The joint statement following the 23rd Ukraine-EU Summit recognizes the importance of further strengthening cooperation in countering hybrid threats and tackling disinformation.
According to the text of the statement published on the website of the President’s Office of Ukraine, the EU will continue to support Ukraine’s resilience, including through the strengthening of independent media and the regulatory environment, as well as sharing best practices on media freedom and literacy, strategic communications and supporting Ukrainian initiatives to tackle disinformation.
“We underlined the important role played by civil society, youth and independent media in all areas of public and political life, also in the context of disinformation campaigns against the EU and Ukraine, including notably by Russia,” the officials said in the joint statement.
The holding of the first cyber dialogue between Ukraine and the EU on June 3, 2021 is also encouraged, and the next round is expected in the second quarter of 2022.
“We emphasized the importance of deepening inter-institutional cooperation on cybersecurity,” according to the statement.
The system of cyber protection of state information resources of Ukraine and critical infrastructure facilities at monitoring sites recorded 376,100 suspicious events from August 18 to 24 August 2021, which is 28% less than in the previous week.
According to the State Service for Special Communication and Information Protection on Thursday, the overwhelming majority of recorded suspicious events concern violations of corporate security policy (32%), detection of network malware (22%), and attempts to obtain administrator rights (20%).
The system of state bodies’ protected access to the Internet blocked 43,100 different types of attacks, which is 18% less than in the previous week. Of these, 99% are application-level network attacks; two DDoS attacks were also recorded and blocked.
During this period, the Government Computer Emergency Response Team of Ukraine (CERT-UA) registered and processed 2,150 cyber incidents.
The vast majority of processed incidents belong to the UACOM domain zone (about 99%). The majority of incidents are related to the distribution of malware (96% of the total) and phishing (3%).
President of Ukraine Volodymyr Zelensky announced that soon a university, which prepares the specialists in combating and countering cyber threats, will be opened in the country.
“We will open a new powerful university, the presentation is almost ready. A university that will have such professions related to the cybersecurity of the country, of the people. Cybersecurity is one of the main faculties of this university […] We will select the best children, we will give very high scholarships […] modern laboratories, cyber centers, biochemical centers will be built there […]”, Zelensky told reporters after speaking at the Ukraine 30 All-Ukrainian Forum.
The President also said that the university will also have a powerful selection of teachers, primarily Ukrainians, but foreign specialists will also be attracted, who will be paid high salarie.
The Ministry of Energy of Ukraine plans to establish Industry Centre for Cybersecurity for critical infrastructure facilities in the Ukrainian energy sector.
As the Ministry’s press office reports, negotiations with partners on obtaining technical assistance are currently underway.
“International companies leading in the field of cybersecurity and digital transformation, such as, Microsoft, Cisco, HPE, Dell, McAfee, Huawei, Fortinet, Trend Micro, Micro Focus, Palo Alto Networks, have expressed interest in joining work together,” the ministry said.
In the near future, together with the International Cybersecurity University (ICU), it is planned to hold a meeting of the working group on the development of cyber defense of critical energy infrastructure facilities under the Ministry of Energy.
“The purpose of the meeting is to draw attention to cybersecurity issues in the energy sector, to establish closer cooperation with global companies and international partners, to develop a plan for the further development of the sectoral cybersecurity system,” the Ministry of Energy reported.
Ernst & Young is waiting for a spike in proposals to insure cybersecurity risks in Ukraine in 2019, according to a study by Ernst & Young Global Limited posted by the Ukrainian representative office of the company.
“The high level of damage to business from cybercrime around the world encourages companies to look for ways to manage these risks from the outside. One of the available options is to insure cyber risks, so similar offers from insurance companies are the expected trend of 2019 in Ukraine,” Senior Manager of information technology and IT risk management department of EY in Ukraine Dmytro Lazuchenkov said.
According to EY Global Information Security Survey 2018–2019, Ukrainian businesses are still characterized by the active migration of large Enterprise IT solutions to cloud services and the performance of business-critical operations in public “clouds.”
In a highly competitive environment, cloud solution providers are trying to reduce costs by reducing investment in technical tools and staff skills that are necessary to ensure the security of a cloud solution. This leads to the fact that cloud environments are becoming more susceptible to attacks by cybercriminals,” the company said in a press release.
EY said that the state-run institutions of Ukraine also should not forget about countering cyber threats.
According to EY Global Information Security Survey 2018-2019, vulnerabilities with the most increased risk exposure over the past 12 months were careless/unaware employees (34%), Outdated security controls (26%), unauthorized access (13%), and related to cloud-computing use (10%).
Most organizations (82%) are not sure if they successfully identify cybersecurity incidents. Among organizations suffered from incidents over the past 12 months, less than one third (31%) say that the incident was revealed by the cybersecurity service of the company.
EY said that 60% of organizations say that the person directly responsible for information security is not a board member. Only 18% of organizations say that information security fully influences business strategy plans on a regular basis.
Ukrenergo has worked out a concept for the development of cybersecurity for 2019-2023, based on the analysis of the current state of information security in the company, its own developments and the experience of world leaders in the field of cyber defense and information technologies, primarily Israel.
According to a press release, in four years Ukrenergo intends to implement 30 projects in order to enhance the security of information infrastructure and minimize the negative impact of cybersecurity incidents on the company’s work.
In particular, the matter concerns the creation of a secure transport network of the enterprise for secure interaction with the outside world, the organization of secure basic infrastructure and data processing centers, as well as setting up an operational security center and organizing professional training for personnel.
The draft concept was reviewed and received positive feedback from the Security Service of Ukraine and the State Service of Special Communication and Information Protection.
As reported, in June 2017 the computer networks of the Cabinet of Ministers, dozens of state and private large banks and companies in Ukraine became the victims of a massive virus attack, which in some cases led to the cessation of their operations.