June attack highlighted growing menace of cyber threats, but Ukrainian agencies are fighting back

August 23, 2017

Last week, the European Union Advisory Mission began a three-month long training programme in cyber security for staff from Ukraine’s Ministry of Internal Affairs and its subordinate agencies – the National Police, State Border Guard Service, National Guard, State Migration Service, and State Emergency Service.

Here, Mihai Burlacu (Senior Advisor on Communications and Information Systems), and Iurii Chumak (ICT Governance Officer) explain a little about the importance of cyber security, and what EUAM is doing to address the issue.

We hear the terms ‘cyber crime’ and ‘cyber security’ a lot these days. Are they the same thing?

Not quite, although they are obviously related. Cyber crime is a form of criminal activity carried out using Information Computer Technology (ICT) devices, and where ICT devices are also usually the target of the crime. Well-known types of cyber crime include ‘malware’, which is virus-infected software or spyware; and ‘phishing’, where people are deceived into handing over their personal details online via scam emails that appear to be genuine.

Cyber security is the discipline of protecting internet-connected systems and networks against a whole range of threats, including cyber crime. Cyber security supports IT infrastructure and processes so that IT data and services are protected from unauthorized access, harm or misuse. This includes harm caused intentionally or by accident by the system operator.

The expansion of the internet has meant that cyber security, too, has grown in importance, is that correct?

Absolutely. We are living in the information age, often of information overload, and all of that information needs to be managed and protected. Aspects of our daily lives that we take for granted depend on protected and secure ICT systems. ICT systems are everywhere – from Air Traffic Control systems that take us safely from one location to another, to our banking system, medical health system, energy systems, and so on. The Visa Liberalization system recently introduced in Ukraine (for short-term travel to the European Union) uses ICT to register citizens. All of these systems can be vulnerable to cyber attack and the confidential information they store can therefore be compromised. It is this vulnerability that cyber security tries to eliminate. States have a duty to protect the data of citizens, and prevent this data ending up in the wrong hands.

Mihai Burlacu (centre) and Iurii Chumak (right)

What about cyber security in Ukraine, is the country particularly vulnerable to cyber attack?

Yes, Ukraine is vulnerable. In June this year, in fact, a massive cyber attack started in Ukraine before spreading to over 60 countries worldwide. More than 12,500 systems in the country were attacked, with banks, energy companies, government ministries, telecommunications, media companies and even Borispol airport affected. Ukrainian officials indicated that they suspected Russian involvement in the attack, which is a reminder that cyber attacks can also be used as a weapon of war. The June experience showed just how destructive and far-reaching such attacks can be. In some cases the criminals that carry out these attacks often have a political agenda, but often just want to make a statement of what is possible. Unfortunately, it is extremely difficult to track down cyber criminal “hackers”.

What is the best form of defence?

Cyber security success depends on reducing one’s vulnerabilities, and that starts with improving the experience and knowledge base of an organisation’s IT professionals. To protect yourself from cyber threats you first need to be aware of what those threats are, and to increase your understanding. It is estimated that 70% of IT-systems vulnerabilities are down to internal organisational factors – for example, how to deal with confidential information – so there is much that EUAM’s civilian security sector partners can do to reduce vulnerability without having to invest huge amounts of money in IT software. It is vital to conduct risk assessments, to examine organisational development and processes, to establish rules and procedures. Sharing of information and cooperation between agencies – as well as within agencies – is also a crucial part of cyber security. This is what we might call cyber security best practices. Once an organisation understands the nature of a cyber threat, it can then allocate adequate resources to counter that threat.

For EUAM’s partners, improvements in cyber security go hand-in-hand with the wider reform process. Law-enforcement agencies are now starting to upskill and improve knowledge in cyber security. The IT Department at the Ministry of Internal Affairs, for example, is setting up a data centre and establishing an integrated information system and analytical cell. This is great progress, and we hope that continues.

Wont the criminals always be one step ahead?

You could make that argument, but we must not be discouraged by the size of the task when it comes to cyber security. We have to organise ourselves, fight these threats and be better prepared. As you are probably aware, cyber hackers are very well educated and skilled people, and they are often recruited by the same people they are attacking, let’s say a government. But they demand high salaries that Ukrainian agencies cannot really afford. The June cyber attack certainly showed how quickly criminals are developing their skills, but with cyber security, the motto we always adopt and hold on to is: identify risks, protect, detect anomalies and events, respond and recover.

What is EUAM doing to help?

The Mission last week started with an ambitious training programme for the Ministry of Internal Affairs and its sub agencies. We are obviously delighted to be able to boost the Ministry’s cyber-security capacity. The project, which will be carried out from now until early November, aims to improve the level of knowledge of decision-makers and planners involved in ICT governance. Experts at the ICT company ISSP have developed a unique training programme on cyber security for law-enforcement agencies, and EUAM is delighted to be partnering with them. ISSP is well respected within the field, and we hope that this training will contribute towards preventing further cyber attacks of the type we saw in June.

Cyber security training session