Estonia and EU help Ukraine to cope with cybersecurity threats
A technical cybersecurity exercise for representatives of Ukrainian state bodies responsible for cybersecurity was held by Estonian CybExer Technologies and e-Governance Academy in Kyiv on 17 – 19 May. Over 30 officials from the State Service of Special Communications and Information Protection of Ukraine, the Security Service of Ukraine and the Cyber Police of Ukraine participated in a training on countering cyberattacks.
According to Merle Maigre, the organiser of the exercise the exercise aimed to improve the resilience and expertise of the Ukrainian cyber security authorities to prevent and deflect attacks.
“Our everyday lives are very dependent on how secure is our cyberspace. Being well prepared for an cyberattack is the best option for safeguarding the countries critical infrastructure and services. The exercise is an excellent opportunity for security teams to cooperate with each other and to test their procedures and skills of detection and response to cyberattacks,” said the organiser Merle Maigre from the Estonian e-Governance Academy.
„This task-driven threat hunting exercise trained comprehensive cyber capacity skills at technical level, as well as raised awareness at the managerial level on the effects that cyber incidents can cause,“ said Maigre.
Viktor Zhora, Deputy Head of the State Service for Special Communications and Information Protection of Ukraine, in charge of digital development, digital transformations and digitisation, stressed: “One of the tasks of the UA30 cyber defenсe reform is to raise the professional level of cybersecurity specialists. Today we made an important step in this direction – for the first time, our specialists took part in cyber competitions. This became possible thanks to the updated UA30 Cybercentre which houses a unique training centre for Ukraine. There are only 20 such centres worldwide, and 6 of them are located in the USA.”
The exercise was carried out under the lead of the Estonian e-Governance Academy in a simulation environment of CybExer Technologies OÜ, a NATO-awarded Estonian cybersecurity company. “Blue Teams” of defenders, made up of key Ukrainian cyber security institutions, were engaged in threat hunting and other specific pre-defined tasks revealed to the participants only during the exercise. The “Blue Teams” learned how attackers work as mock attacks were launched on predefined IT infrastructure by the “Red Team” of exercise organisers. Ukrainian IT experts learned what indicators of compromise attackers leave behind and how they move between the network systems.
The cyber security capacity exercise is provided under the International Technical Assistance Project “Interoperability, e-services and cybersecurity (EU4DigitalUA)” funded by the European Union. The EU4DigitalUA project aims to support Ukrainian digital transformation and harmonization with the EU Digital Single Market, and it lasts from November 2020 to March 2024.