Attack Surface Management , Critical Infrastructure Security , Cyberwarfare / Nation-State Attacks

Ukraine's Cyber Defense: Wipers Remain 'Biggest Challenge'

Victor Zhora, Deputy Head of Ukraine's Cyber Agency, Shares Lessons Learned
Victor Zhora, the deputy head of Ukraine's State Service of Special Communications and Information Protection

As the Russia-Ukraine war continues, "Russian attackers continue to combine cyberattacks with kinetic operations, and … they can be coordinated with kinetic to amplify the overall psychological effect from these attacks," says Victor Zhora, the deputy head of Ukraine's State Service of Special Communications and Information Protection, or SSSCIP.

See Also: How to Hunt Threats Like Elite Defenders with Open NDR + MITRE ATT&CK®

The scale of cyberattacks unleashed during the conflict is immense. Since the beginning of the year, Ukraine's national computer emergency response team, CERT-UA, has tracked "more than 1,600 major cyber incidents," he says. According to the CyberPeace Institute, 51 different nation-state, collective and cybercriminal groups have launched attacks and operations across 29 countries since January.

As one of the government officials who helps lead Ukraine's cyber defense, Zhora says one of the biggest cybersecurity surprises so far during the conflict has been the widespread use and impact of wiper malware, which is designed to destroy the hard drives of systems it infects.

From a cybersecurity standpoint, "wipers continue to be the biggest challenge, together with exfiltration of data or sowing chaos and subversion with the use of cyberattacks," he says. "We've identified more than 10 different types of wipers used during the war, and it seems to me that that is not the limit."

In a video interview with Information Security Media Group, Zhora discusses:

  • How partnerships with technology and cybersecurity firms, the EU, U.S., NATO and others help Ukraine improve its defenses, disaster recovery and incident response;
  • Lessons learned from countering Russia's cyberattack strategies;
  • Ukraine's approach and goals for attributing cyberattacks and cyber operations.

Zhora is the deputy chairman and chief digital transformation officer at the SSSCIP, where he oversees digital transformation and cybersecurity projects, as well as CERT-UA and the state cyber protection center. He is the author of nearly 50 scientific publications in information security and has more than 20 years of practical experience as an architect and project manager, CEO and co-founder of leading cybersecurity companies in Ukraine. Since 2012, Zhora has been a member of the organizing committees of Ukraine's UISGCON and BSides Kyiv conferences.

About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.