Ukraine and the EU took steps to deepen cooperation in cybersecurity as Russian hybrid attacks aiming to undermine support for Kyiv and flame tensions across the continent continue to rise.
Ukraine and Europe’s cybersecurity agencies signed a memorandum of understanding at the Kyiv International Cyber Resilience Forum this week to support joint research, innovation, and EU-funded projects in cross-border cybersecurity projects.
The European Cybersecurity Competence Center, which is responsible for Europe's cybersecurity development, manages billions in EU funding through the Digital Europe and Horizon Europe programs.
While Ukraine faces participation restrictions as a non-EU member, Kyiv hopes the memorandum will kickstart bringing the two even closer together in the field of cybersecurity.
"We expect that we will be able to involve Ukrainian businesses in these support programs, enabling them to interact more effectively with European businesses and develop together," Serhii Prokopenko, deputy head of cybersecurity at Ukraine's Security and Defense Council, told the Kyiv Independent.
Russian hybrid operations in Europe are becoming more frequent and aggressive, especially since the start of Russia’s full-scale invasion, the EBU Investigative Journalism Network recently reported, citing 20 government, military, and intelligence officials from 10 countries.
“We see an increased Russian risk appetite — and when I say risk, I mean not risk to them; risk to us, risk to our economies, to the safety of our citizens,” NATO Deputy Assistant Secretary General for Innovation, Hybrid, and Cyber James Appathurai told EBU.
Russian cyber and hybrid attacks on Ukraine in the rear, that is, beyond the battlefield, as well as against European partners to undermine support for Kyiv, “are (from) the same threat actors, so technical exchange allows us to plan together," said Prokopenko.
Prokopenko told the Kyiv Independent that he met with ECCC Director Luca Tagliaretti and agreed to coordinate a working plan soon. "The memorandum serves as a framework agreement enabling both sides to begin practical cooperation," said Prokopenko.
He also hopes Ukrainian government institutions, universities, and businesses will be able to participate in the programs made available through EU funding. The EU's Cyber Solidarity Act is currently enlisting companies for incident response, which Ukrainian firms are hoping to join.
"Ukraine's rapid development of military tech and artificial intelligence, all these innovative things emerging in Ukraine against the backdrop of the war, are also of interest to Europeans, and we will also interact with them in this direction," he said.
Reforming cybersecurity to meet EU membership requirements
In November 2023, Ukraine signed an agreement with the European Union Agency for Cybersecurity. The agreement required special approval from the European Commission as it was the first time the ENISA engaged with a non-EU country.
"This demonstrates that Europe is expecting us, that we're intensifying and deepening cooperation. While we cannot yet become a full member, we're already being seen as future members, and then we won't need to go through this stage," Serhii Prokopenko said.
As part of the agreement, Ukraine now collaborates with ENISA on cybersecurity threats, regularly meeting with the European side to exchange threat analytics.
A key aspect of this partnership is aligning Ukrainian legislation with the NIS 2 Directive, which regulates cybersecurity across Europe. Prokopenko describes it as "a complex law," whose norms partners are currently helping Ukraine to "properly interpret."
As part of its EU accession process, Ukraine is updating its 2021 cybersecurity strategy to align with European standards.
"As EU candidates, we will adopt European best practices and develop a new strategy taking these requirements into account because we are EU candidates, and we must comply," Serhii Prokopenko said.
Ukraine’s cybersecurity agency is in the process of auditing its current strategies, but Prokopenko expects that Ukraine will have a draft of the new strategy aligned with European standards within this year or next.
Launching cyber troops
Ukraine is also working on establishing cyber troops, according to Prokopenko. Several draft laws in Ukraine's parliament propose the creation of dedicated cyber military units, with the most likely scenario placing them within the armed forces.
Plans to create Cyber Forces existed before the full-scale war, but priorities shifted due to Russia's invasion. "Everything already exists, but we need legal status," Prokopenko said.
Besides protecting critical infrastructure, cyber troops would conduct offensive or counter-offensive cyber operations.
Currently, only Ukraine's Defense Intelligence Forces officially acknowledge conducting cyber attacks, periodically publishing information about attacks on infrastructure in Russia.
Prokopenko says that European practices will help protect Ukrainian infrastructure from Russian hacker attacks.
"Critical infrastructure consists of IT, office networks, and industrial networks that interact with sensors and control technological processes. For IT, the general approaches are more or less the same for everyone. Still, for specific systems, such as in energy or water supply, specific protocols and steps are prescribed for rapid detection and effective threat response," he said.
Under an earlier cybersecurity strategy, Ukraine anticipated the Russian threat but focused on deterrence, said Prokopenko.
"We are now in an active phase of war and, accordingly, we need to conduct more active operations," he added.
Kollen Post
