Ukraine—grounds for real cyber war
Area 603,628 km2
Population 36,744,636
National Cyber Security Index 75.32 (2023)
Digital Development Level 55.96 (2023)
Ukraine has long been the target of cyber warfare. As early as 2014, Russia used disinformation campaigns and cyberattacks to create chaos in the country. Before the 2014 presidential election, Russian hackers even breached the network of the Central Election Commission and deleted files in an attempt to change the election results. The attack failed, as the malware was removed 40 minutes before the election. However, cyber warfare continued. The list of attacks is long, from those on the Ukrainian power grid during the bitter cold in 2022 to those on Ukrainian government websites in January 2022.
Due to this perilous situation, the Ukrainian government has paid significant attention to increasing cybersecurity. eGA’s cybersecurity program director Merle Maigre, who worked in Ukraine as the deputy head of NATO’s mission to Ukraine in 2005–2007, recognises that the Ukrainian leadership did not need to be convinced to beef up their cyber defenses.
“A country is well prepared if there is a clear political understanding of an enemy and the will to fight it,” Ms. Maigre says. “Ukraine clearly has both.”
Recently, Ms. Maigre participated in several projects aiming to increase cybersecurity in Ukraine. In 2019, she led cyber drills to defend against Russian attacks and was surprised by the talent Ukrainians showed in finding malware. In 2022, literally under flying bullets, her colleagues installed the cybersecurity training field in Kyiv, during Russia’s fiercest assaults in the area. The technicians were forced to work with headlamps because the whole city was blacked out.
“I remember that initially, we were a little hesitant, perhaps even timid, because we didn’t know how to talk to someone who has a war going on,” she recalls. “But we soon realised that there are enough people in Ukraine to fight and keep the back end safe.”
Currently, the cyber war in Ukraine is waged in parallel to the “hot” war. There have been more than 4500 cyberattacks on Ukrainian networks and systems. However, Ukrainian readiness is at an extremely high level.
“We had the personnel and the strategies in place even before the war,” Ms. Valeriia Ionan, deputy minister of European Integration, reports. “Now, in addition to the political leadership, volunteers are taking part, so we feel secure.” Ms. Ionan is referring to the IT Army of Ukraine, a volunteer organization founded in early 2022 that assists in both attack and defense.
As Ukrainians rely extensively on their Diia (government services portal and mobile application) ecosystem, its functioning is of national importance. The system is safe by design: personal data is not stored in one place, and the system accesses it only from other registries when needed via the secure data-exchange platform Trembita. The Trembita works similarly to the Estonian X-Road, as both platforms have the same root. Moreover, the Trembita was developed by Estonian IT company Cybernetica and implemented by the e-Governance Academy team.
“We have a permanent open call for ethical hackers, but no one has had real luck at bringing the system down,” Ms. Ionan reports.
Similar to their combat in the real world, Ukrainians’ resilience and capacity to fight in cyberspace is impressive. The cybersecurity projects that, for a while, focused on achieving short-term goals are now focusing on longer-term achievements again. The Ukrainians are simply convinced that they will win. And it is always doable if you have donors and trusted partners nearby.
Lessons learned:
- Start with a clear political understanding of your goals and cyber battlefields.
- Conduct cyber drills for your cyber experts—they need it.
- Cooperation between the public and private sectors helps to keep cyberspace safe.