Ukraine’s National Cybersecurity Coordination Center, which opened last year, is a big part of the effort in the country to ramp up its defense against cyberattacks. The center’s office is in the heart of the capital, a five-minute drive from Ukraine’s pa

Ukraine says it’s ramping up its cyberdefense in light of Russian attacks  

Since 2014, when Russia annexed the Crimean peninsula and invaded eastern Ukraine, the government in Kyiv has transformed its approach to national security.

US officials say that Russia has deployed 70% of the troops — and weapons — it would need to launch a full-scale invasion of the country.

Russia has dismissed those accusations and criticized the US for deploying some 3,000 additional troops into NATO countries in Eastern Europe. 

But a military buildup on the Ukrainian border isn’t Russia’s only form of combat. Russian cyberattacks against Ukraine have been a menace for some time.

“Russia has been conducting cyberoperations against Ukraine for the better part of the last seven years, and there [has] been some increase of the tempo of operations in the last couple of months.”

Dmitri Alperovitch, Silverado Policy Accelerator 

“Russia has been conducting cyberoperations against Ukraine for the better part of the last seven years, and there [has] been some increase of the tempo of operations in the last couple of months,” said cybersecurity expert Dmitri Alperovitch, with the Silverado Policy Accelerator think tank in Washington. 

He said that the most recent incident of a cyberattack against Ukraine was just last month: “[A] sweeping cyberattack left many official government websites unusable; the hackers posted a message in Russian, Ukrainian and Polish. It warned readers to quote, ‘Be afraid,’ and “Expect the worst.””

Related: Russia could unleash disruptive cyberattacks against the US — but efforts to sow confusion and division are more likely

The hackers claimed that people’s personal information on at least 70 government, nonprofit and information technology websites was made public. Ukrainian authorities said this was false, and within 24 hours, all the websites were restored.

The Kremlin denied responsibility for the attack but some security experts say it’s part of a long history of cyberwarfare waged by Russia against Ukraine.

“Two years in a row [in 2015 and 2016], they shut down the electric grid [in Ukraine] right around Christmastime, and also they were responsible for a Ukrainian origin event known as NotPetya which, unfortunately, had global cascades,” said Chris Krebs — who ran the US government’s cybersecurity agency from 2018 to 2020.

The NotPetya attack was in 2017, and it’s considered perhaps the most devastating cyberattack ever in Ukraine, causing billions of dollars in damages.

Since 2014, when Russia annexed the Crimean peninsula and invaded eastern Ukraine, the government in Kyiv has transformed its approach to national security. The country modernized its weapon systems, beefed up its armed forces and bolstered cybersecurity capabilities. 

Related: Kyiv’s Go_A Band reinterprets Ukrainian folk music with electronica 

Ukraine’s National Cybersecurity Coordination Center, which opened last year, is a big part of that effort. The center’s office is in the heart of the capital, a five-minute drive from Ukraine’s parliament building.

Large, interactive screens with maps, graphs and charts show real-time information. 

Serhiy Prokopenko, head of the NCSCC Support Service of the NSDC Staff, said the office focuses on both the public and private sectors, which is critical because Russian cyberattacks are not just targeting Ukraine’s government; people from the private companies can also come to the center to learn more about cyberdefense. 

“They can go here and work with real situation[s] in order to understand how to protect their customers. Some analytics, [some] sort of intelligence they get here, the process is [ongoing].”

Serhiy Prokopenko, head of the NCSCC Support Service of the NSDC Staff, said the office focuses on both the public and private sectors, which is critical because Russian cyberattacks are not just targeting Ukraine’s government.
Serhiy Prokopenko, head of the NCSCC Support Service of the NSDC Staff, said the office focuses on both the public and private sectors, which is critical because Russian cyberattacks are not just targeting Ukraine’s government.Daniel Ofman/The World

Serhiy Demedyuk, the deputy secretary of Ukraine’s National Security and Defense Council, said that the threat level of cyberattacks by Russia is very high right now — and is aimed at government institutions and critical infrastructure. 

Related: It’s just a ‘panic attack’ – Russian media blames US for escalating Ukraine crisis

But sometimes, he said, as with the January attack, the hackers are simply trying to send a message: “The major goal behind this attack was not to disrupt something, but it was like a hybrid attack to sow panic and chaos, more like psychological warfare, but basically, we were ready and prepared to defend against them.”

Demedyuk said that Ukraine is vulnerable to more attacks in the future because of the two countries’ shared past. 

“There are pros and cons to having this joint past with Russia. The cons are that Russians know Ukraine’s specifics and infrastructure, but we know how they operate, we know their modus operandi, so we know how to defend against these possible attacks.”

Serhiy Demedyuk, deputy secretary of Ukraine’s National Security and Defense Council

“There are pros and cons to having this joint past with Russia. The cons are that Russians know Ukraine’s specifics and infrastructure, but we know how they operate, we know their modus operandi, so we know how to defend against these possible attacks.”

Related: Tensions along Ukraine’s border remain high. Military veterans there say they’re ready for anything.

Demedyuk said that Ukraine is improving its cyberdefense capabilities and, if necessary, people here are prepared to go on the offensive. 

“Our intelligence has identified vulnerabilities in Russia’s infrastructure, and we are ready and capable of attacking this, but obviously, we’re not doing this because we’re trying to adhere to the norms of international law,” he said. “However, if and when Russia decides to start an outright war on Ukraine, we will be defending against this with all available resources.”

In other words, the message to Russia is that Ukraine is ready.

Demedyuk pointed out that the threat of cyberattacks from Russia is an international problem: “Ukraine is no longer the sole object of Russia’s attacks, Ukraine has been a test field for Russia in the past. They’ve tested and honed their skills and now they are applying these skills in the EU countries and the United States.”

And he said it’s not just about protecting Ukraine. Officials here are working more closely with the US and Europe on cybersecurity. They’re sharing intelligence, he said, and helping their Western partners improve their own defenses.

Volodymyr Solohub contributed to this report. Anna Pratt edited this digital story.

Less than .05% of listeners will donate. Can we count on you?

Our coverage reaches millions each week, but only a small fraction of listeners contribute to sustain our program. We still need 224 more people to donate $100 or $10/monthly to unlock our $67,000 match. Will you help us get there today?