NATO Takes Steps to Bolster Ukrainian Cyber Security
Ukraine is an area of great geopolitical significance — a sort of buffer zone between NATO and Russia — that both sides seek to influence. Crimea aside, neither side wishes to be too overt with military intervention, and the result is tailor-made for modern cyber warfare.
What remains of Ukraine is politically west-leaning and NATO-cooperative. This places Russia in the position of protagonist; and while it should be said that there is little direct proof of Russia-led cyber warfare, there is equally little doubt in the minds of many security researchers.
Two examples will immediately come to mind: the power disruptions over the Christmas period of 2015, and the more recent NotPetya ransomware outbreak. The latter started in the Ukraine before spreading worldwide. It appears to have emanated from Ukrainian accounting software called MEDoc, but is now thought by some to be a wiper cyberweapon disguised as ransomware “apparently launched by the same threat group that initiated numerous other attacks against the country’s power grid, mining and railway systems, and Ukrainian government organizations.”
NATO’s official policy towards Ukraine is to bolster its independence.
“A sovereign, independent and stable Ukraine, firmly committed to democracy and the rule of law, is key to Euro-Atlantic security,” it says. “Since 2014, in the wake of the Russia-Ukraine conflict, cooperation has been intensified in critical areas.”
Cyber security is one of those critical areas. In December 2014, NATO established a Trust Fund designed “to provide Ukraine with the necessary support to develop its strictly defensive, CSIRT-type technical capabilities, including laboratories to investigate cyber security incidents.”
By June 2016, eight nations had contributed a total of €965,000, plus in-kind contributions from Estonia and the USA. This week, the project appears to have moved to the next step at a joint briefing with NATO secretary general, Jens Stoltenberg, and Ukrainian president Petro Poroshenko in Kiev on Monday.
Ukrinform, the national news agency of Ukraine, reported Monday, “He [Stoltenberg] said that one of the areas where the alliance was paying more attention in its cooperation with Ukraine was the sector of cyber security. NATO is currently in the process of providing Ukraine with new equipment for some key government institutions and authorities, which will enable Ukraine to investigate who is behind certain cyber-attacks, because the response to them is extremely important, Stoltenberg said. And it should also help Ukraine protect its key government institutions from cyber-attacks, he added.”
NotPetya is exactly the sort of cyber-attack that such defenses will need to prevent.
Related: NATO Publishes Tallinn Manual 2.0 on International Law Applicable to Cyber Ops