The U.S. and Ukraine agreed to further cooperate on cybersecurity issues and to improve avenues of information sharing, as Russia’s assault in Eastern Europe grinds on.
The U.S. Cybersecurity and Infrastructure Security Agency and its Ukrainian counterpart, the State Service of Special Communications and Information Protection, announced the deepened partnership at the end of July, calling it an important step toward a more secure future.
Priorities of the agreement include the exchange of best practices, studying how critical infrastructure is guarded, and establishing joint cybersecurity projects and exercises.
Both the U.S. and Ukraine participated in the NATO Cooperative Cyber Defence Centre of Excellence’s Locked Shields exercise in April. Specialists with U.S. Cyber Command have also worked alongside Ukrainian forces to fortify networks and root out malicious behavior.
Oleksandr Potii, the deputy chairman of the SSSCIP, in a statement said the new accord “represents an enduring partnership and alignment in defending our shared values through increased real-time information sharing across agencies and critical sectors and committed collaboration in cultivating a resilient partnership.”
CISA Director Jen Easterly applauded the agreement — saying she was “incredibly pleased” to sign it — and noted that she has been “moved by the resiliency and bravery of the Ukrainian people throughout this unprovoked war.”
Russia’s latest invasion of Ukraine, launched Feb. 24, was preceded by cyberattacks, including one on Viasat, a California-based company involved in commercial and military markets worldwide. The digital attack was meant to cripple Ukrainian command and control as Russian forces advanced. U.S. government clients were unharmed.
Some five months on, cyberattacks continue in Ukraine, with hackers mostly focused on the defense, government, finance and telecommunications sectors, according to a July 12 bulletin from the SSSCIP. Russia has historically denied involvement.
President Joe Biden in March warned of Russia potentially targeting U.S. networks and critical infrastructure as its fight flounders. The U.S. Navy also cautioned in an unclassified memo that adversaries are seeking to exploit digital vulnerabilities, like weak passwords and mistakes made on military or at-home, private networks.
“Cyber threats cross borders and oceans,” Easterly said in a statement, “and so we look forward to building on our existing relationship with SSSCIP to share information and collectively build global resilience against cyber threats.”