Valentin Petrov: We are staying ahead of the curve, working out all the possible scenarios of cyberthreats and always keep our powder dry
The threat level of cyberattacks is growing worldwide, but Ukraine reacts to these threats in time, constantly increasing the level of capabilities to counter them. This was announced by Head of Service on Issues of Information Security of the Staff of the National Security and Defense Council of Ukraine Valentin Petrov in his interview with German TV channel ARD.
"Our system of cybersecurity and cyberdefense developed primarily as a system of protection of public resources - those resources where classified information is stored. But we are developing our systems and capabilities to protect critical infrastructure as well", - Valentin Petrov said.
Responding to a journalist's question about the fact of cyberattacks on Ukrainian energy companies, which occurred in late 2015, the Head of Service on Issues of Information Security of the NSDC Staff underlined that it was the first time in the European continent when the cyber weapon aimed at civilian infrastructure facilities was used, which can be regarded as a demonstration of force.
"Since over the last three years Ukraine has turned into a testing ground for Russian modern equipment, tactics and, in particular, cyber weapons, we can assume that, on the one hand, these cyberattacks were a sort of challenge" - he said explaining that, in this context, Russia's doctrinal definition of information and cyberspace as an operating space, as well as air, sea or open space, is very significant.
"Therefore, Ukraine, on the one hand, is a testing ground, and on the other - the latest cyberattacks that took place, - are also a show of force, including to the Western countries, the NATO members; it is a demonstration that such facilities are available in Russia, it can apply them anywhere and at any time needed, that any security systems used in the energy sector are vulnerable", - Mr. Petrov underscored.
The Head of Service on Issues of Information Security of the NSDC Staff also reported that a number of facts suggest that these cyberattacks were carried out from the territory of the Russian Federation. "There are many side signs that allow us to say, with a high degree of probability, that the structures of the Russian Federation or the structures controlled by it, such as hacking groups that work with the government of Russia, are involved in these attacks".
He also noted that in addition to cyberattacks on the Ukrainian power companies, the criminals also carried out attacks on the financial sector last year, but Ukrainian experts were able to detect and block them in a timely manner. "After all, the damage caused by these attacks was minimal. However, at first, the aim of the cyberattack was very serious, and if the criminals managed to do what they had planned, then in December, at the end of the fiscal year, all payments to the state budget, all social payments would have been blocked, which could have led to a social explosion", - Valentin Petrov noticed.
The Head of Service on Issues of Information Security of the NSDC Staff added that the part of cyberattacks that were made on the systems of the State Treasury and the Ministry of Finance, which became known to the public, - is only a small part of the attacks encountered by Ukrainian bodies. "We were proactive, having prevented the attacks, so the public did not see other. I think this is a great success of our cybersecurity system and our state bodies responsible for it", - he said.
Moreover, Valentin Petrov informed that apart from practical measures to prevent and respond to cyberattacks, Ukraine is also improving the legal framework for this. In such a way, according to him, from the legal and institutional points of view, strategic documents are currently under development: the Cybersecurity Strategy was approved last year, and the Parliament is preparing to the second reading of the Law of Ukraine on the basic principles of ensuring cybersecurity of Ukraine. "We are also working on clarifications and supplements to many other laws related to emergencies, telecommunications, law enforcement activities, the laws that govern the activities of the subjects of ensuring cybersecurity - these are the National Police, the State Service of Special Communication and Information Protection, the Security Service of Ukraine and others. Relevant departments are developing, for instance, the Cyberpolice as a part of the National Police; a corresponding unit is operating in the Security Service of Ukraine", - he added.