On a Wednesday afternoon in late September, the head of the cyber division of Ukraine's intelligence service, Illia Vitiuk, sat down to discuss something that Ukraine had previously kept close to the vest - specifically how much a joint hunt forward operation with the U.S. military helped hobble Russian cyberattacks at the outset of the war. It began in December of 2021 and involved, among other things, flying some 40 operators from Cybercom into Ukraine to team up with local specialists, many of whom worked for Vitiuk at the Security Service of Ukraine, or SBU. The SBU is the country's primary intelligence, law enforcement, and security agency. While protecting Ukraine from cyberattacks tops his list of responsibilities, he's also quick to say that part of his job is investigating war crimes. Looking back on it, George Dubynski saw indications that Russia was planning to invade Ukraine months before it happened. He's a deputy minister in Ukraine's Ministry of Digital Transformation. It is one of nine agencies in charge of cybersecurity in Ukraine. He wanted to persuade the U.S. to send cyber protection teams to Ukraine before the ground fighting started. In some sense, Ukraine had been girding for Moscow's cyberwarfare for a decade. Long before the invasion, Kremlin-backed hackers had taken aim at Ukraine's electrical grid, they had been blanketing its people with online misinformation, and they had been probing Ukrainian networks for years. Partly because of this long-running campaign, Ukraine set out to build one of Europe's most sophisticated networks. The one thing Ukraine hadn't done, he said, was create a dedicated cyber force. There was no time for that in this case: Dubynski and Cybercom agreed on the scope of the Ukraine hunt forward mission in just 30 days. With more than a month to go before the invasion, Ukraine found itself on the receiving end of dozens of these kinds of attacks. Ukraine found Russian hackers were trying to crack into a company that supplied telemetry equipment to water and gas utilities. Vitiuk said had the Russians been successful, "Literally they could have stopped the flow of water and the flow of gas," creating a "Catastrophe" in Ukraine's civil infrastructure. Most observers of the conflict in Ukraine will tell you three things likely contributed to the absence of any single spectacular cyberattack in the early days of the fight. Prewar estimates suggested that Ukraine would be able to hold onto Kyiv for just a few days. "Many of them just all left Russia," he said, "Or are trying to distance themselves from what the Russian government is doing," which has allowed Ukraine to leverage another, slightly intangible, advantage: creativity. Daryna Antoniuk is a freelance reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia.
This Cyber News was published on therecord.media. Publication date: Thu, 30 Nov 2023 23:19:27 +0000