Training Ukraine’s Critical Infrastructure to Stay Ahead of Cyber Adversaries

Critical infrastructure sectors such as energy, water, and transportation, have become increasingly interconnected and reliant on technology. Though digitization has improved efficiency and access, it has made critical infrastructure more vulnerable to cyberattacks that cause crippling disruptions to services that support food and agriculture, public health, safety, finance, and national security.   

Ukraine has experienced several serious cyberattacks against its critical infrastructure that have been attributed to agents of the Russian Federation.  These resulted in mass power outages and associated disruptions. To help strengthen the resilience of Ukraine’s critical infrastructure, CRDF Global is partnering with the National Coordination Center for Cybersecurity at the National Security and Defense Council (NSDC) of Ukraine to conduct a series of training workshops for cybersecurity professionals at critical infrastructure organizations.     

Cybersecurity experts at FireEye Mandiant helped customize a recent two-day workshop covering the current threat landscape, recognizing the particular risks associated with state-sponsored attacks, and discussing tools and methods that can help establish origin and attribution of an attack. 

Through hands-on training based on real-world attacks and security vulnerabilities, more than 100 participants from the Security Service of Ukraine, State Service of Special Communications and Information Protection, the National Police, and other critical infrastructure facilities learned new techniques to counter sophisticated attacks. 

Following this workshop, NSDC and CRDF Global hosted a hackathon competition that focused on real-time cyber incident identification and responses; collecting digital evidence; and cyber incident reporting to entities like MISP, an open-source threat sharing platform, and the United States Computer Emergency Readiness Team (CERT). The intensive hackathon competition simulated realistic cyber-attacks for participants from the Security Service of Ukraine, National Agency on Corruption Prevention, Ministry of Defense, Kyiv International airport, Ukrainian Railways, National Bank of Ukraine, and Ukroboronprom (state-owned defense industries).   

These workshops are part of a year-long series of Capture-the-Flag and workshop events designed to enhance the capacities of current cybersecurity specialists in the security and defense sector at critical infrastructure facilities, government organizations, and enterprises that guard Ukraine’s national and economic security. These efforts are supported by the U.S. Department of State’s Office of the Coordinator of U.S. Assistance to Europe and Eurasia.