Systematized experience of war: current issues of IT and cyber security in Ukraine

02/ 09/ 2022

Listen to online Stop   Business information security and protection against cyber threats becomes especially important in war. The problems faced by business during the war and how to improve the security infrastructure, establish processes and speed up the response to cyber threats were discussed during the EBA Odesa online discussion on the topic Systematized experience of war: current issues of IT and cyber security. The meeting was moderated by Valery Shnurenko, Head of the EBA Odesa Corporate Working Group, Head of Corporate Security of the RISOIL Group. Ihor Shevtsov, Executive Director SK Security, EBA Business Security and Protection Committee spoke briefly about the forecasts of the military fall in Ukraine. So, most businesses in Ukraine at the time of a full-scale invasion met the disaster unprepared, and then struggled to eliminate its consequences, and some businesses simply closed. And even now, some companies do not have an action plan for constantly changing conditions, do not use intelligence analytics, and they do not have their own security service and do not have a risk map. According to the speaker, taking into account the current hostilities, the possible risks for the fall are: an escalation of hostilities in the region where the business is located, the work of sabotage groups and terrorist activities, the threat of explosions in the liberated territory, the destruction of critical infrastructure by Russia, the growth of a criminal environment - a large number weapons in hand, unemployment, falling standard of living - all these are official data. In connection with this and the significant involvement of law enforcement agencies in the defence of the country, the growth of cyber-attacks, kidnapping, raiding, etc. will be simplified. Therefore, Mr. Ihor recommended that businesses pay special attention to the physical protection of key employees, business owners and their family members, as well as commodity and material values. Conduct activities on the topic of cyber hygiene. Pay more attention to personnel safety and cleanliness of contractors. And once again, develop an evacuation plan, conduct a legal recording of the companys losses from military operations, and prepare appropriate risks. And for civilians, the speaker advised to purchase a firearm and to undergo practice in the procedure of emergency situations. Serhii Yevchuk, CEO FS GROUP – DEVELOPMENT talked about the assessment of the state of cyber threats and provided recommendations for business in connection with the war. After all, now the issue of protection of organizations systems is particularly acute. In particular, the speaker recommended companies: create a register of the companys information assets with a description of equipment and programs, firmware and software versions, implement the ISO27001 information security standard: conduct systematic internal audits, create an individual information security policy based on the principles of integrity, confidentiality and availability, monitor trends hacker attacks that are characteristic of your activity, improve the information protection system in accordance with them, etc. Temuri Lordkipanidze, Architect of IT Solutions Greennet shared information about the use of periodic IT-Security audits, penetration tests, threat hunting, and also talked about the use of training of cyber security specialists on the basis of cyber polygons. The speaker also conducted an analysis of cases related to the neglect of the implementation of Disaster Recovery/Business Continuity approaches and the lack of deployed backup data centres. In particular, he spoke about cases related to the provision of alternative non-terrestrial communication channels for the provision of communication. The expert also provided recommendations on the imposed protection of cloud resources, strengthening and detailing the governments regulation on ensuring the necessary level of cyber security in critical infrastructure companies, intensifying the deployment of the Security Operations Center, deepening SOC expertise, etc. Yuriy Golovach, Country General Manager SQUAD spoke in simple words about cyber war, cyber troops and their role in the security of Ukraine. Currently, during the war, Ukraine is receiving massive DDos attacks, and Ukrainian schoolchildren are waging a powerful cyber war with Russia. Among the main elements of cyber-attacks and protection, the speaker singles out: DDos (massive DDoS) is an attack when your analytical computers are clogged with requests from the outside and the system goes down because it simply cannot cope with incoming requests. Next comes social engineering. Thus, starting with phishing when your employees receive emails with changed access passwords, virus files and links, etc. And your employee has a browser that does not check site certificates. All this leads to criminals obtaining confidential data. Port scan and software definition (penetration testing). Often the software receives an automatic update, this update may contain errors. And criminals know exactly about these errors and use them to launch a cyber attack and gain access to your data. However, with Apple and Linux, your data will be more secure. Chain of trust. In protected systems, when the developer is the owner of this system, he can make a chain of trust - when there is an update of the operating system, then there is an update of the components, and they validate each others certificates every time. It is designed to ensure that only trusted programs and hardware can be used. We see that it is not easy to do business in the conditions of military operations, but everyone must prepare well and conduct work on their own front. Thanks to our speakers for their expert advice! Together we will win!

Business information security and protection against cyber threats becomes especially important in war.

The problems faced by business during the war and how to improve the security infrastructure, establish processes and speed up the response to cyber threats were discussed during the EBA Odesa online discussion on the topic “Systematized experience of war: current issues of IT and cyber security”.

The meeting was moderated by Valery Shnurenko, Head of the EBA Odesa Corporate Working Group, Head of Corporate Security of the RISOIL Group.

Ihor Shevtsov, Executive Director SK Security, EBA Business Security and Protection Committee spoke briefly about the forecasts of the military fall in Ukraine. So, most businesses in Ukraine at the time of a full-scale invasion met the disaster unprepared, and then struggled to eliminate its consequences, and some businesses simply closed. And even now, some companies do not have an action plan for constantly changing conditions, do not use intelligence analytics, and they do not have their own security service and do not have a risk map.

According to the speaker, taking into account the current hostilities, the possible risks for the fall are: an escalation of hostilities in the region where the business is located, the work of sabotage groups and terrorist activities, the threat of explosions in the liberated territory, the destruction of critical infrastructure by Russia, the growth of a criminal environment – a large number weapons in hand, unemployment, falling standard of living – all these are official data. In connection with this and the significant involvement of law enforcement agencies in the defence of the country, the growth of cyber-attacks, kidnapping, raiding, etc. will be simplified.

Therefore, Mr. Ihor recommended that businesses pay special attention to the physical protection of key employees, business owners and their family members, as well as commodity and material values. Conduct activities on the topic of cyber hygiene. Pay more attention to personnel safety and cleanliness of contractors. And once again, develop an evacuation plan, conduct a legal recording of the company’s losses from military operations, and prepare appropriate risks. And for civilians, the speaker advised to purchase a firearm and to undergo practice in the procedure of emergency situations.

Serhii Yevchuk, CEO FS GROUP – DEVELOPMENT talked about the assessment of the state of cyber threats and provided recommendations for business in connection with the war. After all, now the issue of protection of organizations’ systems is particularly acute. In particular, the speaker recommended companies: create a register of the company’s information assets with a description of equipment and programs, firmware and software versions, implement the ISO27001 information security standard: conduct systematic internal audits, create an individual information security policy based on the principles of integrity, confidentiality and availability, monitor trends hacker attacks that are characteristic of your activity, improve the information protection system in accordance with them, etc.

Temuri Lordkipanidze, Architect of IT Solutions Greennet shared information about the use of periodic IT-Security audits, penetration tests, threat hunting, and also talked about the use of training of cyber security specialists on the basis of cyber polygons. The speaker also conducted an analysis of cases related to the neglect of the implementation of Disaster Recovery/Business Continuity approaches and the lack of deployed backup data centres. In particular, he spoke about cases related to the provision of alternative non-terrestrial communication channels for the provision of communication. The expert also provided recommendations on the imposed protection of cloud resources, strengthening and detailing the government’s regulation on ensuring the necessary level of cyber security in critical infrastructure companies, intensifying the deployment of the Security Operations Center, deepening SOC expertise, etc.

Yuriy Golovach, Country General Manager SQUAD spoke in simple words about cyber war, cyber troops and their role in the security of Ukraine. Currently, during the war, Ukraine is receiving massive DDos attacks, and Ukrainian schoolchildren are waging a powerful cyber war with Russia.

Among the main elements of cyber-attacks and protection, the speaker singles out:

DDos (massive DDoS) is an attack when your analytical computers are clogged with requests from the outside and the system goes down because it simply cannot cope with incoming requests.

Next comes social engineering. Thus, starting with phishing when your employees receive emails with changed access passwords, virus files and links, etc. And your employee has a browser that does not check site certificates. All this leads to criminals obtaining confidential data.

Port scan and software definition (penetration testing). Often the software receives an automatic update, this update may contain errors. And criminals know exactly about these errors and use them to launch a cyber attack and gain access to your data. However, with Apple and Linux, your data will be more secure.

Chain of trust. In protected systems, when the developer is the owner of this system, he can make a chain of trust – when there is an update of the operating system, then there is an update of the components, and they validate each other’s certificates every time. It is designed to ensure that only trusted programs and hardware can be used.

We see that it is not easy to do business in the conditions of military operations, but everyone must prepare well and conduct work on their own front. Thanks to our speakers for their expert advice! Together we will win!