Land, sea, air and… Cyberspace: for more than a year, the Russian attack on Ukraine has been unfolding on all fronts. How does the country cope with the massive destruction of its digital infrastructure and fights back? Is the Cloud an answer to this situation? Yegor Aushev, a renowed Ukrainian cybersecurity expert, gives inCyber his insights on this dramatic situation.

A year ago, Brad Smith, Microsoft’s vice chair and president, qualified the Russia-Ukraine war as the “first hybrid war”. The Russian troop surge was preceded by a wave of cyberattacks on Ukrainian infrastructure. On that front too, the Ukrainian fought back, crippling Russian governmental and private sites, such as the VTB Bank, the social security or the Tass press agency.

With the intensification of the Russian bombing through the war, data traffic in Ukraine is threatened by the destruction of Internet physical infrastructure and the lack of electricity. Fortunately, in the run-up to the Russian offensive, Microsoft helped the Ukrainian government migrate the contents of its servers to the Cloud: 16 of the country’s 17 ministries had their data evacuated to European and American data centers.

How is Ukraine holding up on the cyber front? What consequences does the cyberwarfare have on the functioning of the Ukrainian State? What solutions is Kyiv finding to mitigate the damage to its infrastructure? Yegor Aushev, CEO of CyberUnit. Tech and cofounder of Cyber School Ukraine, he is a skilled Ukrainian cybersecurity expert. Prior to his participation to the FIC 2023, he gives inCyber an insider’s view on all these questions.

Is the cyberfront still active one year after the launching of the war?

The enemy shows no signs of stopping their cyberactivities, both during and after the war. Their hidden operations in cyberspace existed even before Russia’s full-scale invasion of Ukraine, and they will continue to operate covertly in the future. Unfortunately, this has become a new reality that shows no signs of ending. Over the past year, there have been continuous attacks by hackers, with some peak periods occurring exactly one week before missile attacks on Kyiv or coinciding with global political events.

Can you give us examples of recent cyberattacks against Ukraine?

Between January and February of 2023, around 300 cyberattacks were carried out on Ukrainian institutions, according to CERT-UA. Approximately 40 attacks were targeted at local Ukrainian authorities, while around 70 attacks were aimed at government institutions. It is noteworthy that the collaboration and information sharing between Ukraine and other European countries have been very effective.

Recently, Ukraine, in cooperation with Poland, has identified phishing resources that imitate the official websites of the Ministry of Foreign Affairs of Ukraine, the Security Service of Ukraine, and the Police of Poland. The more cooperation in cyberspace we have between Ukraine and NATO countries, the more each of us are protected.

Can you tell us more about the “IT Army” the Ukrainian government recruited to fight this cyberwar? Did you contributed to it?

On February 24, 2022, I was awakened by the sounds of explosions and bombs in Kyiv. From the underground car parking of my building, I posted a call to arms on Facebook, seeking cyber security specialists to join a cyber army in defence of our country. Even if someone couldn’t shoot a gun, they could still fight and protect own country in cyberspace using their laptop.

Within two days, the Ministry of Digital Transformation created a Telegram group called “IT army” and invited all available IT specialists. This effort helped to create a sense of community among IT professionals, who were able to work together in an open and collaborative environment. This was especially important from a psychological perspective, as it helped IT specialists to feel actively involved in the fight and not just sitting at home in fear.

Are NATO countries threatened by Russian or pro-Russian hackers as an aftermath of their support of Ukraine?

Russian hackers have been observed launching attacks on multiple countries in the EU region, as well as the United States, targeting both governmental and private sectors. As we enter an era of digitalisation, cyber resilience has become an essential aspect for every country. The more digital a country or company is, the more competitive it can become, but this also means that it can be more vulnerable to cyberattacks. Russian hackers, who are backed by the Russian government, operate with a lack of ethics and have even recently targeted US hospitals.

In the context of the war Ukraine is suffering from, is the Cloud a solution for the continuity of public services?

Ukraine has been and continues to be subjected to a large number of hackers attacks. The problem is also that there are battles taking place on the ground, during which the occupiers seize critical infrastructure facilities and even nuclear power plants. In such a case, it is indeed better to keep everything in the Cloud and have the ability to control access in the event of a physical seizure of the facility.

However, Cloud technologies do not have a 100% guarantee of protection. Therefore, it is necessary to make a qualitative risk assessment and incorporate these risks into the company’s development strategy. That is why, in our opinion, companies’ and even the country’s cybersecurity should be taken care of by top-level management.

The rise of Cloud leaks and attacks are raising questions about their security. What is your view on this challenge and the solutions to it?

Cloud services offer a lot of added value to automate at low cost and eliminate human error whenever possible, something difficult and expensive to do with your own infrastructure, where custom development is often required. Our expectation is that future customers will choose Cloud providers according to security metrics rather than their prices or marketing campaigns.

By increasing the attack surface, is the Cloud a weak point in the Russia-Ukraine cyberwar?

A large number of attacks are related to the human factor or process within organisations. In fact, attacks on people, including those using Cloud technologies, are the biggest vulnerability of organisations. Therefore, enhancing the level of protection can only be done simultaneously with increasing the level of cybersecurity awareness among employees.

Stay tuned in real time
Subscribe to
the newsletter
By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.
Stay tuned in real time
Subscribe to
the newsletter
By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.