Skip to Content

Under Near-Constant Assault, Ukraine Is Desperately Trying to Bolster Its Cyber Defenses

A target of infrastructure hacks, the nation’s government has a long way to go if it’s to protect itself in the future.

The threat of cyberattacks is tangible in Ukraine.

It bears the brunt of many hacks that target the wider world, like the recent NotPetya attack. But it also struggles in the face of something more troubling: not once, but twice, parts of the country have been plunged into darkness as a result of hackers taking aim at its energy infrastructure.

These aren’t the kind of hacks that mean tech-savvy folks need to change their login credentials, but precursors to something far more serious: potentially devastating and life-threatening infrastructure disruptions that could leave thousands or millions of people without electricity or other utilities. As Wired recently explained, some of the attacks targeted at the Ukraine are likely to be tests by Russia as it perfects tools to use in larger-scale cyberwar.

Reading a new report from Reuters about how Ukraine is attempting to shore up its cyber defenses, it’s easy to understand why Russia might have decided to target the country. Aside from political tensions, the fact is that Ukraine’s digital infrastructure has been, to put it bluntly, a mess. From Reuters:

When the chief of Microsoft Ukraine switched jobs to work for President Petro Poroshenko [in 2014], he found that everyone in the [president's] office used the same login password … Sometimes pressing the spacebar was enough to open a PC … Most computers run on pirated software, and even when licensed programs are used, they can be years out of date and lack security patches to help keep the hackers at bay.

The report does go on to explain that, fortunately, the culture has begun to improve over the past three years. The president’s office has changed its security policies, while the government has updated software systems (though an estimated 82 percent of software in the country is unlicensed). And the nation has built out a cyberpolice team, which is funded by the U.K., while government agencies run regular simulations so that employees know how to deal with hacks when they take place.

But take place they still do. The report also says that Ukrainian government systems are on the receiving end of denial of service (DDoS) attacks once every two weeks, and officials appear to admit that they're still not doing enough to counteract the threats. In other words, there’s still a long way to go before Ukraine’s systems can shrug off the cyber onslaught that continues to head their way.

(Read more: Reuters, Wired, “Ukraine’s Power Grid Gets Hacked Again, a Worrying Sign for Infrastructure Attacks,” “Russian Disinformation Technology,” “Ransomware Is a Real Threat, but Don’t Forget the Botnets”)

Keep Reading

Most Popular

AGI is just chatter for now concept
AGI is just chatter for now concept

The hype around DeepMind’s new AI model misses what’s actually cool about it

Some worry that the chatter about these tools is doing the whole field a disservice.

Hoan Ton-That, CEO of Clearview AI
Hoan Ton-That, CEO of Clearview AI

The walls are closing in on Clearview AI

The controversial face recognition company was just fined $10 million for scraping UK faces from the web. That might not be the end of it.

Europe's AI Act concept
Europe's AI Act concept

A quick guide to the most important AI law you’ve never heard of

The European Union is planning new legislation aimed at curbing the worst harms associated with artificial intelligence.

Stay connected

Illustration by Rose WongIllustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.