The conflict in Ukraine has had a significant impact on global geopolitics and the cybersecurity industry particularly with regards to cyber-attacks and the critical infrastructure protection. Cyber threats have increased exponentially as a result of the ongoing crisis, leading to an increase in demand for improved cybersecurity measures.
Mathieu Gorge, CEO of VigiTrust, recently interviewed Olesya Danylchenko, Deputy Director, Head of Security Forum, and Ukrainian Interbank Payments Systems Members Association EMA, to discuss the key challenges of cybersecurity and critical infrastructure protection in Ukraine.
Can you let us know what you are doing now and also a little bit about your background?
I started my professional career in 2001 in the security department at the Interbank Processing Centre of the National Bank of Ukraine as a risk manager where I was working for 10 years.
In 2012, EMA has joined the European Association for Secure Transactions (EAST) and in 2016, I was selected to present Ukraine at the Financial Services Advisory Group of Europol’s European Cybercrime Centre (EC3).
So for the past 14 years, I have worked for the EMA on the development of Programs Protection Plan (PPP) in Ukraine and neighboring countries to improve the prevention and investigation of cybercrimes targeting financial services and their customers.
What is the impact of the war on cybersecurity in Ukraine and what are your thoughts on the impact on the Critical Infrastructure Protection (CPI)?
The war in Ukraine, both in a kinetic and cyber environment, was launched by the Russian Federation in 2014. Thus, by February 2022, when the full-scale invasion began, critical infrastructure objects, including financial services, were much more resilient to attacks in cyberspace than before 2014.
Nevertheless, this does not mean that the level of cyber-resilience of all financial sector actors in Ukraine is equally high. Cybercriminals’ continued interest in financial institutions and the National Bank of Ukraine’s cybersecurity regulations are driving cybersecurity improvement and the financial sector is usually considered in Ukraine to be more mature than others.
These types of cyber-attacks, widely known as DDoS attacks, which have targeted Ukraine’s financial services since February 2022, are generally assessed by both Ukrainian and international cybersecurity experts as attempts at psychological influence, not aimed at a financial loss or profit for the perpetrators. However, the Anunak (Carbanak) attacks in 2014 and NotPetya in 2017 caused significant financial losses to the targeted banks.
“From my point of view, the most effective way to fight cybercrime targeting any sector – finance, energy, manufacturing, etc., – is based on 3 strands: cooperation, information exchange and experience sharing.”
What do you see as the key challenges right now?
Although financial institutions in Ukraine are capable to protect themselves from real cyber threats, they are not always able to protect their unsuspecting customers, who are deceived by criminals posing as bank employees, bank websites or bank chatbots. To manipulate customers’ behavior and influence their decisions, criminals often use brands and symbols of financial institutions that cause reputational risks. Thus, cyber threats targeting bank customers are indeed the biggest challenge for Ukraine’s financial sector.
How do you see the impact of the war on security professionals in Ukraine? In your opinion, did the war generate innovation in cybersecurity?
In reality, the war has affected everyone in Ukraine, regardless of whether they work in cybersecurity or not, whether they decided to stay in Ukraine or moved abroad. “Any conclusions about the personal impact will be drawn soon after our victory, not now.”
Right now what it is possible to discuss is the impact of the war on Ukraine’s cybersecurity market, so in terms of innovation, the main trends I can see are:
1) The emergence of new highly sophisticated products and services based on Ukraine’s cyberwarfare experience, which could potentially be interesting for foreign markets and governments.
2) The growing interest in the Ukrainian cybersecurity market, as well as in Ukrainian skills and knowledge, by key players in the global cybersecurity market.
3) Strengthening PPPs in the field of cybersecurity in Ukraine and abroad.
What are the non-technical risks that concern you?
Social engineering techniques used by criminals to bypass technical protection are among the most significant non-technical risks. These techniques have become increasingly successful in tricking bank customers, making it an urgent priority for companies and governments alike to raise awareness among their staff and citizens respectively.
Mathieu and Olesya both understand that educating people on the potential threats posed by social engineering is paramount to protect against these attacks, as well as other cybersecurity risks. “Knowledge is a powerful tool when it comes to safeguarding organizations from malicious actors”, says Gorge.