British and Ukrainian cyber officials meet in London for threat intelligence talks
Senior cybersecurity officials from the United Kingdom and Ukraine met for several hours on Wednesday to discuss threat intelligence relating to Russian cyberattacks.
The bilateral talks between National Cyber Security Centre (NCSC) staff and a delegation from Ukraine’s State Service of Special Communications and Information Protection (SSSCIP) and its Computer Emergency Response Team (CERT-UA) covered the latest developments in the conflict, although the substance of the meetings was not disclosed.
While in London, the Ukrainian delegates also appeared at the CyberThreat conference to give a keynote speech discussing their response to attacks on the country’s critical infrastructure.
What an honor to have Yevhen, Viktor, and Yevheniia from @CERT_UA here at #CyberThreat22 for a keynote on their response to attacks on Ukrainian infrastructure. pic.twitter.com/7isZFIdhuE— Katie Nickels (@likethecoins) January 16, 2023
As reported by The Record earlier this month, CERT-UA has attended to more than 80 critical cybersecurity incidents targeting the country’s energy sector since the beginning of the invasion — all while kinetic attacks caused by cruise missiles and drones have left much of the country without heating during the coldest months of the year.
It was the first visit of a Ukrainian cybersecurity team to Britain since the beginning of the full-blown invasion of the country last February and follows the British government formally avowing in November that GCHQ experts had been contributing to Ukraine's cyber defense.
The Foreign Office said it had constructed a £6.35 million (about $7.3 million) support package known as the Ukraine Cyber Programme in the days following the invasion. The program has involved providing incident response support to the Ukrainian government, including protection against the Industroyer2 malware, as well as delivering hardware and software and limiting “attacker access to vital networks.”
The NCSC’s chief executive, Lindy Cameron, said in September that Russia’s physical invasion of Ukraine had been accompanied by “probably the most sustained and intensive cyber campaign on record.”
Cameron said her organization, which is a part of Britain’s cyber and signals intelligence agency GCHQ, had “not been surprised by the volume of Russian offensive cyber operations, nor have we been surprised by their targeting.”
However she praised the work of the SSSCIP and CERT-UA, stating: “If the Ukrainian cyber defense teaches us a wider lesson – for military theory and beyond – it is that in cybersecurity, the defender has significant agency. In many ways you can choose how vulnerable you can be to attacks.”
In a statement, NCSC’s director of operations Paul Chichester said: “Ukraine has defended itself resolutely in cyberspace in the face of Russian aggression and the UK has been proud to support that defense.
“It is fitting that, here in the UK, we are hosting senior figures involved in Ukraine’s response. We are honored to do so. This visit is an important moment in our relationship and an excellent opportunity to learn from each other as we continue to build our collective resilience.”
Alexander Martin is the UK Editor for Recorded Future News. He was previously a technology reporter for Sky News and is also a fellow at the European Cyber Conflict Research Initiative.