CS Mar Apr 2022
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Ukraine backup<br />
CALL FOR HELP PROMPTS RAPID RESPONSE<br />
A TEAM OF EXPERTS HAS BEEN SET UP TO HELP DEFEND UKRAINE FROM CYBER-ATTACKS<br />
Acyber rapid-response team (CRRT) is<br />
being deployed across Europe, after<br />
a call went out from Ukraine for help,<br />
as reported by the BBC.<br />
The newly-formed team of eight to 12<br />
experts from Lithuania, Croatia, Poland,<br />
Estonia, Romania and the Netherlands has<br />
committed to help defend Ukraine from<br />
cyber-attacks - remotely and on site in the<br />
country. An official warned attacks were<br />
likely. "We can see that cyber-measures are an<br />
important part of Russia's hybrid toolkit," the<br />
CRRT official said.<br />
It comes after the UK and the US blamed<br />
Russia for cyber-attacks earlier this month<br />
that temporarily took a small number of<br />
Ukrainian banking and government websites<br />
offline.<br />
The Lithuanian Ministry of Defence tweeted:<br />
"In response to Ukraine request, [we] are<br />
activating [a] Lithuanian-led cyber rapidresponse<br />
team, which will help Ukrainian<br />
institutions to cope with growing cyberthreats.<br />
#StandWithUkraine."<br />
CRRTs are a European Union initiative to<br />
deepen defence and co-operation between<br />
member states. They are said to be equipped<br />
with commonly developed cyber toolkits<br />
designed to detect, recognise and mitigate<br />
cyber-threats. An official told the BBC that<br />
the team was "composed of different cyberexpertise,<br />
such as incident response,<br />
forensics, vulnerability assessment, to be able<br />
to react to a variety of scenarios". Russia has<br />
previously been accused of 'hybrid warfare',<br />
combining cyber-attacks with traditional<br />
military activity, in Georgia and Crimea. "The<br />
EU and Ukraine blamed Russia after<br />
thousands of people in multiple cities in<br />
Ukraine experienced power cuts, in 2015 and<br />
2016, when hackers temporarily shut off<br />
electricity substations," states the BBC. "The<br />
US, UK and EU also blamed it for the hugely<br />
disruptive NotPetya wiper attack."<br />
Experts say about 2,000 NotPetya attacks<br />
were launched in 2017, mainly aimed at<br />
Ukraine, but the malicious software spread<br />
globally, causing billions of dollars of damage<br />
to computer systems across Europe, Asia and<br />
the Americas.<br />
POSITIVE NEWS<br />
According to John Fokker, head of cyber<br />
investigations & principal engineer, Trellix, the<br />
news that the EU is deploying a Cyber Rapid-<br />
Response Team is extremely positive. "The<br />
initial cyber-attacks on Ukraine were intended<br />
to be very public and evident in their nature<br />
and impact. However, we anticipate that this<br />
will change in the future, and any attacks will<br />
be incredibly discreet, as attackers seek to<br />
conceal their activity and ultimate objectives.<br />
"Cyber-attacks are increasingly used as<br />
a means of modern warfare. Our research*<br />
found that Russian and Chinese nation-state<br />
backed groups are believed to be responsible<br />
for nearly half (46% combined) of all<br />
observed APT threat activity. Cybersecurity<br />
John Fokker, Trellix: Cyber-attacks are<br />
increasingly used as a means of modern<br />
warfare.<br />
must be a worldwide priority and we must<br />
collaborate to defend against these threats."<br />
Threat intelligence will be crucial to<br />
mitigating risk, he adds. "It will allow security<br />
professionals to strengthen detection, plus<br />
respond in real-time to active threats. The use<br />
of machine learning analytics will also help<br />
to predict and detect attacks, identify root<br />
causes, and guide adaption and response to<br />
whatever threat Ukraine may face."<br />
*https://www.trellix.com/en-us/threat-center/threatreports/jan-<strong>2022</strong>.html<br />
www.computingsecurity.co.uk @<strong>CS</strong>MagAndAwards <strong>Mar</strong>/<strong>Apr</strong> <strong>2022</strong> computing security<br />
21