РНБОУ National Security and Defense Council of Ukraine

Serhiy Demedyuk took part in the opening of the Counter Ransomware Initiative

On October 13-14 this year, at the initiative of the U.S. National Security Council, the first meeting of the international platform “Counter Ransomware Initiative” was held online. The platform brought together leaders and representatives of cybersecurity agencies from 30 countries to discuss the further deepening of cooperation and joint coordination of efforts to combat cyberattacks, ransomware attacks, and other types of cybercrime, including money laundering. 

Deputy Secretary of the National Security and Defense Council of Ukraine Serhiy Demedyuk and Head of the Service for Supporting the National Cybersecurity Coordination Center at the NSDC Staff Serhiy Prokopenko represented Ukraine at the Counter Ransomware Initiative.

In his welcoming speech, Mr. Demedyuk stated that Ukraine supports the U.S. Initiative and assured of our country’s readiness to “expand cooperation with partners at both bilateral and multilateral levels to achieve its goals”.

According to the Deputy NSDC Secretary, our state is making significant efforts to combat cybercrime, in particular, ransomware attacks. “This is reflected in the recently adopted Cybersecurity Strategy of Ukraine, with one of its strategic goals is effective combatting of cybercrime”, - he said.

Mr. Demedyuk informed his international colleagues that according to the Law of Ukraine “On Prevention and Counteraction to Legalization (Laundering) of Proceeds from Crime, Financing of Terrorism and Financing of the Proliferation of Weapons of Mass Destruction” the entities of primary financial monitoring, including virtual asset services providers (VASPs) send notifications of their financial transactions.

Moreover, according to Mr. Demedyuk, the Verkhovna Rada of Ukraine recently adopted the Law of Ukraine “On Virtual Assets”, which explicitly provides for the need to implement relevant international standards, in particular the standards of the Financial Action Task Force (FATF), and to strengthen the monitoring of transactions with virtual assets.

The Deputy NSDC Secretary noticed that Ukraine’s law enforcement agencies have experience of successful operations related to countering money laundering through cryptocurrencies. “Over the past year and a half, more than 6 million dollars were confiscated by a court as a result of their activities”, - he said adding that in 2020-2021 Ukrainian law enforcement agencies conducted 7 large joint international operations (with partners from the Republic of Korea, the U.S., France), as a result of which almost 50 criminals were detained.

At the same time, according to Serhiy Demedyuk, given the features of Ukrainian legislation regarding the ban on extraditing our citizens to other countries, it is necessary to establish international coordination of actions to bring cybercriminals to justice. “Everyone knows that according to the Constitution, Ukraine cannot extradite its citizens to other countries, but we have criminal legislation that allows us to prosecute citizens of Ukraine who have committed crimes in other countries”, - he said, emphasizing the need to accelerate such procedures through the signing of bilateral agreements and “boosting the work and practice of such prosecution of cybercriminals”.

According to Mr. Demedyuk, fighting ransomware requires joint work and joint efforts in different areas, therefore it is important to strengthen the coordination of actors from different sectors and international cooperation at different levels.

During his speech at the panel on countering illicit finance, Head of the NCSCC Department at the NSDC Staff Serhiy Prokopenko said that success in investigating ransomware crimes depends largely on the speed and quality of the analysis of information about the attacks and the accuracy of the attribution of the group behind the attack. “Therefore, we are developing the NCSCC technology platform as a powerful analytical platform that will provide automated exchange and sharing of information about cyber threats, including ransomware attacks, access of all stakeholders within the competence to threat intelligence and attribution data”, - Mr. Prokopenko pointed out.

He suggested that the platform participants strengthen the exchange of data on attacks and uniform cyber threat intelligence in the early stages of response and investigation of ransomware crimes. “Experience exchange and support from the partners may help in such cases”, - he added.