British cybersecurity team defends Ukraine
Britain has deployed cybersecurity experts to protect Ukraine from Russian hackers, the government has revealed.
The specialists have been working remotely on behalf of the British government to foil attacks since February. Britain has partnered with private contractors on the £6.35 million ($NZ12.5m) programme of support.
Within 35 minutes of Russian troops crossing the border, the team of security experts began working online to protect Ukrainian ministries from attack. The programme has been run by the Foreign Office with help from the National Cyber Security Centre (NCSC), an arm of GCHQ.
As part of the West’s new approach of declassifying intelligence, the government has also revealed the extent of Russian cyberwarfare in Ukraine.
The intelligence reveals that: – Russian hackers were able to read emails about Nato’s response to the invasion after the Kremlin penetrated the cyberdefences of an EU country.
– Russian agents are suspected of infiltrating key Ukrainian ministries and inserting USB sticks into devices to obtain sensitive information.
– A hacking group called Turla has been behind ‘‘surgical’’ attacks on Ukrainian targets amid infighting between Russian intelligence agencies.
– Chinese, Iranian and Belarusian hackers have been involved in Ukraine, with Beijing suspected of conducting economic espionage to help Chinese companies win contracts for postwar reconstruction.
James Cleverly, the foreign secretary, accused Moscow of a barrage of cyberattacks on Kyiv as he vowed to continue offering IT support to deliver victory for Ukraine. ‘‘Russia’s attack on Ukraine is not limited to its horrific land invasion. It has also persistently attempted to invade Ukraine’s cyberspace, threatening critical information, services and infrastructure.’’
The announcement of British cyberdefence support for Ukraine comes after allegations that the phone of Liz Truss was hacked by Russian agents while she was foreign secretary. There has been a recent escalation in tensions, with Russian President Vladimir Putin accusing the West of helping Ukraine to obtain a ‘‘dirty bomb’’.
Russian attempts to destabilise Ukraine have been common since the annexation of Crimea in 2014, including cyberattacks on the electricity network and ransomware assaults on the Kyiv metro and Odesa airport. However, such activity increased before Russia’s invasion of Ukraine.
In total, British cybersecurity teams have responded to attacks on 30 Ukrainian government departments. Other EU countries, including Germany and Estonia, are also understood to be providing cyberdefence support.
Security sources believe the Kremlin has a powerful cyberarmoury at its disposal and is deeply embedded in Ukraine. The cyberdefence professionals have cleared infected networks in key Ukrainian ministries only to find they have been reinfected, suggesting that Russian agents have been placed behind enemy lines and used USBs to corrupt devices.
Russian hackers have also piggy-backed on Ukrainian telecom networks to corrupt CCTV cameras and mobile phones. Once, they changed the subtitles during a broadcast by President Volodymyr Zelenskyy.
Western officials also said an EU country had been hacked shortly after the invasion, allowing Moscow to monitor Nato discussions on military aid.
Lindy Cameron, head the NCSC, said the threat remained high despite the support offered by Ukraine’s allies. –