Why Ukraine de­serves cy­ber-at­tack help from the West

Ev­i­dence points to il­le­gal, de­struc­tive and reck­less ac­tions by Rus­sia

The Washington Times Daily - - COMMENTARY - By Dmytro Shymkiv

The first sign that the world had been af­flicted by one of the worst cy­ber-at­tacks in his­tory came in a rel­a­tively in­no­cent mes­sage: “Oops, your im­por­tant files are en­crypted.” It al­most sounds ac­ci­den­tal; it was not. The at­tack be­gan on the morn­ing of June 27 in Ukraine and quickly spread across the globe, in­fect­ing sys­tems in France, Ger­many, Italy, Poland, United King­dom, Aus­tralia and the United States.

The scale and scope was un­prece­dented and re­lied on a virus known as NotPetya, which in­fected sys­tems through M.E. Doc, a pop­u­lar tax ac­count­ing soft­ware in Ukraine. The at­tack hit bank web­sites, ma­jor in­dus­trial en­ter­prises, gov­ern­ment com­puter sys­tems, the postal ser­vice and Kyiv’s in­ter­na­tional air­port and sub­way sys­tem. It crip­pled about 2,000 or­ga­ni­za­tions, in­clud­ing Antonov, Kyivs­tar, Voda­fone Ukraine, Life­cell, and TV chan­nels STB, ICTV and ATR. Ap­prox­i­mately 10 percent of gov­ern­ment and com­mer­cial per­sonal com­put­ers were in­fected.

The cy­ber crim­i­nals struck on the eve of Ukraine’s Con­sti­tu­tion Day, a na­tional hol­i­day that cel­e­brates Ukrainian in­de­pen­dence from the Soviet Union.

This al­lowed the virus to tear through gov­ern­ment com­put­ers and spread while the un­sus­pect­ing of­fices re­mained un­manned in ob­ser­vance of the hol­i­day. The at­tack was also timed to do sym­bolic dam­age to the gov­ern­ment of Ukraine.

Through email servers and network con­nec­tiv­ity, the NotPetya virus spread to com­put­ers world­wide. In the United States, the at­tack im­pacted a health network that in­cluded two hospi­tals, 18 com­mu­nity fa­cil­i­ties and more than 3,500 em­ploy­ees. The hospi­tals could not cre­ate elec­tronic records for a week, forc­ing pa­tients to de­lay pro­ce­dures and treat­ments. The at­tack­ers also hit UK-based Reckitt Benckiser, which makes Lysol spray. Due to dis­rup­tions in its supply chain, Reckitt Benckiser cut its full-year sales growth fore­cast to 2 percent from 3 percent.

The scale of the NotPetya at­tack has trig­gered an in­quiry into the at­tack­ers’ in­ten­tions. While the­o­ries abound, well-known cy­ber se­cu­rity ex­pert Matt Suiche and other an­a­lysts have come to a dis­turb­ing con­clu­sion. Their anal­y­sis sug­gests that the main pur­pose of the at­tack was fi­nan­cial dis­rup­tion and wide­spread de­struc­tion.

The at­tack­ers sought to crip­ple Ukraine and its in­ter­na­tional part­ners. Post-at­tack foren­sics showed that hack­ers used M.E. Doc to col­lect sen­si­tive in­for­ma­tion from chief fi­nan­cial of­fi­cers, ac­coun­tants and other key fi­nan­cial fig­ures for three months. Then they un­leashed the NotPetya virus to try to cover their tracks and in­flict as much dam­age as pos­si­ble.

The Se­cu­rity Ser­vice of Ukraine con­cluded: “The virus is cover for a large-scale at­tack on Ukraine.”

Ukraine has suf­fered wave af­ter wave of cy­ber­at­tacks since the 2014 Rev­o­lu­tion of Dig­nity and the ouster of pro-Rus­sian Pres­i­dent Vik­tor Yanukovych. The mount­ing demo­cratic and pro-Western sen­ti­ment of the Ukrainian re­form­ers ter­ri­fied the Krem­lin. In a bla­tant at­tempt to in­flu­ence the Ukraine elec­tions, Rus­sian hack­ers tar­geted Ukraine’s vot­ing in­fra­struc­ture.

Since then, Ukraine has faced an un­re­lent­ing storm of Rus­sian ag­gres­sion, much of which was in the cy­ber sphere. In 2015, for ex­am­ple, Rus­sian hack­ers at­tacked Ukraine’s power grid caus­ing power out­ages that lasted six hours and af­fected up­wards of 230,000. As cy­ber se­cu­rity ex­pert and co-or­ga­nizer of the Global Cy­ber Se­cu­rity Sum­mit Ryan Brack stated: “Ukraine is con­sid­ered a test bed for at­tacks on ma­jor in­fra­struc­ture.”

Ukraine’s Pres­i­dent, Petro Poroshenko has de­clared that Rus­sia “un­leashed a cy­ber war against our coun­try.” Poland’s Min­is­ter of Na­tional Defense An­toni Macierewicz echoed Mr. Porocheko’s sen­ti­ments: “Rus­sia, against the will­ful think­ing of oth­ers, is show­ing clearly that its role is purely de­struc­tive.”

Rus­sia’s ac­tions are reck­less, de­struc­tive, and il­le­gal. At the same time, Ukraine is work­ing hard to push back against the threat. Thanks to such gov­ern­ment cy­ber-se­cu­rity ef­forts over the past three years, the of­fice of Ukraine’s pres­i­dent was able to de­fend it­self against the re­cent at­tack. At the same time, Ukraine needs a cy­ber over­haul, start­ing with a full recog­ni­tion of the pub­lic-pri­vate na­ture of an ef­fec­tive cy­ber defense.

More must be done. The West can and should help. Fol­low­ing the at­tacks on Ukraine, Sec­re­tary Gen­eral of NATO, Jens Stoltenberg, af­firmed the role of the in­ter­na­tional com­mu­nity in the process, call­ing it an “im­por­tant part of our co­op­er­a­tion with Ukraine” and vow­ing to “con­tinue it.” One such pro­posal calls for the for­ma­tion of a NATO-Ukraine Work­ing Group, set up in the frame­work of the NATO-Ukraine Com­mis­sion, that could pro­vide the es­sen­tial lead­er­ship. That work­ing group could iden­tify and ad­dress the ex­ist­ing gaps in Ukraine’s defense.

Clearly, Ukraine can­not go it alone. Any weak­ness in Ukraine’s defense is a weak­ness through which for­eign ad­ver­saries can gain en­try to the en­tire world. The West must join Ukraine in the fight to stop these cy­ber evil­do­ers at the doorstep.

IL­LUS­TRA­TION BY HUNTER

Newspapers in English

Newspapers from USA

© PressReader. All rights reserved.