Highlights of international and Ukrainian cybersecurity news in August 2024

In August, the United States focused on the election process due to attempts to hack into the information systems of both presidential teams, with the Trump team blaming Iranian hackers. Microsoft, Google, and Meta also reported an increase in Iranian election-related cyber activity. On 19 August, the Office of the Director of National Intelligence (ODNI), the FBI, and CISA issued a joint statement on the intensification of Iranian attempts to interfere in the US elections. Iran denied any involvement, but the US State Department announced a $10 million reward for information on six Iranian hackers suspected of cyberattacks on water supply systems in late 2023.

European countries are stepping up cybersecurity, focusing mainly on deepening interstate cooperation and introducing incentives at the European level. Switzerland is planning to join two security projects under the EU's Permanent Structured Cooperation (PESCO) programme, one of which is directly related to strengthening cybersecurity - the Federation of Cyber Range States project. At the same time, ENISA has launched a new programme to support EU Member States by enabling European cybersecurity service providers to provide relevant services to EU countries and their critical infrastructure in accordance with the provisions of the NIS2 Directive.

Post-quantum encryption has once again become an important topic in government and expert discussions after NIST published standards for three basic quantum computing-resistant algorithms. The UK has already incorporated these standards into its strategic documents. A RAND study is also exploring the potential of quantum computing and artificial intelligence to strengthen the capabilities of the US Department of Homeland Security. Artificial intelligence is moving to real implementation: CISA appointed a chief AI officer, and the NSA launches an AI-based automated penetration testing platform.

Ukraine continues to strengthen international partnerships in cybersecurity. In August 2024, several important events took place: the sixth round of the US-Ukraine Cyber Dialogue (discussing the current landscape of cyber threats, critical infrastructure protection, cyber sanctions and cyber diplomacy), a meeting of the NCCC representatives with the Embassy of Japan and JICA (considering the possibility of training Japanese colleagues by Ukrainian specialists), and the signing of a Memorandum of Cooperation in the field of cybersecurity and cyber defence between the State Special Communications Service and the Ministry of Defence of Latvia.

Ukraine, with the support of international partners, is actively developing a system of cybersecurity training, focusing on practical measures. At the initiative of the NCCC, the first national cyber range Cyber Range UA was presented at the National Aviation University. The Cyber Security Laboratory of Automated Control Systems was also opened at the Igor Sikorsky Kyiv Polytechnic Institute. In August, the INCIDENT RESPONSE DAYS 3.0 cyber competition was held, involving 100 students and public sector cybersecurity professionals.

The global cyber confrontation is gaining momentum, attracting new participants. the russian-Ukrainian cyber war remains the central element of this confrontation, but the goals of politically motivated hackers are expanding. International researchers note that russia is shifting the focus of cyberattacks from Ukrainian organisations to personal mobile devices of military and security sector personnel.

Read more about legislative changes, initiatives of national actors, trends, forecasts and analytical assessments, international and Ukrainian news in the field of cybersecurity in Ukraine: Digest for August 2024.