Enable breadcrumbs token at /includes/pageheader.html.twig

Initial Cyber Hardening Has Helped Ukraine

The United States aided a pre-war effort to digitally strengthen Ukraine’s assets.

Cyber strengthening efforts by the National Security Agency (NSA), U.S. Cyber Command, other governmental agencies and the private sector have aided Ukraine, at least initially, according to NSA Director General Paul Nakasone, USA, and commander, U.S. Cyber Command, testifying before the U.S. Senate last week.

An effort to help Ukraine protect its critical infrastructure from cyber attacks has succeeded at least initially. Steps taken by various governmental agencies and private industry before Russia invaded Ukraine on February 24 have strengthened its cybersecurity, said Gen. Paul Nakasone, USA, commander of U.S. Cyber Command, director of the National Security Agency and chief of the Central Security Service, testifying before the U.S. Senate Select Committee on Intelligence last Thursday.

Sen. Mark Warner (D-VA), the chairman of the committee, expressed surprise at the relatively low amount of cyber warfare given Russia’s malicious cyber tendencies. “I do not think many of us think that Russia does not have extraordinarily critical and first-rate cyber tools,” Sen. Warner noted. “The fact is that they have not launched much beyond traditional malware. They have not launched the kind of worm-driven NotPetya attacks that we saw in 2017. My concern has been that one of those types of attack could literally go beyond the geographic boundaries of Ukraine, bleed into Poland, where it could affect American troops or shut down Polish hospitals and result in the death of Polish citizens, which could potentially move us into Article 5 territory.”

Gen. Nakasone theorized that the relatively low level of cyber attacks could in fact be part of Russia’s strategic calculus. On the other hand, early work to harden Ukraine’s infrastructure has also helped, including efforts from forward-deployed cyber defenders as well as industry contributors.

“But secondly, a tremendous amount of work was done prior to the actual invasion,” the commander reported. “Work that was done by my agency, work that was done by the U.S. Cyber Command, by the interagency, by a series of private sector partners that hardened the infrastructure of the Ukraine, I think that was part of it.”

So far, U.S. Cyber Command has seen “three to four attacks.” Gen. Nakasone stressed, however, that Putin’s war had just really begun. “We remain vigilant,” he said. “We are 15 days into this conflict and by no means are we sitting back and taking this casually. We are watching every single day for any type of unusual activity.”

In general, the general expects several potential types of cyber warfare from Russia, in addition to possible malware.

“There are three other scenarios that also come into our thinking,” he told lawmakers. “One might be the broad use of ransomware. The next scenario would be proxies, those attacks that may not necessarily be part of the Russian government but are functioning as a proxy or as a non-nation state actor to do this type of cyber activity, to perhaps launch malware. The final one is this idea of a disruptor or destructive attack on a country in Eastern Europe that could take place.”

The United States will continue to provide cybersecurity support and share information on Russia’s cyber activities. “We are not only vigilant, we are prepared and most importantly, we are sharing information and sharing our expertise with our partners,” Gen. Nakasone stated.