In a keynote session at Black Hat USA 2023, cybersecurity leaders from the United States and Ukraine came together to discuss the topic of cyber resilience. The session featured Jen Easterly, the Director of the Cybersecurity and Infrastructure Security Agency (CISA) in the US, and Victor Zhora, the deputy chairman of the State Service for Special Communications and Information Protection of Ukraine.
The focus of the discussion was Ukraine’s success in demonstrating cyber resilience in the face of ongoing cyber attacks from Russia. Since last February, Russia has been engaging in a cyber war against Ukraine, alongside its physical invasion. These attacks have targeted critical infrastructure and government entities in Ukraine, as well as incorporating cyberespionage and a large-scale disinformation campaign.
During the keynote, Easterly commended Ukraine for its efforts in enhancing security since the 2014 invasion and annexation of Crimea by Russia. At that time, cyber warfare played a significant role, with Ukraine falling victim to the notorious NotPetya campaign, ultimately attributed to Russian Advanced Persistent Threats (APTs).
Easterly acknowledged the barbaric kinetic attacks that receive media attention but stressed the importance of recognizing the onslaught of cyber attacks as well. She praised Ukraine for its ability to deal with these attacks and emphasized the lessons that can be learned from their experiences.
Zhora attributed Ukraine’s success in building cyber defenses to best practices established by the US and European partners. He highlighted the improvement in coordination and collaboration between cybersecurity agencies, increased cooperation with the private sector, the expansion of cyber defense capabilities, and continuous training initiatives. Zhora also expressed gratitude for the opportunity to train Ukrainian professionals at events like Black Hat, which was made possible through collaboration with CISA.
The moderator of the panel, Lily Hay Newman from Wired, addressed the issue of attributing cyber attacks to specific actors, specifically referencing the US government’s hesitation under previous administrations to formally attribute the NotPetya campaign to Russia. In response, Easterly emphasized the importance of swift response and understanding the threat and tactics of an attack rather than solely focusing on attribution. She highlighted the value of sharing information with private sector partners and international allies to prevent further cyber attacks and protect potential victims.
Easterly also commended the Ukrainian intelligence community for their efforts in releasing and declassifying a significant amount of information. This information sharing played a crucial role in building a coalition to protect critical infrastructure. Both Easterly and Zhora advocated for increased information sharing between national intelligence communities and the private sector to strengthen collective defenses against cyber threats.
The discussion concluded with a focus on the concept of “cyber war crimes,” a term introduced by Zhora during the previous year’s Black Hat conference. Zhora expressed optimism about the early efforts to formalize cyber war crimes as a concept. Easterly echoed this sentiment and pointed out the potential for cyber attacks against critical infrastructure to result in loss of life, likening it to the aspect of war crimes. She highlighted the need to address and combat such severe attacks, including ransomware attacks against hospitals that have serious consequences for patient care.
The keynote session at Black Hat USA 2023 provided valuable insights into Ukraine’s cyber resilience efforts in the face of ongoing cyber attacks from Russia. It emphasized the importance of information sharing, collaboration, and swift response in defending against cyber threats. With the recognition of cyber war crimes, there is growing awareness of the need to address the severe consequences of cyber attacks that can put lives at risk.