Ваш браузер є застарілим і не підтримує сучасні веб-стандарти, а так само становить потенційну загрозу вашої безпеки.
Будь ласка, встановіть сучасний браузер

National Security and Defense Council of Ukraine

HomeNewsOrganization of the National Security and Defense Council of Ukraine14.04.2025, 16:57

Cyberattack on the Ministry of Justice and «Ukrzaliznytsia», Ukraine’s Digital Sovereignty: National Cybersecurity Coordination Center Meeting Held

NKCK 14042025 6.jpgA meeting of the National Cybersecurity Coordination Center — the key body for coordination and oversight in the field of cybersecurity — was held under the chairmanship of the Secretary of the National Security and Defense Council of Ukraine, Oleksandr Lytvynenko. 

The meeting was attended by Deputy Secretary of the NSDC of Ukraine Serhii Demediuk, NCCC Secretary Nataliia Tkachuk, and representatives of the senior leadership of the State Service of Special Communications and Information Protection of Ukraine, the Ministry of Foreign Affairs, the Security Service of Ukraine, the National Police of Ukraine, the National Bank of Ukraine, intelligence agencies, other member bodies of the NCCC, and JSC “Ukrzaliznytsia.”

NKCK 14042025 4.jpgParticipants addressed two key issues. The first concerned the results of the investigation into cyberattacks on the Unified and State Registers of the Ministry of Justice, on JSC “Ukrzaliznytsia,” and control measures for the cybersecurity status of critical state systems. The second issue dealt with Ukraine’s digital sovereignty and reducing threats related to the country’s dependence on technologies, solutions, and services from foreign providers in the fields of cybersecurity and IT, as well as on international technical assistance for their maintenance.

NKCK 14042025 1.jpgOpening the meeting, NSDC Secretary Oleksandr Lytvynenko emphasized the importance of uniting efforts to build national security capacity in the field of cyber defense. He stressed that the cyber war is ongoing and will continue even after the end of direct military operations. Therefore, Ukraine must intensify efforts to strengthen cyber resilience and defense, and develop the cybersecurity governance system.

Deputy NSDC Secretary Serhii Demediuk focused in detail on the first issue. He emphasized that the cyberattacks on the Ministry of Justice’s registers and “Ukrzaliznytsia” demonstrated the crucial role of cybersecurity in the context of national security, defense capabilities, and the functioning of the state. Demediuk also drew attention to the need for proper cyber protection of systems, awareness of potential attack vectors, and the appropriate response from each critical infrastructure entity.

NKCK 14042025 2.jpg«We are in control of the situation, we have information about what happened and we are ready to act — most importantly, to counter real cyber threats. We also understand what resources and capabilities will be needed in the future to repel cyberattacks»,-  Demediuk noted.

NKCK 14042025 9.jpgDuring the meeting, NCCC members heard from Yurii Bezginskyi, Deputy Director of the Corporate Security Department at JSC “Ukrzaliznytsia,” about the state of cyber protection and the restoration of Ukrzaliznytsia’s systems after the cyberattack. They discussed priority actions necessary to prevent and minimize the negative consequences of future destructive cyberattacks on Ukraine’s critical systems.

Participants emphasized the need for leaders of critical infrastructure facilities, both state-owned and private, to recognize the vital role of cyber protection for their systems and to ensure sufficient human and resource capacity for this purpose.

NKCK 14042025 7.jpgChairman of the State Service of Special Communications and Information Protection of Ukraine, Oleksandr Potii, stressed that the adversary had prepared for the cyberattack in advance and that the breach of registers occurred through the spread of malicious software. Given this, he stated, it is necessary to invest more resources into building cyber incident response processes, expanding security monitoring measures, and investing in both cybersecurity technologies and human resources. These actions will help reduce the risks of future cyberattacks.

As a result of the discussion on the first issue, a number of strategic decisions were adopted to strengthen Ukraine’s cyber resilience. These include the creation and maintenance of a unified infrastructure for data processing, transmission, and storage for state needs; the introduction of requirements for operators (state, municipal, and private) providing data storage services and an auditing mechanism; and the mandatory (but not exclusive) storage of backup copies of state electronic information resources and databases within the territory and jurisdiction of Ukraine (in particular, in national cloud services), as well as ensuring appropriate backup of critical data at the national level.

NKCK 14042025 8.jpgDiscussing the topic of Ukraine's digital sovereignty, the participants of the meeting heard a report from the Secretary of the National Cybersecurity Coordination Center, Nataliya Tkachuk, on the current state of the use of foreign-made technologies, solutions and IT services in the state sector for cybersecurity, as well as priority steps to minimize the risks of such dependence. The report also covered the state funding for cybersecurity in 2024, including the spending of government agencies on cybersecurity in terms of the procurement of goods, services, and wages. She also addressed the topic of budgetary funding for 2025.

«Ukraine must finally develop its own cybersecurity ecosystem, creating national products and supporting Ukrainian IT companies, and we have the necessary potential for this. These priorities should be considered during the implementation of international technical assistance projects, ensuring we don't repeat past mistakes when building the country's infrastructure and cybersecurity that were critically dependent on foreign products and funding. The state must ensure digital sovereignty», - emphasized Nataliіa Tkachuk.

NKCK 14042025 5.jpgThe participants supported the inclusion of the issue of Ukraine's digital sovereignty in the updated Cybersecurity Strategy, the preparation of which is entrusted to the National Cybersecurity Coordination Center. They also supported state assistance in the development of Ukraine's IT business, national IT products and services, national cryptography, as well as scientific research and development in this field. Furthermore, they emphasized increasing funding for the cybersecurity sector and the development of cybersecurity in regions that currently need such support the most.

NKCK 14042025 3.jpgIt was also decided that during the formation and coordination of cybersecurity and digitalization projects funded by foreign countries, organizations, and donor structures, efforts should be made to involve Ukrainian companies and service providers in their implementation.