One of Ukraine’s cybersecurity leaders was a surprise video guest at BlackBerry’s annual Security Summit on Wednesday, thanking multinational companies for helping the country blunt cyber attacks from Russia and offering tips on cyber resiliency to CISOs.
“We’re lucky we have light,” Victor Zhora told an audience in New York and, by Internet, around the world, as he sat under a lamp in what looked like a room filled with CD albums, “because we have power outages” from Russian missile attacks.
“Unfortunately cyber challenges are not the only ones in our everyday life.”
Zhora was the co-founder of a cybersecurity firm in Ukraine, but is now deputy head of state services for special communications and information protection of Ukraine, a department responsible for defending the country’s digital infrastructure and its cyber incident response team. There are other nine other agencies with cybersecurity mandates.
It was just after 10 p.m. in Kiev, but it was 3 p.m. in New York, where BlackBerry CEO John Chen asked questions about surviving a cyber war.
Zhora reminded listeners that Ukraine has been under periodic cyber attacks — largely attributed to Russia or Russian-based threat actors — starting with the country’s 2014 presidential election. In December 2015 and 2016 there were severe attacks on the country’s power grid, followed by attacks on on the media and government departments.
Then, in 2017, the NotPetya wiper worm was released in what appeared to be a software update to a Ukrainian tax preparation program. It may have been aimed only at Windows computers in Ukraine, but it quickly spread around the world.
“We took a lot of lessons from all these incidents,” Zhora said, to improve resilience, capacity and intergovernmental co-operation. That included creating task forces and holding cyber training exercises. Unnamed “international partners” — meaning some multinational IT companies — helped as well.
Recently those firms have included BlackBerry, Microsoft, Starlink, and Cisco Systems.
Just before the war started, Ukraine moved important databases to servers in the country’s western region — which is further from the Russian border — or into the cloud.
Since the war began in February, the country has faced daily cyber attacks, he said, although not as aggressive as Ukraine — and Western experts — had thought. “There are many factors why Russia hasn’t reached its strategic goals in the cybersphere,” he said. “Hopefully one of the factors is our preparedness and our level of expertise.”
While there was a flurry of cyber attacks in the first month of the war, Zhora said there is currently “an absence of [cyber] strategy” by Russia, with attacks seeming to be about finding and exploiting opportunities. “That gives is the opportunity to fix vulnerabilities, counteract and provide incident response and defend our digital bodies.”
“At the same time the adversary continues to be very dangerous,” he added.
Asked if it’s scary to face cyber attacks from Russia, Zhora replied, “We don’t have time to think about how scary attacks can be.”
Like other Ukrainian leaders, he said the country needs tougher economic sanctions against Russia from the West, which, among other things, would help cripple Russia’s ability to buy IT equipment abroad.
Ukraine is also looking for power generators, as well as more IT hardware and software.
“Invest in cybersecurity,” he urged corporate leaders, “because if a cyber incident happens like NotPetya, it’s difficult for government agencies to help everyone simultaneously. That means building cybersecurity in your company is the best way to help build cyber resiliency in the state. We all need to be protected, and we all need to be united. There no country that can be protected by itself.
“We have four pillars in cybersecurity: People, processes, technology and co-operation. In a contemporary, interconnected world there is no chance to be isolated. A cyber coalition that can be created from countries with responsible behavior in cyberspace and exchanging information on threats can be an efficient way of building a robust cybersecurity ecosystem which can counter the threats that Ukraine is facing now and in the future.”
BlackBerry Security Summit continues Thursday with on-demand sessions.