU, utilizing a previously unidentified ransomware payload targeting transport and logistics companies in Ukraine and Poland. Deployed on October 11, within one hour, the hackers deployed Prestige across a variety of actors. The attack highlighted that the GRU was growing more aggressive in its cyber strike, and that Eastern European countries could be vulnerable. It also illustrates that businesses that assist the Ukrainian effort in the war are now possible targets. The Prestige attack also was solely used to inflict harm, as there was no financial angle. Hackers likely gained access as far back as March before launching the strike at the end of September and into October.

Analysts from the American cybersecurity firm Mandiant presented a new set of tools and tactics used by Russia’s GRU military intelligence agency against targets in Ukraine, at the Cyberwarcon conference. Mandiant claims that GRU hackers are now focusing on “edge” devices like firewalls, routers, and email servers, frequently exploiting vulnerabilities in those devices that give them more immediate access. In the past, they would use phishing attacks to steal victims’ credentials or install backdoors on unwitting users’ computers inside target organizations.

Ukraine experiences a combination of internet disruptions and cyberattacks following Russian missile strikes

Ukraine experienced major internet and mobile communications disruptions on Monday, October 10, and Tuesday, October 11, after a series of Russian missile strikes caused widespread power outages. Internet connectivity levels dropped 35 percent below normal activity on Monday evening according to Cloudflare. Following the missile strikes on October 10, 2022, pro-Russia hackers launched distributed denial-of-service (DDoS) attacks against the Ukrainian mobile bank Monobank, sending 6 million requests per minute. According to Monobank co-founder Oleg Gorokhovsky, hackers attacked the bank after Ukrainian volunteers launched a crowdfunding campaign to purchase Ukrainian-made RAM ІІ kamikaze drones for the army.

In the event of a long-term blackout, KyivStar President Oleksandr Komarov stated that the alternative power supply of base stations will be sufficient for only 20% of the operator’s network in large cities in case of long-term power outage, as a result of missile strikes. He said that the company is working on alternative power options for base stations during power outages. According to Komarov, at their peak, the massive missile attacks on Ukraine and power outages disrupted approximately 17% of its network.

Russia’s offensive cyber capabilities largely underwhelm since the start of the war; however, concern is growing for an expanded cyber offensive this winter

Mieke Eoyang, United States Deputy assistant Secretary of Defense for Cyber Policy, tells an Aspen Cyber Summit that they were expecting more significant impacts from cyber attacks than what was sustained. Part of the explanation, she suggests, could be that Russia underestimated how long it takes to prepare for cyber operations ahead of a military engagement.This was echoed by SSSCIP Deputy Chairman Viktor Zhora, speaking at Mandiant’s Worldwide Information Security Exchange event in Washington on October 19, 2022, characterizing Russia’s efforts to achieve strategic results in cyberspace as a failure. He credits preparation and lessons learned from eight years of cyber conflict with Ukraine’s successful defense, internalizing lessons from cyber aggression for the last eight years to be much more prepared in the beginning of 2022 instead of 2014, by preparing the workforce for cyber aggression and improving cooperation between partners.

There is, however, growing concern that Russia will increase cyber attacks against Ukraine’s CI as Ukraine’s counteroffensive gains steam, to target namely energy as winter approaches. The concern echoes historical precedent, as the strategy used in 2015/16. Ukraine’s Defense Ministry warned the public in early October that Russia is planning to launch massive cyberattacks on CI, mainly the energy sector. The warnings highlight potential DDoS attacks targeting CI, with close allies such as Poland and the Baltics as targets. In a post on the company’s “On the Issues” blog, Clint Watts, general manager of Microsoft’s digital threat analysis center, urged customers to prepare for more Russian cyber attacks over the winter, citinng recent execution of Prestige in Poland, as a possible harbinger of Russia further extending cyberattacks beyond the borders of Ukraine. In addition, in almost two months of missile and drone strikes on Ukraine’s civilian infrastructure, there have been “complementary” cyber attacks on Ukrainian and foreign-based supply chains as well as “cyber-enabled influence operations.”

PUBLIC SECTOR DEVELOPMENTS

USAID Supports National Tabletop Exercise (TTX) to Help Strengthen Ukraine’s Coordination Efforts Against Cyber Attacks
On December 2, the National Cybersecurity Coordination Center (NCCC) of the National Security and Defense Council of Ukraine (NSDC) held its second TTX, with the support of the USAID Cybersecurity for Critical Infrastructure in Ukraine Activity. A TTX is an incident simulation exercise for senior government officials to test national coordination processes and develop a response to realistic cyber incidents. This year, the TTX scenario included various simulations combining cyber and kinetic attacks on critical infrastructure operators. NSDC Deputy Secretary Serhiy Demedyuk chaired the event, with 41 representatives from 15 national government entities participating in-person, including the SSSCIP, Ministry of Defense, Ministry of Foreign Affairs, Ministry of Justice, Ministry of Health, National Bank of Ukraine, National Police, and Security Service of Ukraine. Activity will develop a TTX playbook with materials for NSDC to actively train using TTX tools and strengthen national coordination efforts against cyberattacks.
Figure 2: NSDC Deputy Secretary Serhiy Demedyuk chairing the National TTX, alongside key GOU representatives in Kyiv, on December 2, 2022.

The National Security and Defense Council’s (NSDC) National Cybersecurity Coordination Center (NCCC) approves hierarchy for cyber incident response under the National Cyber Incident Response Plan, with the support of USAID.

At the end of September, the NSDC’s NCCC held a coordination meeting with the country’s top national cybersecurity entities, with participation from the MTD, the Ministry of Foreign Affairs, and the National Institute for Strategic Studies. At the meeting, participants adopted the cybersecurity entity interaction hierarchy for cyber incident response. The hierarchy envisages the creation of a permanent Joint Response Group for cyber incidents and cyberattacks led by the NCCC and stipulates the requisite information flow and coordination activities between cybersecurity entities in response to cyber incidents. The adopted document categorizes cyber incidents into 6 levels of importance and defines the requisite interaction for response to cyber threats. The NCCC is authorized to lead the coordination between national cybersecurity entities and receives mandatory notifications about all cyber incidents in Ukraine. USAID Cybersecurity for Critical Infrastructure in Ukraine Activity supported the development of the hierarchy by providing recommendations during the drafting process. The document will become an integral part of the comprehensive National Cybersecurity Incident Response Plan which is being developed by the NSDC with USAID Cybersecurity for Critical Infrastructure in Ukraine Activity’s support.

USAID Supports National Tabletop Exercise (TTX) to Help Strengthen Ukraine’s Coordination Efforts Against Cyber Attacks
On October 17, 2022, with the support of USAID Cybersecurity for Critical Infrastructure in Ukraine Activity, the NSDC’s NCCC held a roundtable to discuss the structure and format of the forthcoming National Cyber Incident Response Plan. NCCC members took part in the event, including SSSCIP, MDT, Security Service of Ukraine (SBU), among others. Participants reviewed international best practices of National Cybersecurity Incident Response Plan implementation and identified specific, actionable suggestions to develop Ukraine’s National Cybersecurity Incident Response Plan, incorporating the Ukrainian experience of responding to cyberattacks in wartime. During the event, Serhii Prokopenko, Head of Operations Department of the NCCC thanked USAID for its support with strengthening Ukraine’s capacity to respond to cyberattacks on critical infrastructure facilities.

On December 15, 2022, the NCCC held a second roundtable this quarter, on the “National Cyber Incident Response Plan: Legislative Aspects of Interaction, Ensuring Reliable and Timely Cyber Incident Information-Sharing”, with support from the USAID Cybersecurity for Critical Infrastructure in Ukraine Activity. The roundtable brought together over 30 representatives from government agencies, the private sector, CI operators and independent experts to discuss cyber incident information-sharing to bolster national cyber preparedness with a coordinated response to cyber incidents and crises. Participants reviewed international best practices on information-sharing and identified specific, actionable suggestions for amending Ukrainian legislation to ensure cyber resilience and preparedness for cyber incidents.

Figure 3: Participants engaging in a working group at the December 15 National Cyber Incident Response Plan roundtable.

EU sets up a cyber lab for the Ukrainian Armed Forces

On December 2, the EU delivered equipment and unveiled a cyber lab that it had financed in Kyiv, with security software and hardware to the Ukrainian Armed Forces, as part of its ongoing support to Ukraine under the European Peace Facility. With this support, Ukraine can build and further develop the cyber defense capacities of its armed forces to detect intrusions to the information systems, deal with cyberattacks, and strengthen their overall capacity in the cybersecurity area. This follows a measure adopted by the EU on 15 December 2021, under the European Peace Facility to support the Ukrainian Armed Forces worth €31 million, including on cyber defense The cyber lab will provide training environment to test and strengthen the hands-on skills of military cyber defense professionals with realistic virtual scenarios and real-time simulations that help to identify, monitor and protect from future cyberattacks faster and more effectively.

LEGAL DEVELOPMENTS

SSSCIP officially designated as primary body responsible for CI security in Ukraine

On October 18, the Ukrainian Parliament, the Verkhovna Rada of Ukraine, adopted the Law On Changes to Laws of Ukraine about Creation and Implementation of State Policy in the Field of Critical Infrastructure Protection that designated the SSSCIP as the primary body responsible CI security in Ukraine, vesting SSSCIP with additional responsibilities for policymaking on CI security and coordinating government ministries and CI operators. The law also stipulates additional responsibilities for the SSSCIP to generate and maintain the country’s CI register, to organize the assessment and analysis of the general state of CI security, and to provide consultations to CI entities regarding their security.

USAID Supports SSSCIP Roundtable Discussion on National Protection System for CI
Following Verkhovna Rada’s decision to designate SSSCIP as the primary body responsible for CI in Ukraine, on October 24, SSSCIP organized a hybrid roundtable with the support of the USAID
Cybersecurity for Critical Infrastructure in Ukraine Activity, named “National Protection System for CI: Sectoral Regulations, Identification and Categorization of CI.” Victor Zhora, SSSCIP Deputy Chairman, and Kim Kim Yee, Deputy Director of the USAID Ukraine Mission’s Office of Economic Growth opened the roundtable. Participants such as Chief Digital Transformation Officers (CDTOs) from ministries dealing with CI operators were invited to discuss the new expanded role of SSSCIP. SSSCIP presented CDTOs with key provisions for the newly adopted law and guided them through new security policies and legal requirements. Over 20 representatives of national governmental entities participated in-person.

USAID facilitates development of Cybersecurity Professional Standards in Ukraine

On November 25, 2022, the Head of the SSSSCIP, Yuriy Shchyhol, signed six new cybersecurity professional standards for the cybersecurity community in Ukraine. The professional standards were developed with the support of USAID Cybersecurity for Critical Infrastructure in Ukraine Activity, based on the National Initiative for Cybersecurity Education (NICE) Workforce Framework for Cybersecurity. The standards will become part of the Workforce Framework for Cybersecurity in Ukraine and will serve as baseline requirements for cyber specialists and guide the development of educational curricula that address broader cyber skills and competencies. The National Workforce Framework for Cybersecurity will enable higher education institutions to upgrade their educational programs in line with the knowledge and skills required for new cybersecurity professions, and thus help to satisfy employers’ requirements under current cyber threats. The framework provides a background for employees and employers to have a mutual understanding of the requirements for cyber professional qualifications.

PRIVATE SECTOR DEVELOPMENTS AND PARTNERSHIPS

Amazon Web Services (AWS) supports Ukraine with cloud technologies to help the digital state and economy work stably

Following the February 2022 decision by Ukraine’s parliament to allow government and private sector data to move to the cloud, the Deputy Prime Minister and Minister of Digital Transformation of Ukraine Mykhailo Fedorov and Director of Government Transformation at AWS Liam Maxwell signed a Memorandum of Cooperation (MoC) in the areas of digital transformation, public administration, digital literacy and innovation. AWS announced its intent to provide support to Ukraine for USD 75 million. These funds are allocated for the services of migration of state registers and other vital state databases to the AWS cloud environment.

AWS launches IT Skills 4U program to develop Ukraine’s tech workforce

On October 12, AWS launched the IT Skills 4U program, designed to help the people of Ukraine to build tech skills and cloud computing careers. This global initiative provides training, AWS Certification vouchers, and career services support for Ukrainians globally, helping both those with little to no tech experience and experienced practitioners rejoin the workforce, free for Ukrainians until June 2023. Under the Program, Ukrainians around the world can choose from a range of AWS-designed courses, based on their level of IT knowledge and learning goals. Course offerings range from cohort-based, 12-week programs to digital on-demand training, which learners can take at their own pace. Additionally, AWS is delivering dedicated, in-person, instructor-led classes in Poland, which has the highest number of Ukrainian refugees. The courses and workforce resources are designed to meet individuals wherever they are—whether they have little to no tech experience, or are experienced IT professionals looking for additional certifications, advanced courses, or career-placement support.

SpaceX continues offering Starlink services for connectivity redundency in Ukraine

On October 12, 2022, Ukraine’s Vice Prime Minister, Minister of Digital Transformation Mykhailo Fedorov praised Starlink for its help in restoring the connections in critical areas. He shared the details of the cruise missile attack and Starlink’s role in enabling the Ukrainians to maintain connectivity, stressing that Starlink remained a crucial part of Ukraine’s CI. On October 15, 2022, Elon Musk, founder of SpaceX, announced his company will continue to pay for Starlink satellite internet services in Ukraine, a day after suggesting he cannot keep funding the project. The decision follows uncertainty over continuity of Starlink terminals and subsidized service in Ukraine, with Musk announcing on Twitter that SpaceX would not be able to pay for Starlink in Ukraine indefinitely, after media reports that SpaceX had asked the Pentagon to pay for the donations of Starlink. The EU has also discussed early stage plans at the meeting of the 27 EU foreign ministers on October 17 to buy services from SpaceX founder Elon Musk, to ensure Ukrainians keep their access to vital Starlink internet services.

Microsoft pledges more financial and technical support

On November 3, at the annual Web Summit conference in Lisbon, Microsoft’s Brad Smith pledged more than $100 million in additional aid to Ukraine’s “extraordinary” effort to counter the Russian invasion. The financial assistance will extend to the end of 2023, the annual Web Summit conference in Lisbon. Since the beginning of the Russian invasion, Microsoft has allocated more than $400 million to supporting Ukraine, and was the first tech giant to pull its products from the Russian market back in March.

MDT and Recorded Future sign a Memorandum of Cooperation (MoC)

On December 6, MDT signed a MoC with Recorded Future, a US-based cybersecurity and threat intelligence company specializing in the collection, processing, analysis, and dissemination of threat intelligence, to protect Ukraine’s infrastructure and data. The agreement will protect CI in Ukraine against the military and cyber aggressions by the Russian Federation as well as yielding novel products and technologies for protecting CI worldwide. Recorded Future will provide its intelligence Platform, its know-how, specialist engineers, and intelligence analysts – including those based in Ukraine itself. MDT will in turn provide expertise, data, and people.

USAID supports IT Arena to promote its ‘Ukraine 3.0: Brave. Resilient. Digital’ event
On September 30 and October 1, 2022, IT Arena, one of Eastern Europe’s largest tech events, took place in Lviv, organized by Lviv IT Cluster with support from USAID Cybersecurity for Critical Infrastructure in Ukraine Activity. The IT Arena has been a leading Ukrainian tech conference since 2014, showcasing Ukrainian tech to international audiences, clients, and potential investors. The USAID Cybersecurity for Critical Infrastructure in Ukraine Activity sponsored the event, covering costs for marketing and communications to spread information about the event and Ukraine’s cybersecurity abilities. Additionally, it enabled the participation of Kim Zetter, a well-respected American cybersecurity journalist at the event to present as a keynote speaker and to moderate a panel titles “Insights from Russian Cyber Tactics Against Ukraine.” Panelists included Victor Zhora, Deputy Chairman of the SSSCIP, and Kenneth Geers, External Communications Analyst, Very Good Security. Kim Zetter’s speech covered Russian cyber tactics against Ukraine, including details about the types of wipers deployed in Ukraine that are likely to eventually be used elsewhere in the world, while the panel discussion covered Russian cyber offensive capabilities and Ukraine’s success in cyber defense. This conversation highlighted how Ukraine’s collective cyber knowledge, skills, and expertise position it as a leader in cyber defense globally.

INTERNATIONAL COOPERATION

USAID facilitates inaugural working meeting between CISA and SSSCIP

Figure 4: Deputy Chairman of SSSCIP, Oleksandr Potii, attending an inaugural working meeting between CISA and SSSCIP, on November 23, 2022.

On November 23, 2022, the USAID Cybersecurity for Critical Infrastructure in Ukraine Activity organized the first working meeting between CISA and SSSCIP to kick-off their cooperation and discuss the implementation plan for the MoC the organizations signed in July 2022.

The meeting was led from the U.S. side by Brandon Wales, CISA Executive Director, and Eric Goldstein, Executive Assistance Director for Cybersecurity; and Oleksandr Potii and Viktor Zhora, both Deputy Chairmen of SSSCIP, led from the Ukrainian side. Both partners engaged their top experts to discuss practical steps on proposed areas of cooperation. After the meeting, CISA shared its Cyber Security Evaluation Tool (CSET®), a stand-alone desktop application that guides asset owners and operators through a systematic process of valuating Operational Technology and Information Technology, with the Ukrainian side. SSSCIP will use?the tool as a reference and guide for developing an online Ukrainian tool to evaluate Critical Infrastructure Operators’ cyber preparedness.

USAID Provides Diesel Generators to Maintain Power for the GoU
On November 22, 2022, US Ambassador to Ukraine Bridget Brink handed over 50 diesel generators to the SSSCIP Head Yurii Shchyhol. The generators were procured via the USAID Cybersecurity for Critical Infrastructure in Ukraine Activity. USAID Ukraine Mission Director James Hope and SSSCIP Deputy Head Viktor Zhora were also present at the transfer event.

In addition to the 34 diesel generators SSSCIP already uses, these new generators will provide alternative electricity supply for government entities and critical information infrastructure in the event of power outages. SSSCIP plans to integrate the generators into a single system to supply electricity to central and regional government communication hubs. The generators will ensure uninterrupted energy supply to government entities and critical information infrastructure managed through the SSSCIP’s single remote-control system. The USAID Cybersecurity for Critical Infrastructure in Ukraine Activity in delivering an additional 30 diesel generators to SSSCIP in January.

Figure 5: SSSCIP Head Yurii Shchyhol accepting the diesel generators from US Ambassador Bridget Brink, delivered by USAID, on November 22.

International allies show support for a resilient cyberspace in Ukraine

On November 1, the UK Government announced a £6m support package for cybersecurity in Ukraine. The funding is provided through the Ukraine Cyber Programme, launched shortly after Russia’s full-scale invasion of Ukraine to help protect the Ukrainian government and its CI from malicious cyber attacks.

“The UK’s support to Ukraine is not limited to military aid – we are drawing on Britain’s world-leading expertise to support Ukraine’s cyber defences. Together, we will ensure that the Kremlin is defeated in every sphere: on land, in the air and in cyber space.”

-Rt. Hon. James Cleverly, United Kingdom Foreign Secretary.

On November 11th, the German government announced the provision of an additional 1 billion euros from its 2023 budget to support Ukraine. The money will, in part, be used to protect against Russian cyberattacks and gather evidence of war crimes. Germany is Ukraine’s third largest donor, with these additional funds arriving on top of arms supplies provided to the Ukrainian military.

Under the auspices of the EU4Digital: Cybersecurity East Project, representatives from the European Union Agency for Cybersecurity (ENISA) and Ukraine’s SSSCIP met in October to explore strengthened networking and collaboration. Among the topics discussed were the need for a roadmap to further enhance cooperation, but that equally important was the prospect of Ukraine attaining ENISA Special Partner status.

Ukraine will benefit from NATO’s Cyber Defence Centre through SSSCIP’s continued cooperation with the NATO Joint Cyber Defence Centre of Excellence (CCDCOE). CCDCOE Director Mart Noorma stressed that the Center will fully support Ukraine in countering cyber aggression from Russia and expects the completion of all processes necessary for Ukraine to officially join the CCDCOE in the future.

GoU participation at international cybersecurity conferences

On October 20, Viktor Zhora, the Deputy Chairman of SSSCIP, tells attendees at Mandiant’s Worldwide Information Security Exchange event in Washington that despite the huge rise in Russian cyberattacks starting in February, “the adversary hasn’t reached its strategic goals in the cyber war against Ukraine. (source). On October 25, Oleksandr Potii, Deputy Chairman of the SSSCIP, along with EU representatives, provided an on-the-ground perspective of the urgent need for cyber awareness and resilience to illustrate the importance of this aspect.

Representatives of the SSSCIP – including First Deputy Head of the SSSCIP, Dmytro Makovskyi – attended the International Security Forum in Halifax, Canada in November 2022, which focused on the situation in Ukraine. Representatives of Ukraine met with U.S. senators on the sidelines of the Forum to discuss the security situation and the need to withstand the Russia’s aggression. Makovskyi emphasized the importance of supporting Ukraine in matters of improving the physical defenses of CI, especially the energy infrastructure, which is a major target of the terrorist state. During a “Digital Transformation” panel at the G20 summit, Volodymyr Zelensky suggests that members learn from Ukraine’s experiences in cyber defense, “If you or your allies and partners do not already have such a system and such digital protection, we will be happy to help you build them!”