Main international and Ukrainian news in the field of cyber security in February 2023
The countries of the world continue to modify their approaches to security, based on the experience of the russian-Ukrainian war. The EU has stepped up efforts to launch its own satellite group for the security of its government communications, is working intensively on the Cyber Resilience Act in terms of requirements for critical equipment at OCI, and is taking measures to improve cybersecurity standards.
Ukraine continues to reveal the facts of targeted cyber attacks on the public sector. According to the State Service for Special Communications and Information Protection of Ukraine, 2.8 times more cyber incidents were registered in 2022 than in 2021. And the number of information security events in the categories "Malicious software code" and "Collection of information by an attacker" increased by 18.3 and 2.2 times, respectively.
The main subjects of cyber security in Ukraine continue to develop interdepartmental and international cooperation in order to be ready for a new wave of confrontation in cyberspace with the russian federation. For this purpose, in 2023, it is planned to hold a number of command and staff exercises on cyber security, in particular at least two sectoral ones, as well as on issues of strategic communications.
In the international dimension, Ukraine is strengthening its cooperation with NATO, in particular, the participation of a Ukrainian representative in the work of the CCDCOE is normalized, as well as the development of public-private partnerships at the international level (for example, by involving the cyber community from the private sector in France).
Another area on which the cyber security authorities of Ukraine have focused is the training of specialists in OSINT techniques. With the support of international partners, a number of trainings were held for representatives of the public sector. One of them included more than two thousand participants from all regions of Ukraine, and two more were specialized for specialists of the Defense Forces of Ukraine. Also, to increase the level of personnel potential in the field of cyber security, the UA30CTF competition was held for students (156 participants).
International cooperation in the issue of common policies of digital development and cyber security is being intensified. The directions of this cooperation are increasingly related to closer relations between Western countries and the Asia-Pacific region: new cooperation agreements between the EU and Singapore, activation of the activities of the Quad alliance, increased cooperation within the framework of the #StopRansomware project.
An important topic in February was the discussion of the possibilities of using artificial intelligence for malicious purposes. According to experts, such systems as ChatGPT are already potentially used by states in cyber activities. Also, more attention is paid to IoT/IIoT cyber security. These systems are increasingly used in industry and everyday life and require greater security.
The world is taking stock of the first year of cyber warfare. Evaluating Ukraine and the measures taken by it, experts note that Ukraine managed to avoid the most serious consequences and prevent large-scale cyber attacks. Thanks to the fact that Ukrainian cyber specialists have proven to be more effective than russian ones, Ukraine is able to effectively monitor new threats. The fact that most important Ukrainian resources have been moved to the "cloud" also played an important role. It is emphasized that the Ukrainian telecom sector has shown its resilience in the face of physical and cyber threats.
Characterizing the cyber rivalry itself, they draw attention to the fact that despite the considerable efforts of russian hackers to gain an advantage in cyberspace, the results of their actions are ambiguous. Although russia actively combines cyber and information components in conducting its informational and psychological operations, these efforts are also ineffective.
As for the long-term consequences and prospects, noticeable changes in the Eastern European cybercrime ecosystem are already evident, and the activity of russian-speaking hacking communities has partially decreased. There is also a "brain drain" among russian cyber specialists. The most important conclusion in this area is that russian hacking groups used this time to learn and perhaps better think about dangerous attacks. Therefore, the danger of more serious cyber attacks in 2023 remains and even increases.