Cybersecurity teams from the UK and Ukrainian governments met in London yesterday in what was described as “an important moment” in the increasingly close relationship between the two countries. The meeting came as new figures were released showing the extent of Russia’s cyber activity against Ukraine as part of the war in Eastern Europe, with digital assaults on critical services and infrastructure often coinciding with bombing campaigns.
Members of Ukraine’s national cyber defence team, the Computer Emergency Response Team (CERT-UA) met with the UK’s National Cyber Security Centre (NCSC) in London yesterday. The talks involved the director of the NCSC, Paul Chichester, and security minister Tom Tugendhat.
Ukraine and UK meet for cybersecurity talks
The group discussed how the cyber element of the war has developed and ways to further build Ukrainian resilience, according to a government statement.
“Ukraine has defended itself resolutely in cyberspace in the face of Russian aggression and the UK has been proud to support that defence,” Chichester said. “It is fitting that, here in the UK, we are hosting senior figures involved in Ukraine’s response. We are honoured to do so,” Chichester continued.
“This visit is an important moment in our relationship and an excellent opportunity to learn from each other as we continue to build our collective resilience.”
Tugendhat reiterated that protection of Ukraine is paramount in the face of the terror being inflicted on civilian populations in Ukraine. “I’m delighted to welcome our friends from Ukraine. Their fight against Russian barbarism goes beyond the battlefield and the terror being inflicted on civilian populations. There is the real and persistent threat of a Russian cyberattack on Ukraine’s critical infrastructure,” he said.
“The National Cyber Security Centre’s expertise is world class, and I’m proud of the support they continue to provide our Ukrainian allies.”
The UK has been heavily involved in supporting Ukraine’s cyber defence effort against Russia, providing practical and financial support. In November, it was revealed the government had provided £6.35m towards the Ukraine cybersecurity effort.
This money covered incident response for cyber attacks, firewalls to prevent said attacks from taking hold, protection against Distributed Denial of Service (DDoS) attacks and forensic capabilities to help Ukrainians understand the attacks and rebuild infected systems.
Russia’s coordinated attacks on Ukraine
Ukraine has been under a barrage of cyberattacks during the conflict, mostly from hackers with sympathy for the Russian cause. Attacks have ranged from basic DDoS assaults to more sophisticated attempts to hobble critical national infrastructure, and figures released by the Ukrainian government yesterday show that there have been 2,194 cyber incidents in 2022, a quarter of which were aimed at government and local authorities.
The CERT-UA said it repels up to “40 powerful high-level DDoS attacks daily”, and that “395 attacks were stopped and blocked in December” alone. More than 170,000 attempts were made to use vulnerabilities in state information resources.
Further Ukrainian government information released this week reveals the way Russia has been co-ordinating its cyberattacks with physical warfare. “In the autumn and winter of 2022, after a series of cyberattacks on the energy sector, Russia launched several waves of missile attacks on energy infrastructure, while simultaneously launching a propaganda campaign to shift responsibility for the consequences (power outages) to Ukrainian state authorities, local governments, or large Ukrainian businesses,” says the report from the State Special Communications Service of Ukraine, another government agency with responsibility for cybersecurity and communications.