Cyber Security in Ukraine: Mitnick's formula

We have already discussed the IT special in our countries, now it is a turn to talk about security in this field. Before I started the overview, I may say that nowadays situation in Ukraine is urging security specialists to work in a more effective and time-efficient way. This is all due to numerous cyber attacks on government resources, conducted by Russian hackers, so now it is the best way to flourish for Ukrainian Cyber Security specialists. There is a saying: “what doesn't kill me, makes me stronger” which is very suitable here. Nobody can’t be killed by a cyber attack, so there is the only way to get out of this situation, to progress at a lightning-fast pace. This is happening now with the help of EU specialists (including those guys, who have developed and maintained Estonia’s digital security system). I will display the information using Mitnick’s formula: technology, training, and policy.

Technologies…I’m not very competent with particular examples, but I think nearly all resources have decent firewalls and networks. I used to notice it when accessing websites from outside of Ukraine, for example, my current residence – Estonia. There is nearly always a captcha at least, to somehow protect from abundant requests. This is only what users see. There is some discussion around the government project “Diia”, which is a mobile app, a web portal, and a brand of e-governance in Ukraine. Launched in 2020, the Diia app allows Ukrainian citizens to use digital documents on their smartphones instead of physical ones for identification and sharing purposes. The Diia portal allows access to over 50 governmental services. In the future, the government plans to make all kinds of state-person interactions available through Diia. [1] I think Diia is the most sensitive project in my country due to the storage of millions of items of personal data such as passports, driver’s licenses, and other kinds of staff, so it was targeted several times.


There is no doubt who has done this, so we should be pretty careful with some potential harm, caused by such aggression. Despite threats, such kinds of services on a government level can only show the potential for future development of the Cyber Security field in Ukraine.

With recent scam attacks on collecting sensitive data, I think way more people tend to behave more carefully with anonymous or not strange messages to emails and private messages. Since the 24th of February, there have been hundreds of such examples. The most recent one is yesterday’s private message with the appeal to tell “your” story of this war because the world should know the truth. 

The level of awareness has its peak now, due to some I may call “training” by the government, which are some rules on how to behave with suspicious messages. Even before the war, the level was pretty good. The youth was conscious, as well as “boomers”. We are trying to do our best as well to succeed in teaching our grandparents, so overall I’m somehow even proud.

Regarding security policies, there are three basic principles of state policy which is also related to the IT sphere:

• Deterrence – development of security and defense capabilities to deter armed aggression against Ukraine; 

•  Resilience – the ability of society and the state to quickly adapt to changes in the security environment and maintain a sustainable operation, in particular by minimizing external and internal vulnerabilities;

• Interaction – the development of strategic relations with key foreign partners, primarily with the European Union and NATO and their member states, the United States; and of pragmatic cooperation with other states and international organizations based on the national interests of Ukraine.

The Cybersecurity Strategy is aiming in particular to improve the security of network and information systems, introduce a risk management system, create conditions to provide resources including human cybersecurity, enhance operational and cybersecurity critical infrastructure, fight against cybercrime, use the capabilities of public-private partnership, and interaction of stakeholders to address cybersecurity and cyber defense issues and increasing the level of online culture. One more issue is that we do not have a cookies policy, but I don’t think it may dramatically change the situation.

To sum up, definitely, Ukraine’s Cyber Security has some minor problems, but it is developing fast using up-to-date security strategies with the help of our EU friends.

        References :

1.                  https://en.wikipedia.org/wiki/Diia;

2.                  https://www.dcaf.ch/sites/default/files/publications/documents/UkraineCybersecurityGovernanceAssessment.pdf


Коментарі

Дописати коментар

Популярні дописи з цього блогу

Assistive technology

Зображення
  It is amazing how technologies are evolving. We can’t even imagine that something, not alive can perform some functions or recognize movements as a human being. Different assistive technologies such as braille displays and keyboards, technologies to transform neural impulses into some actions happening on a screen, and of course eye trackers. Today I’m going to talk about Microsoft Eye First Games, which are an example of up-to-date assistive technology. There are four games: Tile Slide, Match Two, Double Up, and Maze. These games employ Windows 10 eye-tracking APIs and may be played with or without Windows 10 Eye Control, a critical accessibility feature for those with speech and mobility impairments. People with speech and movement impairments may have difficulty communicating and using computer technology to play (games), cooperate, engage in activities, and be productive. These constraints can be solved with advancements in accessibility technology such as Windows 10 Eye Cont
Докладніше

IT professionals in Ukraine

Зображення
Today I’m going to talk about the IT sphere and workers of my home country – Ukraine. Despite today’s actions in eastern, northern, southern, and central parts, IT companies are still managing to function, though in distance work mode. Before the wartime started, we had a truly big IT sphere with its main center in Kyiv, there was great competition for all positions in every more or less large company. We have lots of offices and employees all around the country, that do a great job for the benefit of Ukraine’s economy. Actually, our government has provided convenient conditions to promote IT business including lower taxes and an easy startup process. As for a truly professional specialist, I have seen some individuals when I was working as an intern in a company. The first impression of such people is that they tend to be dedicated to their responsibilities and work in general. They have a passion to create something new and unique and proper skills to implement their thoughts. This i
Докладніше

Censorship and privacy

Зображення
  We all live in a time when privacy can’t be provided to a full extent due to numerous factors. Google, Facebook, and other apps usually secretly collect your data for their purposes and rarely do something to help in this situation except not using this kind of service. But for censorship, I mean hiding real facts (not hiding some adult content), it is something that can’t be seen in a democratic country. However not every country is such and we can name various examples even without thinking too much. As a member of a democratic world, it is not acceptable that a whole nation is trying to delete another nation just because they want. But actually, that is what russians have been doing for 300 years and are continuing to do with Ukrainian culture and people. Holodomor, which was an intentional act of genocide against the Ukrainian people was a clear example of russian politics throughout only the last century. You can easily compare articles even in Wikipedia in different languages
Докладніше