Ukraine calls on its partners to create new international cyber deterrence tools: What was discussed at the first annual international forum on cyber security in Kyiv?

Only new international cyber deterrence solutions will strengthen threat resistance: Results from the Kyiv International Cyber Resilience Forum 2024.

For two days, February 7-8, representatives of the state, technology companies, leading industry experts, and members of the cyber community gathered to discuss resilience during cyber warfare at the Kyiv International Forum on Cyber Security. The forum’s goal is to rethink and utilize Ukrainian experience in cyber warfare and its use to foster the development of strategies for the countries of the democratic world to increase their cyber resistance using modern technologies, tools of diplomacy, international law, and active cyber defense.

Ukrainian experience

Just last month, hackers attacked several Ukrainian services and companies, among them: Ukrzaliznytsia, Parkovy, Naftogaz, Ukrposhta, Shlyakh, Monobank, and the Ministry of Agrarian Policy’s website. On the first day of the forum, the enemy attacked the Ministry of Education’s website.

As Minister of Digital Transformation Mykhailo Fedorov reported, Ukraine has managed to repel more than 5,000 Russian cyberattacks since the beginning of the war. Moreover, the Russian Federation’s invasion began from cyberspace. The first attacks occurred after 2014, and the largest was in January 2022. Ukraine has withstood these blows because “we managed to establish a powerful interaction between all institutions and cyber security practices,” Fedorov added.

At the same time, government officials emphasized that the enemy continues to develop in this direction and is increasing its attacks on both the public and private sectors. Therefore, Ukraine must strive to reach a new level of data protection. It will also require updating legislation in accordance with the requirements of European and NATO countries and training specialists in higher education institutions. According to Fedorov, it is also important to involve the private sector in work on the state’s cyber defense because the private sector constantly generates innovations and implements the most advanced technological tools.

Deputy Minister of Defense Kateryna Chernogorenko emphasized that the war is currently ongoing not only in physical space but also in cyberspace. Therefore, the Ministry of Defense is doing everything possible to ensure that military systems are more flexible and meet modern requirements for an adequate level of protection.

How to fight a cyber enemy?

According to Oleksiy Danilov, Secretary of the National Security and Defense Council, one of the ways to fight a cyber war is to create a cyber diplomat position in Ukraine. “A large number of countries have cyber diplomats. I think that such a position will soon appear in our country because we are working hard in this important direction,” said Danilov. Note that digital diplomacy in Ukraine is mentioned for the first time as a component of the public diplomacy strategy that was adopted in 2021 by the Ministry of Foreign Affairs. It is not only about communication but also about the spread of digital solutions at the international level, such as Action. In July 2023, the government also decided to create an action plan in the field of cyber diplomacy, to be undertaken by the Ministry of Foreign Affairs.

Serhiy Demediuk, Deputy Secretary of the National Security Council, believes it is necessary to fundamentally change the world’s cyber protection policy. “We must create joint response groups, not local ones. After all, we know that China and Russia are working on an attack that will lead to the shutdown of the Internet all over the world. And they are testing it in their country. Therefore, it is necessary to build a joint cyber security strategy that will be reviewed every quarter because the toolkit is constantly changing,” he noted. The official emphasized that it is necessary to recognize that a cyber conflict is also a conflict between states. Therefore, developing a new international order of confrontation and cyber resistance is necessary. “We must develop a tool of cyber deterrence because it is precisely what will enable us to prevent China, the Russian Federation, and their “partners” to act arbitrarily. We will be able to stop the enemy if we defend ourselves inside our country and outside its borders. Therefore, we need to review the norms regarding cyber security and the possibilities of its protection,” Demediuk urged.

He was supported by the Deputy Minister of Digital Transformation of Ukraine, George Dubinskyi, noting that cyber security is an integral part of the Ukrainian government’s digital policy, so work with partners continues on its adaptation to European and international norms. In addition, Dubinsky reminded observers that the government launched the Digital Solidarity initiative outside the borders of Ukraine because this is what cyber diplomacy is all about. “We are resilient when we are together and involve our partners and allies. We must stop Russia from getting access not only to advanced technologies, software, etc. but also to “iron” – to hardware. After all, they are already using artificial intelligence against us. This is a new cyber challenge, there are no borders here, let’s not forget that,” the official emphasized.

Conference participants also repeatedly emphasized the importance of the Tallinn Mechanism. It was officially supported and formalized on December 20, 2023, by Ukraine, Canada, Denmark, Estonia, France, Germany, the Netherlands, Poland, Sweden, Great Britain and the US. Its purpose is to coordinate and facilitate the building of civilian cyber capacity to help Ukraine defend itself against Russian aggression in cyberspace and meet long-term cyber resilience needs.

US Ambassador for Cyberspace Nathaniel Fick said that the main cyber defense strategies of the US include:

1. Shifting the responsibility for cyber protection from the consumer to the government, large technology companies, and software developers;
2. Cyber diplomacy, within which the US State Department is currently working on an international cyber project, which should initiate cooperation between countries in cyberspace. This project will be presented at the RSA conference in San Francisco in May;
3. Encourage all companies to make long-term investments in their own cybersecurity.

Cyber security and business

 The co-founder and director of Cyber Unit Technologies, Yehor Aushev, focused in more detail on the role of cyber security in business because it is an integral part of it, not only in the private sector but also in state-owned enterprises and corporations. “The weakest link in cyber security is people. It is necessary to train personnel on how to properly interact with software and equipment. Also, to teach people basic cyber security rules on a daily basis,” he said. Aushev also drew attention to the fact that companies that do not continually invest in and develop cyber security eventually lose their competitiveness. “It is also worth remembering that any organization or company, large or small, state, private, and even local self-government bodies, is currently an element of the country’s cyber resilience. Therefore, everyone is at risk. With this in mind, all processes in companies must be built following cyber security rules, which must be constantly reviewed,” the expert emphasized.

In light of the recent large-scale attack on Kyivstar, the Ukrainian telecom operator, the company’s president, Oleksandr Komarov, emphasized: “Because of the war, we have moved to a completely different level of cybercrime. This is cybercrime perpetrated by a state that has incredible resources, time, inspiration, and no responsibility before the law.” Komarov said the attack on Kyivstar was a carefully targeted military cyber operation. According to the SBU, a Russian intelligence unit was behind it. Komarov added that this could happen to any organization that finds itself an interesting target for such attackers. One of the conclusions the company made is the importance of re-architecting. After all, the person who caused the damage was inside the perimeter. Therefore, it is necessary to move from a general infrastructure to micro-segmentation.