It might be a matter of time when more advanced cyber weapons will be used by states. Providing greater support to build-up the civilian and military cyber security/defence capabilities of the Eastern partners is therefore timely and advantageous for the West. Against this background the EU should now come up with a support package for these cyber security aspects that were uncovered by NATO’s package.
It might be a matter of time when more advanced cyber weapons will be used by states. Providing greater support to build-up the civilian and military cyber security/defence capabilities of the Eastern partners is therefore timely and advantageous for the West. Against this background the EU should now come up with a support package for these cyber security aspects that were uncovered by NATO’s package.
On 25 June NATO foreign ministers endorsed support measures to bolster Ukraine’s defence capabilities in several critical areas, including cyber defence. The Alliance also agreed to create a systematic pool of deployable military and civilian experts as another means of support. On 27 June Ukraine, Moldova and Georgia signed association and free trade (DCFTA) agreements with the European Union. While the prospect of NATO membership looks distant for these countries, facilitating their integration to the West by inter alia enhancing security and defence cooperation with NATO and the EU has become an important goal.
There are many ways in which these new capabilities should be deployed. First, greater support is needed for curbing cyber crime. Some analysts claim that Ukraine has become a heaven for hackers. According to Valentyn Petrov , an information security official at the Security Service of Ukraine, ”Ukrainian hackers are well-known in the world. Our country is a potential source of cyber threats to other countries.”
Some analysts assume that countries that oppose the Western-dominated international order and US dominated governance of global cyberspace are inclined to deliberately ignore hackers located within their borders. For example, Russia avoided cooperating with Estonia to investigate the 2007 cyber attacks against Estonian critical infrastructures. Dr Jarno Limnéll, a Director Cyber Security at McAfee, speaking on 4 June at the Cyber Conflict Conference in Tallinn, said that in order to avoid responsibility for cyber attacks adversary countries are likely to out-source the attacks to cybercriminals – such as state sponsored proxies and “patriotic hackers” – in the exchange for a free heaven to pursue financial gain by other means, such as stealing intellectual property that will be sold in the black market and log-in credentials to gain illegal access to bank accounts.
In the three Eastern partners, the major problem in combatting cyber crime seems to be an insufficient or missing legal framework and lack of human and technical resources to identify and arrest criminals. These problems are exacerbated by the close ties between organised crime and political elite in some Eastern European Countries, such as Russia and some analysts argue that Ukraine is also a “mafia state”.
Beefing up police and judicial cooperation with the EU would help to arrest hackers residing in Ukraine. An example of successful cyber crime cooperation between Ukraine and the US is the indictment of a Russian citizen, Evgeniy Mikhailovich Bogachev, by the U.S. Justice Department on 27 May. Bogachev ran a criminal ring responsible for the malicious computer software Gameover. Zeus and Cryptolocker, which made it possible to steal more than $ 100 million from businesses and consumers since 2011. Key command centres of this criminal group, which remotely controlled the infected computers and turned them into a “botnet,” were located in Kiev and Donetsk.
Based on a study conducted last year, Nir Kshetri, a Cyber Security Associate Professor at University of North Carolina-Greensboro in the US, found that in those Central and Eastern European countries that are more integrated and have closer cooperation with the West, cyber criminals are more likely to be prosecuted. Likewise, tighter relations with the West enable these countries to enhance the capacity of law enforcement to fight cybercrimes, thus increasing their effectiveness.
Second, clandestine cyber espionage operations have been going on in Ukraine and Russia is believed to be behind them. For example, a very well written and extremely stealthy Snake (also called Ouroburos) malware, detected in Ukrainian systems, is believed to be developed by a state actor and experts point to Russia. NATO’s Secretary General, Anders Fogh Rasmussen, recently noted that Russia uses military, political and economic means to intimidate and influence its neighbours. General Philip Breedlove, NATO supreme allied commander Europe said on May 6 that cyber was a huge part of what Russia has done in Ukraine. According to anonymous intelligence analyst “Russia not only now has complete informational dominance in Ukraine, it also has effective control of the country’s digital systems, too. It has set the stage.“
There are many practical measures that the West can provide to support the Eastern partners in fostering their own cyber security, while also curbing the cyber crime that primarily affects the Western countries themselves. The EU should beef up police and judiciary cooperation, support the implementation of the 2001 Budapest Convention of Cybercrime, and provide consultations to support the development of legal systems, as well as cyber security policy and strategy development. NATO could focus on cyber defence by deploying its Rapid Reaction Teams to assist in cases of cyber incidents. Information sharing (early warning, cyber incident prevention and response) frameworks could be set up between the NATO Computer Incident Response Capability (NCIRC) and the local Computer Emergency Response Team (CERT). Allies who would like to contribute in depth could establish bilateral procedures for information sharing. Secondment of civilian and military cyber defence and information assurance specialists for consultation and on-site training in the government and military CERT would be useful. This would help to develop indigenous capabilities. A bilateral roadmap for enhancing education, training and exercises and for sharing best practices could also contribute to the development of endemic know-how and competence.
For now cyber espionage and cyber crime have been the most prominent cyber activities in the Eastern partners’ cyber space, while perpetrators seem to be supported by states at least to some degree. So far they seem unwilling to cross the threshold of an armed attack in cyber space; in the future, however, if the disruption of national critical infrastructure would be considered beneficial, more serious attacks can be anticipated.
Recent cyber activities taking place in Ukraine indicate that cyber espionage has become part of the toolbox of asymmetrical capabilities used by Russia to achieve its political objectives. It might be a matter of time when more advanced cyber weapons will be used by states. Providing greater support to build-up the civilian and military cyber security/defence capabilities of the Eastern partners is therefore timely and advantageous for the West. Against this background the EU should now come up with a support package for these cyber security aspects that were uncovered by NATO’s package.