Bumble Dee - stock.adobe.com

Ukraine CERT leaders touch down in London for talks

The UK’s NCSC has been hosting Ukrainian cyber security leaders for a round of bilateral talks on improving resilience

Ukraine’s cyber security leaders have been in London to meet with their UK counterparts at the National Cyber Security Centre (NCSC), discussing the latest developments in the conflict and building improved cyber resilience during a series of bilateral discussions.

This is the first trip undertaken by Yevheniia Volibynk, chief of Ukraine’s national Computer Emergency Response Team (CERT), and deputy chief Yevhen Bryksin, since the war began in February 2022.

They were accompanied by Viktor Zhora, deputy chairman and chief digital transformation officer at Ukraine’s State Service of Special Communication and Information Protection (SSSCIP), who also joined NCSC operations director Paul Chichester for a discussion at CyberThreat 2022 – a joint SANS-NCSC technical conference covering both offensive and defensive security disciplines.

“Ukraine has defended itself resolutely in cyber space in the face of Russian aggression, and the UK has been proud to support that defence,” said Chichester.

“It is fitting that, here in the UK, we are hosting senior figures involved in Ukraine’s response. We are honoured to do so. This visit is an important moment in our relationship and an excellent opportunity to learn from each other as we continue to build our collective resilience.”

Security minister Tom Tugendhat added: “I’m delighted to welcome our friends from Ukraine. Their fight against Russian barbarism goes beyond the battlefield and the terror being inflicted on civilian populations. There is the real and persistent threat of a Russian cyber attack on Ukraine’s critical infrastructure.

“The National Cyber Security Centre’s expertise is world class, and I’m proud of the support they continue to provide our Ukrainian allies,” he said.

Read more about the Ukraine war

The Ukrainian authorities estimate that CERT-UA currently investigates between 200 and 300 distinct cyber incidents affecting the country every day, and saw more than 2,000 major incidents during 2022, a quarter of them targeting government and local authorities, with the defence and security, energy, finance, logistics, and telecoms sectors also bearing a heavy load.

The NCSC has been lending support to its Ukrainian counterparts since before the war broke out, and after the war began participated in a Westminster-backed programme to support Kyiv’s government agencies and civilian operators of critical national infrastructure from cyber attack. With incident response support and forensics, protection against destructive cyber attacks, data protection, network access controls, and support in hardening critical IT infrastructure and networks.

Backed by a funding package worth more than £6.35m, the existence of the programme was an official secret for security reasons, but its existence was disclosed by the government at the start of November 2022.

In the UK itself, beyond a number of distributed denial of service attacks linked to hacktivist groups supporting Russia, the cyber dimension to Russia’s war on Ukraine has not spilled over to the extent some had feared.

Nevertheless, the NCSC continues to advise UK-based organisations – especially operators of CNI – to take reasonable precautions, and has published specific guidance online.

Read more on Data breach incident management and recovery