SlideShare a Scribd company logo

Cyber attacks in Ukraine

Nick Bilogorskiy
Nick Bilogorskiy

Cyber attacks in Ukraine during revolution and Russian intervention With permission from: Glib Pakharenko

Engineering
1 of 17
Download to read offline
Unifying the Global Response to Cybercrime Cyber attacks in Ukraine during revolution and Russian intervention Glib Pakharenko gpaharenko (at) gmail.com 2014-10-13 This is solely my personal opinion Do not consider as call for any action
Unifying the Global Response to Cybercrime Cyber attacks were before the revolution 2 Kyiv < 30 November 2013 Cyber attacks was quite popular before the revolution. • 100Gbit/s Ddos in UA segment in 2010 • politically motivated attacks before elections • Ddos on party sites • Compromise of accounts of politician • economically motivated attacks: • Ddos, on e-shops before Christmas • Mobile operators fraud • Carding • Internet banking unauthorized transfers • Lockers • SEO optimization, SPAM, etc. Police fights with pirated content, unauthorized porno-studios, and online gambling. Used to takes all servers and PC’s with them from victim or suspected.
Unifying the Global Response to Cybercrime Ddos attacks was most popular during street protest 3 December 2013-January 2014 The rate of attacks grows enormously (but dropped for Christmas holidays): • Ddos attacks against opposition media (BlackEnergy, DirtJumper – Russian made); • Police takes servers from opposition office; • Personal accounts of opposition politicians hacked; • Banks, which served accounts of opposition under hacking attacks (unauthorized transfer and then a Ddos to hide the fraud); • Anonymous attack government sites; • A “red” alarm level was on UA nuclear stations when protesters took the ministry of energy building, where control systems were located; • A PC which controls electricity in the city hall was broken, which led to its black-out; • Malicious traffic from Russia rerouted out of Ukraine through Belarus and Cyprus (HostExploit statistics). That’s why the first time in recent years, Ukraine was not in the list of countries with boosted cybercrime.
Unifying the Global Response to Cybercrime Mobile technologies were used during the peak of Revolution 4 Feb 2014 During the peak of the Revolution mobile technologies was most important: • Opposition Parliament member phones were flooded with SMS&Calls; • IMSI catcher mass messaging was used against protesters; • In West regions (where the Revolution started) in police departments only mobile phones were working (no PSTN or other connectivity); • Main opposition TV channel was turned off; • Police planned to turn off mobile connectivity; • In East regions police used mobile phone to compromise two-factor authentication and gain access to protester account.
Unifying the Global Response to Cybercrime Russia occupies Crimea 5 Feb-March 2014 • Government under attack: • Ddos on the parliament site to prohibit law publishing; • Ddos on other sites (national security council, president, etc.); • Physical attack on cabling infrastructure in Crimea; • Anonymous attack sites of Russian government in Crimea; • Russia turned-off UA channels in Crimea; • Broadcasters were unable to take their telecom equipment hosted in Crimea government datacenters; • Enormous amount of government and personal data from IT systems now in Russian hands; • Increased amount of GSM fraud from Crimea against UA operators (as UA law enforcement no longer effective there); • Russian IT-security NGO RISSPA censored anti-war discussions in its forum; • Mass changes in Wikipedia articles; • UA broadcasting satellite “Lybid” was not launched, as the space control center was conquered.
Unifying the Global Response to Cybercrime War with Russia 6 April 2014 – till now Russia effectively use cyber-technology to support their war. Physical attacks are especially dangerous against: • cabling and broadcast infrastructure in area of fighting (media and financial services unavailable); • cabling infrastructure in Kyiv (terracts); • ATMs of specific banks all over Ukraine (terracts). Mobile technology attacks: • Used for correction of artillery fire; • Talks interception; • Traffic rerouting into Russia using VLR/HRL updates; • Forensics of devices owned by UA supporters; Hacking attempts against IT systems of: • UA officials and businessmen accounts; • Local and central public administration; • Electronic election systems (coordinated with Russian main TV channel); • Railway IT systems; • Mobile operators; Russian military activity coordinated with Russian TV channels.
Unifying the Global Response to Cybercrime Russia acts 7 April 2014 – till now Russia has big potential for future cyber conflict: • Mass attacks similar (like against Estonia and Georgia); • Data interception in Russian IT services: • Ukrainians use Mail.ru, VK.com, etc.; • UA sites have counters (JavaScript)from Yandex; • Kaspersky, Dr. Web, 1C, Abby are very popular; • Russian owns or influence UA: • mobile operators (MTS, Kyivstar); • IT integrators and distributors (RRC, Jet); • Parameters of national encryption standard; • Support centers based in Russia (e.g. Arbor); • Webmoney (installs their root CA in browser!); • SCADA systems produced in Russia; • Internet-banking produced in Russia; • Anti-Ddos solutions (traffic rerouted to Moscow); • On the occupied territory: • Internet censorship (blocking UA sites); • Taking ownership on telecom and media property; • UA TV channels are turned off.
Unifying the Global Response to Cybercrime Russia acts (continued) 8 April 2014 – till now Russian cyber criminals became very active: • Specialized botnets being created from UA users only; • Mass attacks against smartphone users over SMS; • Even Smart TV’s were infected and forced to show terrorist channels; Russian propaganda is very effective: • Thousands of bots and operators work to influence rating and comments in social media or on popular news sites; • Pro-Russian articles all over the Internet (even on IT sites); Terrorists use Internet to: • Recruited new members; • Communicate with each other in a secure way. Terrorists warn about bombs in main TV channels in Kyiv.
Unifying the Global Response to Cybercrime Examples of attacks linked to Russia There are elements indicating the involvement of the Russian in letters 9
Unifying the Global Response to Cybercrime Examples of attacks linked to Russia Mass mailing Trojans Android users Some files are signs of Russian-origin 10
Unifying the Global Response to Cybercrime Examples of attacks linked to Russia Social network Vkontakte used by fraudsters for target viral infection 11
Unifying the Global Response to Cybercrime Ukraine response 12 April 2014 – till now Ukraine improves its response in cyber-space: • Close access to national registers from occupied territories; • Terrorist communications being intercepted; • Blocking of terrorist sites; • Prosecution authors of terrorist content; • Improve capabilities of CERT-UA team; • Development of national cyber-security legislation; • Limiting usage of Russian software; • Limited usage of mobile phones on war territory; • Fight with Russian cyber-criminals; • Increased collaboration between government and private sectors. • Mobilizaiton of Ukrainian chapters and NGOs like ISACA Kyiv chapter, OWASP, UISG etc. ; • Volunteers give IT equipment to army.
Unifying the Global Response to Cybercrime Even more effort required (lessons learned) 13 Cyber-war is effectively supports military operations. • Put cyber-security into your “crisis-plan”, when your closest ally becomes an enemy; • Do not have all your Internet traffic routed through a single neighbor country; • Clean your country networks (DNS&NTP servers, infected PC, no pirated software); • Design your web sites to be compatible with anti-ddos solutions (but attacks can flood your office WAN links to defeat anti-ddos service); • Monitor attacks, exchange information about them, research them; • Implement effective filtering mechanism on national exchange points; • Implement BCP plans for media to work in zones of war or terrorist attacks and deliver government information to audience in those areas; • Have a strong cyber-research capabilities in your country; • Have a strong national IT services (resist to globalization); • Implement controls for unauthorized use of lawful interception and cyber-operations by public authorities; • Implement national security standards acceptable both in public and private sector; • Make a simple and easy mechanisms for private researchers to get attack details; • Support creation of many CERT teams as possible; • Provide military and special forces with capabilities of effective large scale cyber-operations and forensics; • Prepare for occupation: have encryption, hidden communication with your partners, emergency data erase and quick recovery of IT systems in other geographical region.
Unifying the Global Response to Cybercrime Ukrainians afraid to use “made in Russia” Might be controlled remotely loads javascript code 14
Unifying the Global Response to Cybercrime Ukrainians afraid to use “made in Russia” Might be controlled by the Federal Security Service 15
Unifying the Global Response to Cybercrime Ukrainians afraid to use “made in Russia” 16
Unifying the Global Response to Cybercrime BE READY TO PROTECT YOUR INDEPENDENCE AND DEMOCRACY 17 Share your ideas about improving national cyber security capabilities with me gpaharenko [at] gmail.com

Recommended

Cyber Terrorism Presentation
Cyber Terrorism PresentationCyber Terrorism Presentation
Cyber Terrorism Presentationmerlyna
 
Cyber Warfare 4TH edition
Cyber Warfare 4TH editionCyber Warfare 4TH edition
Cyber Warfare 4TH editionJorge Sebastiao
 
Cybersecurity for Everyone Course. Final Project OilRig.pdf
Cybersecurity for Everyone Course. Final Project OilRig.pdfCybersecurity for Everyone Course. Final Project OilRig.pdf
Cybersecurity for Everyone Course. Final Project OilRig.pdfHamzaAfzal61
 
Ransomware: History, Analysis, & Mitigation - PDF
Ransomware: History, Analysis, & Mitigation - PDFRansomware: History, Analysis, & Mitigation - PDF
Ransomware: History, Analysis, & Mitigation - PDFAndy Thompson
 
Cybersecurity | Risk. Impact. Innovations.
Cybersecurity | Risk. Impact. Innovations.Cybersecurity | Risk. Impact. Innovations.
Cybersecurity | Risk. Impact. Innovations.Vertex Holdings
 
Cyber warfare Threat to Cyber Security by Prashant Mali
Cyber warfare Threat to Cyber Security by Prashant MaliCyber warfare Threat to Cyber Security by Prashant Mali
Cyber warfare Threat to Cyber Security by Prashant MaliAdv Prashant Mali
 
Critical Infrastructure and Cyber Threat
Critical Infrastructure and Cyber ThreatCritical Infrastructure and Cyber Threat
Critical Infrastructure and Cyber ThreatMotorola Solutions
 
Cyber Threat Intelligence.pptx
Cyber Threat Intelligence.pptxCyber Threat Intelligence.pptx
Cyber Threat Intelligence.pptxAbimbolaFisher1
 

Recommended

Cyber Terrorism Presentation
Cyber Terrorism PresentationCyber Terrorism Presentation
Cyber Terrorism Presentationmerlyna
 
Cyber Warfare 4TH edition
Cyber Warfare 4TH editionCyber Warfare 4TH edition
Cyber Warfare 4TH editionJorge Sebastiao
 
Cybersecurity for Everyone Course. Final Project OilRig.pdf
Cybersecurity for Everyone Course. Final Project OilRig.pdfCybersecurity for Everyone Course. Final Project OilRig.pdf
Cybersecurity for Everyone Course. Final Project OilRig.pdfHamzaAfzal61
 
Ransomware: History, Analysis, & Mitigation - PDF
Ransomware: History, Analysis, & Mitigation - PDFRansomware: History, Analysis, & Mitigation - PDF
Ransomware: History, Analysis, & Mitigation - PDFAndy Thompson
 
Cybersecurity | Risk. Impact. Innovations.
Cybersecurity | Risk. Impact. Innovations.Cybersecurity | Risk. Impact. Innovations.
Cybersecurity | Risk. Impact. Innovations.Vertex Holdings
 
Cyber warfare Threat to Cyber Security by Prashant Mali
Cyber warfare Threat to Cyber Security by Prashant MaliCyber warfare Threat to Cyber Security by Prashant Mali
Cyber warfare Threat to Cyber Security by Prashant MaliAdv Prashant Mali
 
Critical Infrastructure and Cyber Threat
Critical Infrastructure and Cyber ThreatCritical Infrastructure and Cyber Threat
Critical Infrastructure and Cyber ThreatMotorola Solutions
 
Cyber Threat Intelligence.pptx
Cyber Threat Intelligence.pptxCyber Threat Intelligence.pptx
Cyber Threat Intelligence.pptxAbimbolaFisher1
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligencemohamed nasri
 
A military perspective on cyber security
A military perspective on cyber securityA military perspective on cyber security
A military perspective on cyber securityJoey Hernandez
 
Cyberwarfare
CyberwarfareCyberwarfare
CyberwarfareSpace Defense Newsletter
 
CYBER TERRORISM
CYBER TERRORISM CYBER TERRORISM
CYBER TERRORISM Tejesh Dhaypule
 
Chapter 15
Chapter 15Chapter 15
Chapter 15Ali Broumandnia
 
War between Russia and Ukraine in cyber space
War between Russia and Ukraine in cyber spaceWar between Russia and Ukraine in cyber space
War between Russia and Ukraine in cyber spaceuisgslide
 
Corporate threat vector and landscape
Corporate threat vector and landscapeCorporate threat vector and landscape
Corporate threat vector and landscapeyohansurya2
 
Data Leakage Prevention
Data Leakage Prevention Data Leakage Prevention
Data Leakage Prevention Dhananjay Aloorkar
 
Analysing Ransomware
Analysing RansomwareAnalysing Ransomware
Analysing RansomwareNapier University
 
Cyber Threat Hunting Training (CCTHP)
Cyber Threat Hunting Training (CCTHP)Cyber Threat Hunting Training (CCTHP)
Cyber Threat Hunting Training (CCTHP)ENOInstitute
 
Basic Concepts of information security.ppt
Basic Concepts of information security.pptBasic Concepts of information security.ppt
Basic Concepts of information security.pptZaheer720515
 
Cyber warfare
Cyber warfareCyber warfare
Cyber warfareVedangiBrahmbhatt
 
Cyber warfare ss
Cyber warfare ssCyber warfare ss
Cyber warfare ssMaira Asif
 
Information warfare.11
Information warfare.11Information warfare.11
Information warfare.11Dr. Alok Yadav
 
Threat Intelligence
Threat IntelligenceThreat Intelligence
Threat IntelligenceDeepak Kumar (D3)
 
History and future cybercrime
History and future cybercrimeHistory and future cybercrime
History and future cybercrimeOnline
 
ISACA -Threat Hunting using Native Windows tools .pdf
ISACA -Threat Hunting using Native Windows tools .pdfISACA -Threat Hunting using Native Windows tools .pdf
ISACA -Threat Hunting using Native Windows tools .pdfGurvinder Singh, CISSP, CISA, ITIL v3
 
What is cyber resilience?
What is cyber resilience?What is cyber resilience?
What is cyber resilience?Aaron Clark-Ginsberg
 
Cyber war a threat to indias homeland security 2015
Cyber war a threat to indias homeland security 2015Cyber war a threat to indias homeland security 2015
Cyber war a threat to indias homeland security 2015Ajay Serohi
 
MITRE ATT&CK Updates: State of the ATT&CK (ATT&CKcon 4.0 Edition)
MITRE ATT&CK Updates: State of the ATT&CK (ATT&CKcon 4.0 Edition)MITRE ATT&CK Updates: State of the ATT&CK (ATT&CKcon 4.0 Edition)
MITRE ATT&CK Updates: State of the ATT&CK (ATT&CKcon 4.0 Edition)MITRE ATT&CK
 
Threats to the Grid | Cyber Challenges Impacting the Energy Sector
Threats to the Grid | Cyber Challenges Impacting the Energy Sector Threats to the Grid | Cyber Challenges Impacting the Energy Sector
Threats to the Grid | Cyber Challenges Impacting the Energy Sector Invincea, Inc.
 
Detection and Analysis of 0-Day Threats
Detection and Analysis of 0-Day ThreatsDetection and Analysis of 0-Day Threats
Detection and Analysis of 0-Day ThreatsInvincea, Inc.
 

More Related Content

What's hot

Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligencemohamed nasri
 
A military perspective on cyber security
A military perspective on cyber securityA military perspective on cyber security
A military perspective on cyber securityJoey Hernandez
 
War between Russia and Ukraine in cyber space
War between Russia and Ukraine in cyber spaceWar between Russia and Ukraine in cyber space
War between Russia and Ukraine in cyber spaceuisgslide
 
Corporate threat vector and landscape
Corporate threat vector and landscapeCorporate threat vector and landscape
Corporate threat vector and landscapeyohansurya2
 
Cyber Threat Hunting Training (CCTHP)
Cyber Threat Hunting Training (CCTHP)Cyber Threat Hunting Training (CCTHP)
Cyber Threat Hunting Training (CCTHP)ENOInstitute
 
Basic Concepts of information security.ppt
Basic Concepts of information security.pptBasic Concepts of information security.ppt
Basic Concepts of information security.pptZaheer720515
 
Cyber warfare ss
Cyber warfare ssCyber warfare ss
Cyber warfare ssMaira Asif
 
Information warfare.11
Information warfare.11Information warfare.11
Information warfare.11Dr. Alok Yadav
 
History and future cybercrime
History and future cybercrimeHistory and future cybercrime
History and future cybercrimeOnline
 
Cyber war a threat to indias homeland security 2015
Cyber war a threat to indias homeland security 2015Cyber war a threat to indias homeland security 2015
Cyber war a threat to indias homeland security 2015Ajay Serohi
 
MITRE ATT&CK Updates: State of the ATT&CK (ATT&CKcon 4.0 Edition)
MITRE ATT&CK Updates: State of the ATT&CK (ATT&CKcon 4.0 Edition)MITRE ATT&CK Updates: State of the ATT&CK (ATT&CKcon 4.0 Edition)
MITRE ATT&CK Updates: State of the ATT&CK (ATT&CKcon 4.0 Edition)MITRE ATT&CK
 

What's hot (20)

Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
 
A military perspective on cyber security
A military perspective on cyber securityA military perspective on cyber security
A military perspective on cyber security
 
Cyberwarfare
CyberwarfareCyberwarfare
Cyberwarfare
 
CYBER TERRORISM
CYBER TERRORISM CYBER TERRORISM
CYBER TERRORISM
 
Chapter 15
Chapter 15Chapter 15
Chapter 15
 
War between Russia and Ukraine in cyber space
War between Russia and Ukraine in cyber spaceWar between Russia and Ukraine in cyber space
War between Russia and Ukraine in cyber space
 
Corporate threat vector and landscape
Corporate threat vector and landscapeCorporate threat vector and landscape
Corporate threat vector and landscape
 
Data Leakage Prevention
Data Leakage Prevention Data Leakage Prevention
Data Leakage Prevention
 
Analysing Ransomware
Analysing RansomwareAnalysing Ransomware
Analysing Ransomware
 
Cyber Threat Hunting Training (CCTHP)
Cyber Threat Hunting Training (CCTHP)Cyber Threat Hunting Training (CCTHP)
Cyber Threat Hunting Training (CCTHP)
 
Basic Concepts of information security.ppt
Basic Concepts of information security.pptBasic Concepts of information security.ppt
Basic Concepts of information security.ppt
 
Cyber warfare
Cyber warfareCyber warfare
Cyber warfare
 
Cyber warfare ss
Cyber warfare ssCyber warfare ss
Cyber warfare ss
 
Information warfare.11
Information warfare.11Information warfare.11
Information warfare.11
 
Threat Intelligence
Threat IntelligenceThreat Intelligence
Threat Intelligence
 
History and future cybercrime
History and future cybercrimeHistory and future cybercrime
History and future cybercrime
 
ISACA -Threat Hunting using Native Windows tools .pdf
ISACA -Threat Hunting using Native Windows tools .pdfISACA -Threat Hunting using Native Windows tools .pdf
ISACA -Threat Hunting using Native Windows tools .pdf
 
What is cyber resilience?
What is cyber resilience?What is cyber resilience?
What is cyber resilience?
 
Cyber war a threat to indias homeland security 2015
Cyber war a threat to indias homeland security 2015Cyber war a threat to indias homeland security 2015
Cyber war a threat to indias homeland security 2015
 
MITRE ATT&CK Updates: State of the ATT&CK (ATT&CKcon 4.0 Edition)
MITRE ATT&CK Updates: State of the ATT&CK (ATT&CKcon 4.0 Edition)MITRE ATT&CK Updates: State of the ATT&CK (ATT&CKcon 4.0 Edition)
MITRE ATT&CK Updates: State of the ATT&CK (ATT&CKcon 4.0 Edition)
 

Viewers also liked

Threats to the Grid | Cyber Challenges Impacting the Energy Sector
Threats to the Grid | Cyber Challenges Impacting the Energy Sector Threats to the Grid | Cyber Challenges Impacting the Energy Sector
Threats to the Grid | Cyber Challenges Impacting the Energy Sector Invincea, Inc.
 
Detection and Analysis of 0-Day Threats
Detection and Analysis of 0-Day ThreatsDetection and Analysis of 0-Day Threats
Detection and Analysis of 0-Day ThreatsInvincea, Inc.
 
S4 krotofil afternoon_sesh_2017
S4 krotofil afternoon_sesh_2017S4 krotofil afternoon_sesh_2017
S4 krotofil afternoon_sesh_2017Marina Krotofil
 
Analytics for Smart Grid Cyber security
Analytics for Smart Grid Cyber securityAnalytics for Smart Grid Cyber security
Analytics for Smart Grid Cyber securityBoston Global Forum
 
BGF-UNESCO-at-UCLA conference - Madness - The dynamics of International Cyber...
BGF-UNESCO-at-UCLA conference - Madness - The dynamics of International Cyber...BGF-UNESCO-at-UCLA conference - Madness - The dynamics of International Cyber...
BGF-UNESCO-at-UCLA conference - Madness - The dynamics of International Cyber...Boston Global Forum
 
Cyber terrorism power point
Cyber terrorism power pointCyber terrorism power point
Cyber terrorism power pointjessicafay2010
 
Smart Grid Cyber Security
Smart Grid Cyber SecuritySmart Grid Cyber Security
Smart Grid Cyber SecurityJAZEEL K T
 

Viewers also liked (8)

Threats to the Grid | Cyber Challenges Impacting the Energy Sector
Threats to the Grid | Cyber Challenges Impacting the Energy Sector Threats to the Grid | Cyber Challenges Impacting the Energy Sector
Threats to the Grid | Cyber Challenges Impacting the Energy Sector
 
Detection and Analysis of 0-Day Threats
Detection and Analysis of 0-Day ThreatsDetection and Analysis of 0-Day Threats
Detection and Analysis of 0-Day Threats
 
S4 krotofil afternoon_sesh_2017
S4 krotofil afternoon_sesh_2017S4 krotofil afternoon_sesh_2017
S4 krotofil afternoon_sesh_2017
 
Analytics for Smart Grid Cyber security
Analytics for Smart Grid Cyber securityAnalytics for Smart Grid Cyber security
Analytics for Smart Grid Cyber security
 
BGF-UNESCO-at-UCLA conference - Madness - The dynamics of International Cyber...
BGF-UNESCO-at-UCLA conference - Madness - The dynamics of International Cyber...BGF-UNESCO-at-UCLA conference - Madness - The dynamics of International Cyber...
BGF-UNESCO-at-UCLA conference - Madness - The dynamics of International Cyber...
 
Cyber terrorism power point
Cyber terrorism power pointCyber terrorism power point
Cyber terrorism power point
 
Smart Grid Cyber Security
Smart Grid Cyber SecuritySmart Grid Cyber Security
Smart Grid Cyber Security
 
Cyber Terrorism
Cyber TerrorismCyber Terrorism
Cyber Terrorism
 

Similar to Cyber attacks in Ukraine

https://uii.io/Oneconflict
https://uii.io/Oneconflicthttps://uii.io/Oneconflict
https://uii.io/OneconflictLucas395677
 
Technical, Legal and Political Issues of Combating Terrorism on the Internet.
Technical, Legal and Political Issues of Combating Terrorism on the Internet.Technical, Legal and Political Issues of Combating Terrorism on the Internet.
Technical, Legal and Political Issues of Combating Terrorism on the Internet.Abzetdin Adamov
 
Changing Domains - The Cyber Info Realm 2023.pdf
Changing Domains - The Cyber Info Realm 2023.pdfChanging Domains - The Cyber Info Realm 2023.pdf
Changing Domains - The Cyber Info Realm 2023.pdfBenjamin Ang
 
Cyber Situational Awareness: TechNet Augusta 2015
Cyber Situational Awareness: TechNet Augusta 2015Cyber Situational Awareness: TechNet Augusta 2015
Cyber Situational Awareness: TechNet Augusta 2015AFCEA International
 
Event: George Washington University -- National Security Threat Convergence: ...
Event: George Washington University -- National Security Threat Convergence: ...Event: George Washington University -- National Security Threat Convergence: ...
Event: George Washington University -- National Security Threat Convergence: ...Chuck Brooks
 
Security News Byes- Nov
Security News Byes- NovSecurity News Byes- Nov
Security News Byes- Novprashsiv
 
Cyber Security, Cyber Warfare
Cyber Security, Cyber WarfareCyber Security, Cyber Warfare
Cyber Security, Cyber WarfareAmit Anand
 
Cybercrime and security.pptx
Cybercrime and security.pptxCybercrime and security.pptx
Cybercrime and security.pptxEnginAltan4
 
GovSec Joyal New Threat Matrix
GovSec Joyal New Threat MatrixGovSec Joyal New Threat Matrix
GovSec Joyal New Threat MatrixPaul Joyal
 
Focus on cyber threats in hacking cycle
Focus on cyber threats in hacking cycle Focus on cyber threats in hacking cycle
Focus on cyber threats in hacking cycle David Sweigert
 
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving TheatreThe Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving TheatreRadware
 
Cybercrime and Cybersecurity Governance: A Kenyan Perspective
Cybercrime and Cybersecurity Governance: A Kenyan PerspectiveCybercrime and Cybersecurity Governance: A Kenyan Perspective
Cybercrime and Cybersecurity Governance: A Kenyan PerspectiveIvan Sang
 
State of Cyber Crime in Banking Sector Today: Threats and Solutions
State of Cyber Crime in Banking Sector Today: Threats and SolutionsState of Cyber Crime in Banking Sector Today: Threats and Solutions
State of Cyber Crime in Banking Sector Today: Threats and SolutionsGoutama Bachtiar
 
A US Cybersecurity Strategy for 2030
A US Cybersecurity Strategy for 2030A US Cybersecurity Strategy for 2030
A US Cybersecurity Strategy for 2030Scott Dickson
 
The New Front Line:An observation of cyber threats in the 21st century
The New Front Line:An observation of cyber threats in the 21st centuryThe New Front Line:An observation of cyber threats in the 21st century
The New Front Line:An observation of cyber threats in the 21st centuryJonathan Francis Roscoe
 
chapter 8- Management Information Systems Managing the Digital Firm
chapter 8- Management Information Systems Managing the Digital Firmchapter 8- Management Information Systems Managing the Digital Firm
chapter 8- Management Information Systems Managing the Digital FirmMohamad Fathi
 

Similar to Cyber attacks in Ukraine (20)

https://uii.io/Oneconflict
https://uii.io/Oneconflicthttps://uii.io/Oneconflict
https://uii.io/Oneconflict
 
Cyber Wars.pptx
Cyber Wars.pptxCyber Wars.pptx
Cyber Wars.pptx
 
Mis chapter 9
Mis chapter 9Mis chapter 9
Mis chapter 9
 
Technical, Legal and Political Issues of Combating Terrorism on the Internet.
Technical, Legal and Political Issues of Combating Terrorism on the Internet.Technical, Legal and Political Issues of Combating Terrorism on the Internet.
Technical, Legal and Political Issues of Combating Terrorism on the Internet.
 
Cyberware
CyberwareCyberware
Cyberware
 
Changing Domains - The Cyber Info Realm 2023.pdf
Changing Domains - The Cyber Info Realm 2023.pdfChanging Domains - The Cyber Info Realm 2023.pdf
Changing Domains - The Cyber Info Realm 2023.pdf
 
Cyber Situational Awareness: TechNet Augusta 2015
Cyber Situational Awareness: TechNet Augusta 2015Cyber Situational Awareness: TechNet Augusta 2015
Cyber Situational Awareness: TechNet Augusta 2015
 
Event: George Washington University -- National Security Threat Convergence: ...
Event: George Washington University -- National Security Threat Convergence: ...Event: George Washington University -- National Security Threat Convergence: ...
Event: George Washington University -- National Security Threat Convergence: ...
 
Security News Byes- Nov
Security News Byes- NovSecurity News Byes- Nov
Security News Byes- Nov
 
Cyber Security, Cyber Warfare
Cyber Security, Cyber WarfareCyber Security, Cyber Warfare
Cyber Security, Cyber Warfare
 
Cybercrime and security.pptx
Cybercrime and security.pptxCybercrime and security.pptx
Cybercrime and security.pptx
 
GovSec Joyal New Threat Matrix
GovSec Joyal New Threat MatrixGovSec Joyal New Threat Matrix
GovSec Joyal New Threat Matrix
 
Focus on cyber threats in hacking cycle
Focus on cyber threats in hacking cycle Focus on cyber threats in hacking cycle
Focus on cyber threats in hacking cycle
 
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving TheatreThe Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
 
Cybercrime and Cybersecurity Governance: A Kenyan Perspective
Cybercrime and Cybersecurity Governance: A Kenyan PerspectiveCybercrime and Cybersecurity Governance: A Kenyan Perspective
Cybercrime and Cybersecurity Governance: A Kenyan Perspective
 
State of Cyber Crime in Banking Sector Today: Threats and Solutions
State of Cyber Crime in Banking Sector Today: Threats and SolutionsState of Cyber Crime in Banking Sector Today: Threats and Solutions
State of Cyber Crime in Banking Sector Today: Threats and Solutions
 
A US Cybersecurity Strategy for 2030
A US Cybersecurity Strategy for 2030A US Cybersecurity Strategy for 2030
A US Cybersecurity Strategy for 2030
 
The New Front Line:An observation of cyber threats in the 21st century
The New Front Line:An observation of cyber threats in the 21st centuryThe New Front Line:An observation of cyber threats in the 21st century
The New Front Line:An observation of cyber threats in the 21st century
 
Cybercrime
CybercrimeCybercrime
Cybercrime
 
chapter 8- Management Information Systems Managing the Digital Firm
chapter 8- Management Information Systems Managing the Digital Firmchapter 8- Management Information Systems Managing the Digital Firm
chapter 8- Management Information Systems Managing the Digital Firm
 

More from Nick Bilogorskiy

Collecting computers for Ukraine
Collecting computers for UkraineCollecting computers for Ukraine
Collecting computers for UkraineNick Bilogorskiy
 
Nova Ukraine: Computers Collection
Nova Ukraine: Computers CollectionNova Ukraine: Computers Collection
Nova Ukraine: Computers CollectionNick Bilogorskiy
 
Putin.Voina - Nemtsov report
Putin.Voina - Nemtsov reportPutin.Voina - Nemtsov report
Putin.Voina - Nemtsov reportNick Bilogorskiy
 
Dissecting Zeus by Nick Bilogorskiy
Dissecting Zeus by Nick BilogorskiyDissecting Zeus by Nick Bilogorskiy
Dissecting Zeus by Nick BilogorskiyNick Bilogorskiy
 
Comscore US mobile App report 2014
Comscore US mobile App report 2014Comscore US mobile App report 2014
Comscore US mobile App report 2014Nick Bilogorskiy
 

More from Nick Bilogorskiy (12)

Collecting computers for Ukraine
Collecting computers for UkraineCollecting computers for Ukraine
Collecting computers for Ukraine
 
Nova Ukraine: Computers Collection
Nova Ukraine: Computers CollectionNova Ukraine: Computers Collection
Nova Ukraine: Computers Collection
 
Vareniki Party Aug 28
Vareniki Party Aug 28Vareniki Party Aug 28
Vareniki Party Aug 28
 
Putin.Voina - Nemtsov report
Putin.Voina - Nemtsov reportPutin.Voina - Nemtsov report
Putin.Voina - Nemtsov report
 
Malvertising
MalvertisingMalvertising
Malvertising
 
Attack on Sony
Attack on SonyAttack on Sony
Attack on Sony
 
Botnet Interactions 2009
Botnet Interactions 2009Botnet Interactions 2009
Botnet Interactions 2009
 
Future of Ukraine Panel
Future of Ukraine PanelFuture of Ukraine Panel
Future of Ukraine Panel
 
Babylon 13-2015-poster
Babylon 13-2015-posterBabylon 13-2015-poster
Babylon 13-2015-poster
 
Dissecting Zeus by Nick Bilogorskiy
Dissecting Zeus by Nick BilogorskiyDissecting Zeus by Nick Bilogorskiy
Dissecting Zeus by Nick Bilogorskiy
 
Resume
ResumeResume
Resume
 
Comscore US mobile App report 2014
Comscore US mobile App report 2014Comscore US mobile App report 2014
Comscore US mobile App report 2014
 

Recently uploaded

Introduction to Machine Learning Unit-4 Notes for II-II Mechanical Engineering
Introduction to Machine Learning Unit-4 Notes for II-II Mechanical EngineeringIntroduction to Machine Learning Unit-4 Notes for II-II Mechanical Engineering
Introduction to Machine Learning Unit-4 Notes for II-II Mechanical EngineeringC Sai Kiran
 
The Ultimate Guide to External Floating Roofs for Oil Storage Tanks.docx
The Ultimate Guide to External Floating Roofs for Oil Storage Tanks.docxThe Ultimate Guide to External Floating Roofs for Oil Storage Tanks.docx
The Ultimate Guide to External Floating Roofs for Oil Storage Tanks.docxCenterEnamel
 
WATER CRISIS and its solutions-pptx 1234
WATER CRISIS and its solutions-pptx 1234WATER CRISIS and its solutions-pptx 1234
WATER CRISIS and its solutions-pptx 1234AafreenAbuthahir2
 
A CASE STUDY ON ONLINE TICKET BOOKING SYSTEM PROJECT.pdf
A CASE STUDY ON ONLINE TICKET BOOKING SYSTEM PROJECT.pdfA CASE STUDY ON ONLINE TICKET BOOKING SYSTEM PROJECT.pdf
A CASE STUDY ON ONLINE TICKET BOOKING SYSTEM PROJECT.pdfKamal Acharya
 
Automobile Management System Project Report.pdf
Automobile Management System Project Report.pdfAutomobile Management System Project Report.pdf
Automobile Management System Project Report.pdfKamal Acharya
 
Toll tax management system project report..pdf
Toll tax management system project report..pdfToll tax management system project report..pdf
Toll tax management system project report..pdfKamal Acharya
 
Digital Signal Processing Lecture notes n.pdf
Digital Signal Processing Lecture notes n.pdfDigital Signal Processing Lecture notes n.pdf
Digital Signal Processing Lecture notes n.pdfAbrahamGadissa
 
Immunizing Image Classifiers Against Localized Adversary Attacks
Immunizing Image Classifiers Against Localized Adversary AttacksImmunizing Image Classifiers Against Localized Adversary Attacks
Immunizing Image Classifiers Against Localized Adversary Attacksgerogepatton
 
fluid mechanics gate notes . gate all pyqs answer
fluid mechanics gate notes . gate all pyqs answerfluid mechanics gate notes . gate all pyqs answer
fluid mechanics gate notes . gate all pyqs answerapareshmondalnita
 
KIT-601 Lecture Notes-UNIT-4.pdf Frequent Itemsets and Clustering
KIT-601 Lecture Notes-UNIT-4.pdf Frequent Itemsets and ClusteringKIT-601 Lecture Notes-UNIT-4.pdf Frequent Itemsets and Clustering
KIT-601 Lecture Notes-UNIT-4.pdf Frequent Itemsets and ClusteringDr. Radhey Shyam
 
Online blood donation management system project.pdf
Online blood donation management system project.pdfOnline blood donation management system project.pdf
Online blood donation management system project.pdfKamal Acharya
 
RESORT MANAGEMENT AND RESERVATION SYSTEM PROJECT REPORT.pdf
RESORT MANAGEMENT AND RESERVATION SYSTEM PROJECT REPORT.pdfRESORT MANAGEMENT AND RESERVATION SYSTEM PROJECT REPORT.pdf
RESORT MANAGEMENT AND RESERVATION SYSTEM PROJECT REPORT.pdfKamal Acharya
 
The Benefits and Techniques of Trenchless Pipe Repair.pdf
The Benefits and Techniques of Trenchless Pipe Repair.pdfThe Benefits and Techniques of Trenchless Pipe Repair.pdf
The Benefits and Techniques of Trenchless Pipe Repair.pdfPipe Restoration Solutions
 
Pharmacy management system project report..pdf
Pharmacy management system project report..pdfPharmacy management system project report..pdf
Pharmacy management system project report..pdfKamal Acharya
 
Online resume builder management system project report.pdf
Online resume builder management system project report.pdfOnline resume builder management system project report.pdf
Online resume builder management system project report.pdfKamal Acharya
 
Top 13 Famous Civil Engineering Scientist
Top 13 Famous Civil Engineering ScientistTop 13 Famous Civil Engineering Scientist
Top 13 Famous Civil Engineering Scientistgettygaming1
 
HYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generationHYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generationRobbie Edward Sayers
 
ENERGY STORAGE DEVICES INTRODUCTION UNIT-I
ENERGY STORAGE DEVICES INTRODUCTION UNIT-IENERGY STORAGE DEVICES INTRODUCTION UNIT-I
ENERGY STORAGE DEVICES INTRODUCTION UNIT-IVigneshvaranMech
 
Laundry management system project report.pdf
Laundry management system project report.pdfLaundry management system project report.pdf
Laundry management system project report.pdfKamal Acharya
 

Recently uploaded (20)

Introduction to Machine Learning Unit-4 Notes for II-II Mechanical Engineering
Introduction to Machine Learning Unit-4 Notes for II-II Mechanical EngineeringIntroduction to Machine Learning Unit-4 Notes for II-II Mechanical Engineering
Introduction to Machine Learning Unit-4 Notes for II-II Mechanical Engineering
 
The Ultimate Guide to External Floating Roofs for Oil Storage Tanks.docx
The Ultimate Guide to External Floating Roofs for Oil Storage Tanks.docxThe Ultimate Guide to External Floating Roofs for Oil Storage Tanks.docx
The Ultimate Guide to External Floating Roofs for Oil Storage Tanks.docx
 
WATER CRISIS and its solutions-pptx 1234
WATER CRISIS and its solutions-pptx 1234WATER CRISIS and its solutions-pptx 1234
WATER CRISIS and its solutions-pptx 1234
 
A CASE STUDY ON ONLINE TICKET BOOKING SYSTEM PROJECT.pdf
A CASE STUDY ON ONLINE TICKET BOOKING SYSTEM PROJECT.pdfA CASE STUDY ON ONLINE TICKET BOOKING SYSTEM PROJECT.pdf
A CASE STUDY ON ONLINE TICKET BOOKING SYSTEM PROJECT.pdf
 
Automobile Management System Project Report.pdf
Automobile Management System Project Report.pdfAutomobile Management System Project Report.pdf
Automobile Management System Project Report.pdf
 
Toll tax management system project report..pdf
Toll tax management system project report..pdfToll tax management system project report..pdf
Toll tax management system project report..pdf
 
Digital Signal Processing Lecture notes n.pdf
Digital Signal Processing Lecture notes n.pdfDigital Signal Processing Lecture notes n.pdf
Digital Signal Processing Lecture notes n.pdf
 
Immunizing Image Classifiers Against Localized Adversary Attacks
Immunizing Image Classifiers Against Localized Adversary AttacksImmunizing Image Classifiers Against Localized Adversary Attacks
Immunizing Image Classifiers Against Localized Adversary Attacks
 
Standard Reomte Control Interface - Neometrix
Standard Reomte Control Interface - NeometrixStandard Reomte Control Interface - Neometrix
Standard Reomte Control Interface - Neometrix
 
fluid mechanics gate notes . gate all pyqs answer
fluid mechanics gate notes . gate all pyqs answerfluid mechanics gate notes . gate all pyqs answer
fluid mechanics gate notes . gate all pyqs answer
 
KIT-601 Lecture Notes-UNIT-4.pdf Frequent Itemsets and Clustering
KIT-601 Lecture Notes-UNIT-4.pdf Frequent Itemsets and ClusteringKIT-601 Lecture Notes-UNIT-4.pdf Frequent Itemsets and Clustering
KIT-601 Lecture Notes-UNIT-4.pdf Frequent Itemsets and Clustering
 
Online blood donation management system project.pdf
Online blood donation management system project.pdfOnline blood donation management system project.pdf
Online blood donation management system project.pdf
 
RESORT MANAGEMENT AND RESERVATION SYSTEM PROJECT REPORT.pdf
RESORT MANAGEMENT AND RESERVATION SYSTEM PROJECT REPORT.pdfRESORT MANAGEMENT AND RESERVATION SYSTEM PROJECT REPORT.pdf
RESORT MANAGEMENT AND RESERVATION SYSTEM PROJECT REPORT.pdf
 
The Benefits and Techniques of Trenchless Pipe Repair.pdf
The Benefits and Techniques of Trenchless Pipe Repair.pdfThe Benefits and Techniques of Trenchless Pipe Repair.pdf
The Benefits and Techniques of Trenchless Pipe Repair.pdf
 
Pharmacy management system project report..pdf
Pharmacy management system project report..pdfPharmacy management system project report..pdf
Pharmacy management system project report..pdf
 
Online resume builder management system project report.pdf
Online resume builder management system project report.pdfOnline resume builder management system project report.pdf
Online resume builder management system project report.pdf
 
Top 13 Famous Civil Engineering Scientist
Top 13 Famous Civil Engineering ScientistTop 13 Famous Civil Engineering Scientist
Top 13 Famous Civil Engineering Scientist
 
HYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generationHYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generation
 
ENERGY STORAGE DEVICES INTRODUCTION UNIT-I
ENERGY STORAGE DEVICES INTRODUCTION UNIT-IENERGY STORAGE DEVICES INTRODUCTION UNIT-I
ENERGY STORAGE DEVICES INTRODUCTION UNIT-I
 
Laundry management system project report.pdf
Laundry management system project report.pdfLaundry management system project report.pdf
Laundry management system project report.pdf
 

Cyber attacks in Ukraine

  • 1. Unifying the Global Response to Cybercrime Cyber attacks in Ukraine during revolution and Russian intervention Glib Pakharenko gpaharenko (at) gmail.com 2014-10-13 This is solely my personal opinion Do not consider as call for any action
  • 2. Unifying the Global Response to Cybercrime Cyber attacks were before the revolution 2 Kyiv < 30 November 2013 Cyber attacks was quite popular before the revolution. • 100Gbit/s Ddos in UA segment in 2010 • politically motivated attacks before elections • Ddos on party sites • Compromise of accounts of politician • economically motivated attacks: • Ddos, on e-shops before Christmas • Mobile operators fraud • Carding • Internet banking unauthorized transfers • Lockers • SEO optimization, SPAM, etc. Police fights with pirated content, unauthorized porno-studios, and online gambling. Used to takes all servers and PC’s with them from victim or suspected.
  • 3. Unifying the Global Response to Cybercrime Ddos attacks was most popular during street protest 3 December 2013-January 2014 The rate of attacks grows enormously (but dropped for Christmas holidays): • Ddos attacks against opposition media (BlackEnergy, DirtJumper – Russian made); • Police takes servers from opposition office; • Personal accounts of opposition politicians hacked; • Banks, which served accounts of opposition under hacking attacks (unauthorized transfer and then a Ddos to hide the fraud); • Anonymous attack government sites; • A “red” alarm level was on UA nuclear stations when protesters took the ministry of energy building, where control systems were located; • A PC which controls electricity in the city hall was broken, which led to its black-out; • Malicious traffic from Russia rerouted out of Ukraine through Belarus and Cyprus (HostExploit statistics). That’s why the first time in recent years, Ukraine was not in the list of countries with boosted cybercrime.
  • 4. Unifying the Global Response to Cybercrime Mobile technologies were used during the peak of Revolution 4 Feb 2014 During the peak of the Revolution mobile technologies was most important: • Opposition Parliament member phones were flooded with SMS&Calls; • IMSI catcher mass messaging was used against protesters; • In West regions (where the Revolution started) in police departments only mobile phones were working (no PSTN or other connectivity); • Main opposition TV channel was turned off; • Police planned to turn off mobile connectivity; • In East regions police used mobile phone to compromise two-factor authentication and gain access to protester account.
  • 5. Unifying the Global Response to Cybercrime Russia occupies Crimea 5 Feb-March 2014 • Government under attack: • Ddos on the parliament site to prohibit law publishing; • Ddos on other sites (national security council, president, etc.); • Physical attack on cabling infrastructure in Crimea; • Anonymous attack sites of Russian government in Crimea; • Russia turned-off UA channels in Crimea; • Broadcasters were unable to take their telecom equipment hosted in Crimea government datacenters; • Enormous amount of government and personal data from IT systems now in Russian hands; • Increased amount of GSM fraud from Crimea against UA operators (as UA law enforcement no longer effective there); • Russian IT-security NGO RISSPA censored anti-war discussions in its forum; • Mass changes in Wikipedia articles; • UA broadcasting satellite “Lybid” was not launched, as the space control center was conquered.
  • 6. Unifying the Global Response to Cybercrime War with Russia 6 April 2014 – till now Russia effectively use cyber-technology to support their war. Physical attacks are especially dangerous against: • cabling and broadcast infrastructure in area of fighting (media and financial services unavailable); • cabling infrastructure in Kyiv (terracts); • ATMs of specific banks all over Ukraine (terracts). Mobile technology attacks: • Used for correction of artillery fire; • Talks interception; • Traffic rerouting into Russia using VLR/HRL updates; • Forensics of devices owned by UA supporters; Hacking attempts against IT systems of: • UA officials and businessmen accounts; • Local and central public administration; • Electronic election systems (coordinated with Russian main TV channel); • Railway IT systems; • Mobile operators; Russian military activity coordinated with Russian TV channels.
  • 7. Unifying the Global Response to Cybercrime Russia acts 7 April 2014 – till now Russia has big potential for future cyber conflict: • Mass attacks similar (like against Estonia and Georgia); • Data interception in Russian IT services: • Ukrainians use Mail.ru, VK.com, etc.; • UA sites have counters (JavaScript)from Yandex; • Kaspersky, Dr. Web, 1C, Abby are very popular; • Russian owns or influence UA: • mobile operators (MTS, Kyivstar); • IT integrators and distributors (RRC, Jet); • Parameters of national encryption standard; • Support centers based in Russia (e.g. Arbor); • Webmoney (installs their root CA in browser!); • SCADA systems produced in Russia; • Internet-banking produced in Russia; • Anti-Ddos solutions (traffic rerouted to Moscow); • On the occupied territory: • Internet censorship (blocking UA sites); • Taking ownership on telecom and media property; • UA TV channels are turned off.
  • 8. Unifying the Global Response to Cybercrime Russia acts (continued) 8 April 2014 – till now Russian cyber criminals became very active: • Specialized botnets being created from UA users only; • Mass attacks against smartphone users over SMS; • Even Smart TV’s were infected and forced to show terrorist channels; Russian propaganda is very effective: • Thousands of bots and operators work to influence rating and comments in social media or on popular news sites; • Pro-Russian articles all over the Internet (even on IT sites); Terrorists use Internet to: • Recruited new members; • Communicate with each other in a secure way. Terrorists warn about bombs in main TV channels in Kyiv.
  • 9. Unifying the Global Response to Cybercrime Examples of attacks linked to Russia There are elements indicating the involvement of the Russian in letters 9
  • 10. Unifying the Global Response to Cybercrime Examples of attacks linked to Russia Mass mailing Trojans Android users Some files are signs of Russian-origin 10
  • 11. Unifying the Global Response to Cybercrime Examples of attacks linked to Russia Social network Vkontakte used by fraudsters for target viral infection 11
  • 12. Unifying the Global Response to Cybercrime Ukraine response 12 April 2014 – till now Ukraine improves its response in cyber-space: • Close access to national registers from occupied territories; • Terrorist communications being intercepted; • Blocking of terrorist sites; • Prosecution authors of terrorist content; • Improve capabilities of CERT-UA team; • Development of national cyber-security legislation; • Limiting usage of Russian software; • Limited usage of mobile phones on war territory; • Fight with Russian cyber-criminals; • Increased collaboration between government and private sectors. • Mobilizaiton of Ukrainian chapters and NGOs like ISACA Kyiv chapter, OWASP, UISG etc. ; • Volunteers give IT equipment to army.
  • 13. Unifying the Global Response to Cybercrime Even more effort required (lessons learned) 13 Cyber-war is effectively supports military operations. • Put cyber-security into your “crisis-plan”, when your closest ally becomes an enemy; • Do not have all your Internet traffic routed through a single neighbor country; • Clean your country networks (DNS&NTP servers, infected PC, no pirated software); • Design your web sites to be compatible with anti-ddos solutions (but attacks can flood your office WAN links to defeat anti-ddos service); • Monitor attacks, exchange information about them, research them; • Implement effective filtering mechanism on national exchange points; • Implement BCP plans for media to work in zones of war or terrorist attacks and deliver government information to audience in those areas; • Have a strong cyber-research capabilities in your country; • Have a strong national IT services (resist to globalization); • Implement controls for unauthorized use of lawful interception and cyber-operations by public authorities; • Implement national security standards acceptable both in public and private sector; • Make a simple and easy mechanisms for private researchers to get attack details; • Support creation of many CERT teams as possible; • Provide military and special forces with capabilities of effective large scale cyber-operations and forensics; • Prepare for occupation: have encryption, hidden communication with your partners, emergency data erase and quick recovery of IT systems in other geographical region.
  • 14. Unifying the Global Response to Cybercrime Ukrainians afraid to use “made in Russia” Might be controlled remotely loads javascript code 14
  • 15. Unifying the Global Response to Cybercrime Ukrainians afraid to use “made in Russia” Might be controlled by the Federal Security Service 15
  • 16. Unifying the Global Response to Cybercrime Ukrainians afraid to use “made in Russia” 16
  • 17. Unifying the Global Response to Cybercrime BE READY TO PROTECT YOUR INDEPENDENCE AND DEMOCRACY 17 Share your ideas about improving national cyber security capabilities with me gpaharenko [at] gmail.com