21 July 2023

The Ukrainian National Cybersecurity Coordination Center on the “First World Cyber War”

DANIEL PEREIRA

The National Cybersecurity Coordination Center (NCCC) is an organization housed within the National Security and Defense Council of Ukraine and, based on the USAID logo on the front page of some of its reports, sponsored by the U.S. Government. The NCCC has provided an English translation of its June 2023 Review of Cybersecurity in Ukraine, Tendencies, and World Events Related to the First World Cyber War – which resembled OODA CTO Bob Gourley’s post at the onset of the conflict in Ukraine: We Are In The First Open Source Intelligence War – so it caught our eye. A summary of the report and a link to the full document can be found here.
Summary of the Report

Review of cybersecurity news in Ukraine, tendencies, and world events related to the First World Cyber war for June 2023:

At the beginning of June, several international events related to cyber security took place in Tallinn, Estonia, including the CyCon conference. Participants focused on discussing the theory and practices of cyber conflicts, primarily taking into account the realities of cyber confrontation in the russian-Ukrainian war. The fifth U.S.-Ukrainian bilateral cyber consultations became part of these events, and the U.S. plans to provide Ukraine with an additional $37 million in cyber security assistance.

The EU continues to implement measures that limit China’s influence on the EU’s digital infrastructure and is developing its cyber capabilities. European legislators are finalizing work on the Law on Cyber Resilience, which should create some new opportunities for the EU to improve its own cyber security. Also, the EU continues discussions with partners regarding possible areas of cooperation to build the stability of critical infrastructure facilities.

A key event in June was a cyberattack by the russian malicious group Cl0p using a vulnerability in the popular file-sharing program MOVEit. As a result of the cyberattack, several American federal institutions and large industrial companies were affected. Currently, cyber security authorities continue to investigate the consequences of the cyberattack and the extent of data loss.

Artificial intelligence (AI) is the center of special attention for both national governments and international discussions. ENISA held regular discussions on the possible threats of uncontrolled use of AI for personal data, and the EU in general is preparing to introduce regulatory norms for the use of AI. The U.S., in turn, points to the threat of illegal AI use by authoritarian countries and draws attention to the fact that countries such as China are ready to enter new races of technological development with the West using old methods of not-always-fair competition.

On June 15, the creation of the IT coalition as a part of Rammstein was announced. This initiative will contribute to increasing Ukraine’s capabilities, in particular in matters of cyber defense, and is part of the wider international partner efforts to support Ukraine. The continued support from the U.S. in the digital sphere should also be noted. Meanwhile, Western experts continue to discuss how effective Ukrainian approaches to cyber defense were during the war, draw conclusions, and work out possible changes in their own approaches to cybersecurity.

The full English version of the report can be found here.

“What is the The Ukrainian National Cybersecurity Coordination Center?” (Generated by OpenAI’s ChatGPT)

The Ukrainian National Cybersecurity Coordination Center (NCCC) is a government entity in Ukraine responsible for coordinating and addressing cybersecurity issues at a national level. It plays a crucial role in protecting Ukraine’s critical information infrastructure, combating cyber threats, and ensuring the country’s cybersecurity resilience.

The NCCC operates under the State Service of Special Communication and Information Protection of Ukraine (SSSCIP). It serves as a central point for monitoring, analyzing, and responding to cybersecurity incidents, coordinating information sharing, and facilitating collaboration among various stakeholders involved in cybersecurity.

The key responsibilities and activities of the Ukrainian NCCC may include:

1. Incident Response: The NCCC is responsible for coordinating incident response efforts in case of cybersecurity incidents, including cyber attacks, data breaches, or other cyber threats. It collaborates with relevant government agencies, law enforcement, and other incident response teams to mitigate the impact of cyber incidents.

2. Threat Intelligence and Monitoring: The NCCC gathers and analyzes threat intelligence, including information on emerging cyber threats, vulnerabilities, and trends. It monitors the Ukrainian cyberspace for potential threats and actively engages in risk assessment and mitigation strategies.

3. Coordination and Collaboration: The NCCC fosters collaboration and information sharing among various stakeholders, including government entities, critical infrastructure operators, industry associations, and international partners. It works towards establishing effective cybersecurity frameworks, standards, and best practices in line with national and international cybersecurity guidelines.

4. Awareness and Education: The NCCC plays a role in promoting cybersecurity awareness and education initiatives across different sectors of society. It works to enhance public understanding of cyber risks, safe online practices, and the importance of cybersecurity hygiene.

The specific activities, structure, and scope of the Ukrainian NCCC may evolve over time to address the dynamic nature of cybersecurity threats. For the most accurate and up-to-date information on the Ukrainian NCCC, it is advisable to refer to official government sources or the relevant cybersecurity agencies or departments in Ukraine.
“What is the State Service of Special Communication and Information Protection of Ukraine (SSSCIP)?”

The State Service of Special Communication and Information Protection of Ukraine (SSSCIP), known in Ukrainian as “Derzhspetszviazok ta Zakhystu Informatsii,” is a government agency in Ukraine. Its primary role is to ensure the security, confidentiality, and integrity of information and communication systems within the country.

The SSSCIP is responsible for various functions related to information security and protection, including:

1. Cybersecurity: The SSSCIP is involved in protecting critical information infrastructure and combating cyber threats. It works to prevent cyber attacks, mitigate their impact, and coordinate incident response activities in collaboration with other relevant government agencies and stakeholders.

2. Encryption and Cryptography: The agency oversees the implementation and use of encryption technologies and cryptography standards within Ukraine. It ensures the confidentiality and security of sensitive information by establishing guidelines and regulations for encryption practices.

3. Information Security Policies and Standards: The SSSCIP develops and implements information security policies, guidelines, and standards across government entities and critical infrastructure sectors. It works to establish best practices and ensure compliance with cybersecurity requirements.

4. Secure Communication Systems: The SSSCIP is involved in the development, management, and operation of secure communication systems used by government agencies and other authorized entities. It focuses on protecting the confidentiality and integrity of sensitive communications.

5. Security Clearance and Certification: The agency is responsible for conducting security clearance processes for individuals accessing classified information or working in sensitive roles. It also plays a role in the certification and accreditation of information systems to ensure their compliance with security standards.

The SSSCIP collaborates with other Ukrainian government agencies, law enforcement, the private sector, and international partners to enhance information security and protect critical assets from cyber threats. It is tasked with safeguarding Ukraine’s information infrastructure and supporting the country’s overall cybersecurity strategy.

Please note that the specific activities and responsibilities of the SSSCIP may be subject to updates and changes over time. For the most accurate and up-to-date information, it is advisable to refer to official government sources or the relevant Ukrainian authorities responsible for information security and protection.
“What is the The National Security and Defense Council of Ukraine?”

The National Security and Defense Council of Ukraine (NSDC) is a key government body in Ukraine responsible for formulating and implementing national security and defense policies. It serves as a central advisory and decision-making institution in matters related to the country’s security, defense, and strategic planning.

The NSDC operates under the authority of the President of Ukraine and includes high-ranking government officials, military leaders, and representatives from relevant ministries and agencies. Its primary objectives include:

1. National Security Policy: The NSDC is responsible for developing and coordinating national security policies, strategies, and plans. It assesses potential threats, formulates responses, and provides recommendations to the President and other government bodies on matters of national security.

2. Defense and Military Matters: The NSDC plays a significant role in shaping defense policies and overseeing the country’s armed forces. It advises on military strategy, defense modernization, resource allocation, and coordination among defense and security agencies.

3. Crisis Management: The NSDC serves as a coordination and decision-making body during times of crisis or emergencies. It formulates responses and strategies to address internal or external threats, such as armed conflicts, natural disasters, or acts of terrorism.

4. National Security Council Meetings: The NSDC convenes regular meetings with relevant stakeholders to discuss security and defense matters, review ongoing operations, and address emerging challenges. These meetings provide a platform for high-level discussions and policy formulation.

5. Coordination with International Partners: The NSDC fosters cooperation and coordination with international partners in areas of mutual security interest. It collaborates with other countries, international organizations, and regional security initiatives to address common security challenges.

The NSDC plays a vital role in Ukraine’s national security architecture, ensuring the country’s defense capabilities, and addressing threats to its sovereignty and territorial integrity. Its activities encompass a wide range of security issues, including defense, intelligence, counterterrorism, cybersecurity, and crisis management.

It’s important to note that the structure, functions, and activities of the NSDC may be subject to updates and changes over time, based on evolving security challenges and government priorities. For the most accurate and up-to-date information, it is advisable to refer to official government sources or the relevant Ukrainian authorities responsible for national security and defense.

No comments: