Increasing cyberattacks against strategic objects in Ukraine are part of Russia’s hybrid war against that country, its security services warn; and Kyiv is having to play catch up because as of now it lacks much of the legal framework and technology for defending against them.
On the Apostrophe.com.ua portal yesterday, Ukrainian journalist Artem Dekhtyarenko says that Moscow is exploiting these shortcomings in order to create chaos and destroy the confidence of Ukrainians in their institutions, thus weakening them and the country as a whole.
One of the reasons Moscow has been able to do this is that its actions are hidden within the broader growth of cybercrime in Ukraine. According to Sergey Demedyuk, who heads the interior ministry’s cybercrime unit, there were 4,800 cybercrimes in Ukraine in 2014; 6,026 in 2015; and the number continues to rise.
Most of these involve fraud or identity theft, but far from all, and “the most dangerous examples of cybercrime” are those directed not against individuals but against Ukrainian businesses and institutions, according to Nikolay Kuleshov, deputy head of the information security department of the SBU (Ukraine’s Security Service).
Separating out official Russian crimes from the mass of cybercrimes is no easy matter, he says, because “Russian special services often use the territories of third countries and do everything they can to mask their involvement” in this sector.
Experts suggest that the Russian security services were behind the recent cyberattack against the Prikarpatyevoblenergo power company which left “hundreds of thousands of Ukrainians without light for almost six hours and also shut down Ukrainian state enterprises including the Borispol airport. (On that, see this article.)
There are traces of Russian involvement in a number of other cases, experts say, and Gennady Gudak, deputy director for information security at the Iqusion Corporation, says that they can involve attacks on “all spheres which today are linked to the Internet and which realize their functions through computer networks.”
Kuleshov adds that “attacks on strategic objects of Ukrainian infrastructure can be directed not only at shutting it down but also to destabilize the situation and to sow chaos and panic among people” who may as a result then engage in protests against Kyiv. The Russians often exploit the fact that Ukrainian institutions often use electronics of Russian origin.
Last week, President Petro Poroshenko signed a decree approving a January 2016 Security Council decision about dealing with cybersecurity and defining key terms like “cyber-terrorism.” And now the interior ministry and SBU are working on new legislation in that area.
But officials acknowledge they have a long way to go: Demedyuk notes that “bringing cybercriminals to justice in Ukraine is complicated by the fact that we do not have a corresponding legal framework.” Indeed, at present, “Ukraine is a more liberal country regarding cybercrime” and cybercriminals often use it as their base.
Moreover, as Gudak points out, Kyiv has been anything but quick in moving on this issue. The first draft documents about cybercrime were worked out four years ago as part of a Ukraine-NATO meeting in Yalta. But only now is Kyiv taking them up formally. If things don’t speed up, Ukraine will face ever greater problems in this area.