Back in 2016, NATO officially recognized cyberspace as one of the arenas of military operations. Therefore, it is not surprising that the fighting on this front intensified with the beginning of the large-scale russian aggression. We accepted this battle with dignity! It is logical that the meeting of the Presidium of the National Academy of Sciences of Ukraine considered the extremely hot issue of cyber protection of information technologies.
Threats in cyber space are evolving and improving. Oleksiy Novikov, the Director of the Physical and Technical Institute of NTUU “Igor Sikorsky Kyiv Polytechnic Institute”, associate member of the National Academy of Sciences of Ukraine, told about it. Thus, there are four groups of threat carriers in cyberspace and four periods of their action. From 1975 to the present day, there were actions of unorganized amateurs. Since 1980, the actions of organized hacker groups are observed. Since 1998, there are actions of cyber formations financed by the state, and the period since 2010 is the time of the cyber weapons use and cyber troops’ activities.
The geography of threats in cyber space was also formed. According to Microsoft Corporation, in 2020-2021, the most hacker attacks were recorded from the russian federation – 58%, North Korea – 23%, and Iran – 11%. The majority of hacker attacks were directed against the United States of America – 46%, Ukraine – 19% (second place!) and Great Britain – 9%.
Digital Armageddon did not took place
Over the past ten years, Ukraine has experienced and defeated dozens of challenging cyberattacks. According to Academician Novikov, the attack on the Vybory information system during the presidential elections in 2014, the attack by the BlackEnergy Trojan program on a number of regional energy companies in December 2015, etc, are the most known.
Oleksiy Novikov cited data from the State Intelligence Service, according to which 90% of hacker groups of russians participating in the cyber war against Ukraine belong to security forces – primarily, the main intelligence department of the russian general staff, the FSB (federal security service) and the foreign intelligence service.
– Despite all the efforts of the russians, the national cyber security system of Ukraine demonstrated high resilience, the ability to respond to extraordinary events, proved the professionalism of the staff, – Oleksiy Novikov noted. – Digital Armageddon did not happen in Ukraine.
The scientist emphasized that the success of Ukraine in the cyber war against the russians is explained by longstanding work on building and strengthening the national cyber security system – from the beginning of its creation 30 years ago to the NSDC’s resolution on the formation of cyber troops in Ukraine.
Defense order
Oleksiy Novikov is convinced that the important key to deterring russian cyber aggression is the activization of scientific institutions, teams of information technology specialists, and an increase in high-quality cyber security developments.
As the scientist said, KPI Phystech has many years of experience in scientific and technical work in information and cyber security. In recent years, dozens of works on the state defense order related to the theory and practice of computer modeling, monitoring, state analysis and design of cyber protection systems have been completed, including the creation of models, descriptions, the latest cyber protection scenarios, methods of countering external attacks, and software templates.
In 2021, PhTI performed 5 works on the state defense order in the amount of about 4 million hryvnias. One of them is “Software and hardware complex for analyzing computer programs and their updates for the absence of undocumented functions.” It was completed at the request of the State Special Comms of Ukraine.
– The advantage of the complex is its computational efficiency, which makes it possible to analyze real software of a large volume (over 1 million instructions) in an acceptable time (from minutes to several days) on commercially available mid-level workstations, – Oleksiy Novikov explained.
In 2021, the State Special Comms of Ukraine put the complex into operation. It is planned to replicate and distribute this complex throughout Ukraine.
Another development of KPI in this area is a software complex for designing a system of cybernetic protection of information and telecommunication systems. – The method is based on a logical-probabilistic model of the success of cyberattacks on the information and communication system, taking into account the multitude of threats and protection mechanisms, – Oleksiy Novikov added.
But not by developments alone. According to Oleksiy Novikov, an important stage in execution of the implemented projects is advanced training of the customer’s personnel. In recent years, teachers of the Physical and Technical Institute of KPI have conducted about a dozen trainings for customers.
The First World Cyber War
According to Viktor Zhora, Deputy Head of the State Service for Special Communications and Information Protection of Ukraine on Digital Development, Digital Transformations and Digitalization, we actually observe the first world cyber war, which is combined with a full-scale russia invasion.
The State Service for Special Communications and Information Protection of Ukraine is one of the main components of the national cyber security system, it forms and implements state policy in cyber protection.
– On the basis of our Service, there is a single governmental computer emergency response team that deals with cyber challenges and investigates them, – Viktor Zhora said. – Since the beginning of this year, the team recorded 1,350 cyber incidents, which is almost three times the number of cyber attacks in the first half of 2021. Now we are actively countering cyber aggression against our state.
The fact that Ukraine demonstrates considerable success means that our state has effectively used the available rather limited resources to build a national cyber security system and improve the level of information protection in state institutions and critical information infrastructure facilities.
Regarding cooperation with the scientific community, the official noted that the Physical and Technical Institute of KPI is a reliable partner of the Service. The work mentioned in Oleksiy Novikov’s speech is as relevant as ever.
– For decades, our enemy has infiltrated the IT infrastructure of Ukraine with its software products, and tries to continue this policy, – Viktor Zhora said. – The complex developed at KPI, became the basis of the first laboratory in Ukraine for the study of software for the absence of undeclared functions. It is a very important component of the activity and our Service performs it together with other principal entities of the national cyber security system.
Chronicles of resistance
As Oleksandr Sapaliov, Head of the Cyber Security Situation Center at the Department of Counterintelligence Protection of State Interests in the Field of Innovative Security of the Security Service of Ukraine, said, preparations for cyber aggression against Ukraine lasted from August 2021 to January 13, 2022. During this period, the clandestine operation of all existing russian hacker groups continued. Then, from January 13, 2022, our security forces recorded the consolidation of all accesses to existing information and telecommunication systems in the hands of the military intelligence of russia, which continues to lead aggression in cyberspace against Ukraine. All special services of the enemy, as well as their “colleagues” from the belarusian hacker group, joined it.
– From January 13 to February 23, 2022, we were tested – what we are, what our cyber resistance system is, how we react together with other cyber security entitiess (because the SBU is not alone on this front): the State Service of Special Communications, intelligence agencies, the Ministry of Defense of Ukraine, the Armed Forces of Ukraine, the National Security and Defense Council of Ukraine, – Oleksandr Sapaliov continued.
In the early hours of February 24, 2022, there was a very serious attempt to destroy a large number of information and telecommunication systems of central authorities, registries, military and private sector, etc.
– However, thanks to the consolidation of all our efforts, as of five o’clock on the morning of February 24, 2022, when the military invasion began, the systems worked normally, – the official stated. – Certainly, cyber aggression did not stop until now. Russia practices all possible means and continues to develop new methods and ways to destroy our systems.
As for targets and objects, according to Oleksandr Sapaliov, the aggressors did not stop at “common” targets, but tried to block communication systems, in particular, satellite communication. A very interesting detail – recently they try to combine all their actions with informational and psychological operations. However, the official emphasized that our enemies have not achieved any goal to date.
What is in the Information Technology Department?
Work on the development of national cyber security software is actively ongoing in a number of institutions of the Information Technology Department of the National Academy of Sciences of Ukraine and beyond. Oleksandr Khimich, academician-secretary of the Department, told about it. In particular, research is being carried out in using the algebraic approach and artificial intelligence methods in order to identify vulnerabilities both in software and in technical support. This approach, according to Academician Khimich, makes it possible to prove the system’s resistance to external attacks, especially, the absence of critical vulnerabilities. A complex of advanced methods is also being developed, in particular, methods of hidden information transmission by means of computer steganography, stable post-quantum cryptography algorithms, cryptological methods based on quantum computing.
– With regard to quantum computing, a working group was created within the Information Technology Department of the NAS of Ukraine on the instruction of the Presidium of the NAS of Ukraine; proposals were given on creation of knoware and software for quantum computing, – Oleksandr Khimich continued. – About 40 institutions and organizations expressed their wish to join this work.
V.M. Hlushkov Institute of Cybernetics of the National Academy of Sciences of Ukraine launched a Quantum Computing Models scientific seminar. There is also a joint seminar of the National Academy of Sciences of Ukraine, the Ministry of Education and Science of Ukraine and the National Cyber Security Coordination Center under the National Security and Defense Council of Ukraine on Creation of national cyber security software.
Oleksandr Khimich also emphasized problems and challenges. In particular, a suitable national exaflop resource is needed for research and practical activities on cyber security.
The main reserve
We were ready to meet russian cyberattacks because we had the background, in particular, the relevant specialists. The Chairman of the Scientific Council of NTUU “Igor Sikorsky Kyiv Polytechnic Institute”, Academician of the National Academy of Sciences of Ukraine Mykhaylo Ilchenko emphasized this fact in his speech.
He also made an insight into 1995, when on the initiative of the President of the National Academy of Sciences Borys Paton and the Minister of Education Michael Zgurovsky, the Faculty of Physics and Technology was created, which later became an institute.
– It was at this faculty that the specialties “applied mathematics” and “applied physics” appeared, – Michael Zgurovsky noted. – About 10 years have passed, and the “information security” and “cyber security” specialties appeared on this fundamental basis. It is important that the training of specialists and the implementation of developments was carried out jointly by scientists from both KPI and the V.M. Hlushkov Institute of Cybernetics of the National Academy of Sciences. It is worth talking about the role of scientific schools. Within the framework of these schools, we have trained a new generation of specialists and teachers in this new field of our activity.
The high quality of their training is evidenced by the fact that in 2016, the KPI young team took first place in the worldwide competition of so-called white hackers among 12,600 teams. Now these young specialists are teachers for a new generation of specialists and can perform very responsible national developments.
– The problem is that until now, despite having unique specialists, we do not have orders for our national developments, – Mykhaylo Ilchenko stated. – This is our main reserve. But life will force concerned authorities to do it not only in the field of information and cyber security. Our graduates and scientists are ready to meet any challenge.
Instead of the afterword
Summing up, the President of the National Academy of Sciences, Academician Anatoliy Zagorodniy, once again emphasized the importance of the Academy’s cooperation with higher education institutions, respective state authorities, and business.
– It is worth combining the efforts of all specialists working in the field of cyber security, – he added. – It was nice to hear that the V.M. Hlushkov Institute of Cybernetics of the National Academy of Sciences of Ukraine, the Information Technology Department of the National Academy of Sciences of Ukraine are ready to promote such cooperation.
Therefore, it is logical that in the Presidium’s resolution, the Department is tasked with preparing proposals on the organizational basis of cooperation with relevant state authorities in the field of cyber security and information protection.
Besides, the Information Technology Department of the National Academy of Sciences of Ukraine, together with KPI, was recommended to spread the practice of organizing advanced trainings for information and cyber security specialists, defenders of the cyber space of Ukraine.
Prepared by Dmytro SHULIKIN