Ukraine's defense ministry launches military CERT to counter Russian cyberattacks
Ukraine’s defense ministry has created an incident response center to counter cyberattacks, including those from Russia, with an emphasis on defending the country’s military and communication networks.
Prior to this, the ministry had a dedicated team of cybersecurity professionals protecting its systems, but establishing a separate structural unit “will expand its responsibilities in the field of cyber defense,” the ministry said in a statement on Monday.
Ukraine’s deputy defense minister for digital development, Kateryna Chernohorenko, said creating the team was one of her main tasks when she took the job in 2023.
“We are constantly looking for new specialists to join our team,” Chernohorenko told Recorded Future News during a tech conference in Lviv earlier this month. “We have the best experts working with us who say that here they face the most serious challenges in their professional careers and that this is the best expertise they have gained.”
The center will operate similarly to what other countries call a military computer emergency response team (milCERT). Being subordinate to a defense ministry is a significant advantage, the deputy manager of Latvia’s CERT, Varis Teivans, told Recorded Future News in an earlier interview. "The MOD is committed to cybersecurity and heavily supports it [CERT] legislatively and with funding," he said. Latvia launched its MilCERT in 2018.
In addition to its work with Ukraine’s other military and civilian cyber agencies, the new team will cooperate with NATO countries to counter joint cyberthreats.
Ukrainian military and defense enterprises are attractive targets for hackers, usually with links to Russia. In a campaign in June, the group known as Vermin attacked Ukrainian armed forces with Spectr malware to steal sensitive information from their devices.
During the same period, researchers warned of attacks on Ukraine’s Ministry of Defence by the Belarusian state-sponsored hackers known as Ghostwriter.
“It's been a year since my team and I have been working on the development of secure systems,” Chernohorenko said. “It is important to us that we do not give in to time or political promises in favor of the security of our systems because data about our military is sensitive data,” she added.
Daryna Antoniuk
is a reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.