One of the countries that is most often accused of waging international cyber warfare, is Russia.
And one of it’s favourite targets, is it’s neighbour, Ukraine.
– Our internal cooperation in the Ukraine needs to become more efficient, says Ukrainan cyber security expert Dr Oleksandr Tsaruk.
Oleksandr is a member of Nordic IT Security’s advisory board, he is also chief advisor to the Committee on ICT, Ukrainian Parliament.
– The Ukraine has very limited funds for changing the IT security infrastructure. We have to cooperate with NATO, the US and the European Union, he explains.
But Oleksandr does not want to over-emphasise the possibility, of large scale cooperation with the US, that a country like Israel for example has.
– The United States do not provide the Ukraine, with a lot of equipment at the moment. We should have as much bilateral cooperation as possible, with the European Union and NATO countries. But if we could receive a lot of technology and expertise from the United States in the future, it could be very helpful.
One thing that the Ukraine is doing at the moment, is working with the information, that it’s population has access to.
– We can not stop fake news online. But we can explain to people, that “this is not true”. And in the Ukraine, we currently have interesting initiatives. Like the “Stop fake news” initiative.
– There needs to be government, public and private cooperation. It is happening now. But not so efficiently.
Oleksandr attended the Ukrainian “Global Cybersecurity Summit 2017”, held in June. We asked him to provide a report, for Nordic IT Security’s readers. And here it is:
“Recently, WIRED published an excellent article on longread, about the Ukraine as a testing lab, for cyber warfare. Giving light, on former and future threats, on almost every aspect of Ukraine’s public and private sectors.
This and other articles, describe the Ukraine, as a cyber playground for the Kremlin digital tools. Which – after testing – will later threaten, deter, or even attack the United States.
Definitely, some lessons have been learned already. For in the US, in one of the first public statements on priorities as president, Donald Trump promised to develop a “comprehensive plan to protect America’s vital infrastructure, from cyber attacks.”
Just a few day before, Kiev, the capital of Ukraine – had hosted a first worldwide event on cyber policy, the “Global Cybersecurity Summit 2017”.
It was mostly focused on discussing cyber threats and policies, but was also followed by an IT exhibition.
The Global Cybersecurity Summit was organised by Globee US-UA, which is a non-governmental organisation. The summit attracted top speakers from western vendors such as Cloudflare, VISA, Oracle, IronNet, LastWall, HP, EY and Symantec.
But also former leadership from the US State Department, and some of Washington DC:s think tank consultants.
The organisers tried to sell the idea, that the Ukraine had recently been at the number one focal point, of cyber issues. The exclusivity of the event attracted an interest of the public, media, experts and high-level corporate executives. With in total, about a 700 strong participation.
For them, it was a chance to establish a business partnership, and get expert advice. It was also a good opportunity to advertise IT solutions of vendors, at the famous venue Parkovy event centre, in the basement of which is located a super modern “Tier III” data center.
This is the biggest data processing facility in the Ukraine, but at the same time, it is using only one tenth of its capacity. And rumours say, that it is for sale, as the principal investor’s closeness to the former president Yanukovych, has weakened it’s reputation…
A lot of experts underlined speeches of such policy movers like of Mr Antony Blinken, the former US Deputy Secretary of State, and the former US Deputy Security Advisor. Mr Matt Chessen, a former EAP Coordinator for International Cyber Policy, at the State Department. And also Mr Dmitry Shimkiv, the acting Deputy Chief of the President’s Administration in the Ukraine.
The former Deputy National Security Advisor, and the Deputy Secretary of State Antony “Tony” Blinken, argued that the threat posed by cyberattacks to “human infrastructure” (meaning what we think and believe) is as important, as the threat to critical physical infrastructure.
He suggested that the best defence against the threat to “human infrastructure”, is educated end users, with a strong critical thinking ability. He also recommended the following solutions, to current cyber threats: Demanding a collective response from academia, private sector and NGOs, PPP in defences, developing common cyber security standards, and imposing costs on entities that carry out cyber attacks.
Blinken stressed, that by setting spheres of influence, some countries are limiting the sovereignty of others. Moreover, these fences are being built in human minds.
Mr Shimkiv suggested that the Ukraine should go in a similar way as Israel, in developing bilateral cooperation with the US, in cyberspace issues. He also argued on the importance of education, because if there is no brain that connects, after the soft- and hardware, there is no way to be protected.
Probably the most sophisticated contribution from the speakers, came from Mr. Chessen. As speaker and panellist, he gave light on such phenomena as “Cognitive security”, “Weaponized narrative” and “Hybrid warfare”.
Probably, Cognitive security is a “terra incognita”, for many cyber experts. And a new field, that focuses on evolving frontiers. This suggests that, in the future – researchers, governments, social platforms, and private actors will be engaged in a continual arms race, to influence (and protect from influence) a large groups of users online.
The weaponized narrative phenomenon, is an attack that seeks to undermine an opponent’s civilization, identity, and will. By generating confusion, complexity, and political and social schisms, it confounds response on the part of the defender.
But: What are really the lessons learned?
Both former US department leaders, provided insights to some aspects of “How Russia hacks our democracy”. Russia is engaging in hybrid warfare with ‘the West’, broadly defined as the liberal democracies that make up NATO and its allies.
The Kremlin weaponizes money, culture and information – in an effort to shatter enemy communications, demoralize it’s enemies – and to disrupt enemy command structures.