Business Cybersecurity in Time of War

Business Cybersecurity in Time of War

1. What Business Needs to Know about Cybersecurity

Modern business is impossible to imagine without computers, tablets, smartphones, data storage devices, and other gadgets that provide access to the Internet. During the global COVID-19 pandemic, many global and Ukrainian businesses have switched to online work.

As of 2021, the number of Internet users in the world has increased from 4.1 to 4.9 billion, compared to 2019. Moreover, this is already more than half of the entire world population.

However, the rapidly growing digitalization of the world and the Ukrainian economy has its downside. It leads to an increase in cyberthreats, cyberattacks, and other violations of cybersecurity — safe work with data in cyberspace.

These negative consequences affect everybody: individuals, businesses, and the state in general. In 2021, 19% of all world’s cyberattacks were directed against Ukraine, with us being ranked second after the USA.

These spheres suffer from cyberattacks the most: state institutions, banks, and financial organizations, online stores, IT companies, businesses that work with the personal data of customers, manufacturing companies, and startups.

On the eve of the Russian invasion and with the full-scale war in Ukraine, the number and intensity of cyberattacks increased at times. Mass cyberattacks against state structures of Ukraine and businesses took place on 13–14 January, 15–16 February, and on the night of 23–24 February. Cybercriminals planned these attacks to paralyze the work of strategic objects.

According to the State Special Communications Service, from mid-February to early March, Ukrainian organizations were under about 2,800 cyberattacks. For comparison, there were 2,200 of them in 2021.

These statistics show that every Ukrainian company should be on high alert and assess its vulnerability in advance to prevent their systems from cyberincidents and technological failures.

Our experience confirms that to withstand cyberattacks business needs not only the latest equipment and software, but also a qualified technical specialist and a experienced lawyer.  Only such lawyer is able to prepare the proper guidelines for the business owner and the staff and ensure that everyone involved can implement cyberprotection measures in the event of a cyberincident.

Business needs the legal support because the regulation of cybersecurity in Ukraine is very fragmented. The rules governing it are scattered in many laws and by-laws. It will be difficult for a business owner to find the correct information for protection in the event of a cyberincident on his/her own.

The concept of cybersecurity is determined by the Law On the Basic Principles of Ensuring Cybersecurity of Ukraine and the international convention on cybercrime. It is also governed by other laws: On Personal Data Protection, On Public Electronic Registers, On Critical Infrastructure, On National Security of Ukraine, On Electronic Communications, etc. And that is not all: the responsibility for cybersecurity violations is regulated by the relevant codes and laws prescribing certain state bodies to ensure and control cybersecurity and prosecute its violators. There is not one or two such state body, but a lot different authorities namely the Security Service of Ukraine, Cyberpolice Department of the National Police of Ukraine, State Service for Special Communication and Information Protection of Ukraine, Ministry of Defense, NSDC, National Bank of Ukraine.

2. Types of Cyberthreats, their Consequences, and Protection Tips

Today, many cyberthreats are known to be caused by weaknesses in technical support, employees’ ignorance, or breaking basic cyberhygiene rules.

These are the most common ones:

• DDoS and DoS attacks — network attacks aimed at overloading and disabling websites;
• phishing mailings with virus files or links;
• account hacking to gain access to personal and corporate data;
• malicious software that hides files and blocks access to them;
• ransomware viruses;
• telephone scammers;
• unauthorized logins to customers’ online banking and fraudulent operations with bank cards;
• leakage of confidential information and personal data, etc.

If these threats are successfully executed, citizens, enterprises, and even the state may be seriously affected.

These are the usual negative consequences of cyberattacks:

• disabling critical systems of state and business (websites, electronic government services for citizens and businesses, online stores, accounts of key managers, etc.);
• loss of personal, corporate, and confidential information;
• theft of personal and financial data leading to funds withdrawal;
• damage to the business reputation of the company and the loss of customers as a result;
• material costs for eliminating the consequences of cyber incidents, etc.

To avoid these aftermaths, you should eliminate many opportunities for cybercriminals if you follow some of our tips:

• install the latest cybersecurity and data traffic control systems, use only licensed software, and update it in a timely way;
• regularly conduct cyberaudits to check for the vulnerability of the cybersecurity system, identify and fix the weak spots;
• transfer all possible data to the cloud and have a few backups in different regions or even in several countries — this advice is especially relevant for Ukrainian companies during the war;
• monitor new threats and regularly adapt your protection policies;
• inform relevant state authorities if you suspect potential cyberincidents.

To provide comprehensive cybersecurity for your business, you can hire a technical specialist with appropriate qualifications and purchase all the necessary tools and software. However, there is a more effective and reliable way in current conditions in Ukraine. You can engage a specialized company that provides services for hosting data in the cloud and, at the same time, has basic cybersecurity solutions.

For example, there is one of the leaders of the Ukrainian cloud market, Gigacloud company, which has the most up-to-date equipment and software for reliable data storage, engages a cybersecurity agency Gigasafe and offers an effective risk diversification system using data centers in Kyiv and Lviv, as well as in Warsaw.

You should be aware that 98% of all cyberattacks exploit the human factor. It means they are successful and cause damage because certain people neglect their responsibilities or fail to follow cyberprotection protocols. Therefore, it is very important to raise your staff’s awareness of risks and threats in the virtual space. Make them complete general courses on digital hygiene, for starters.

For example, the abovementioned cloud operator Gigacloud uses a well-established system of internal instructions and policies on cybersecurity. They offer these guides to their clients and develop such instructions together with technical specialists of Gigasafe and lawyers, who conduct regular training of employees on the basic rules of cybersecurity:

• do not open emails from unknown senders;
• do not install unverified software from unknown sites on corporate devices;
• do not use unprotected networks and public Wi-Fi to connect to corporate systems;
• immediately report detected cyberthreats and cyberincidents, etc.

However, having a cybersecurity company at your side covers only half of your must-have actions. You can get the other half by hiring cyberprotection lawyers.

They can help you to:

• check the provider’s compliance with national and international standards and conclude a reliable contract ensuring proper protection of corporate information when transferring data to cloud storage;
• develop effective internal policies on safe work in the cyberenvironment and conduct systematic briefings;
• explain the rules of handling personal data and confidential information to employees;
• quickly respond to cyberincidents, addressing the state bodies for protection, bringing offenders to justice, and going to court for damages compensation.

In the latter case, it is necessary to ensure that all critical data is preserved for further investigation and that all infected devices remain untouched. It helps to find the cyberciminals faster and make sure no more damage is done to the system.

To sum up, you need to maintain a joint synergy of experienced technical specialists and lawyers to establish an effective cybersecurity system at the enterprise and ensure its prompt implementation in case of cyberincidents. The best solution is to involve external comprehensive cybersecurity companies providing the best equipment and professionals, and find a law firm specializing on cyberptotection.

3. Secrets of Ukraine’s Successful Fight against Russia in Virtual Space

The war in Ukraine is fought not only on the physical battleground but also on the information front. The Cyberpolice of Ukraine actively opposes Russian hackers who target the information resources of state bodies.

These are the key victories of Ukrainian cyberforces:

• preventing DDoS attacks on the public and private sectors;
• detecting and neutralizing anti-Ukrainian propaganda on the Internet and social networks;
• identifying pro-Russian collaborators;
• developing chatbots and sites for cooperation with citizens and allowing them to block anti-Ukrainian information channels and quickly report on the movement of flying missiles, enemy equipment and manpower, unexploded ammo, marauders, etc.

With the support of foreign partners, the world’s leading technologies and satellite images are used to recognize the faces of the Russian invaders in order to detect their crimes on the territory of Ukraine.

In addition, the Telegram channel “Center for countering disinformation at the NSDC of Ukraine” helps to eliminate numerous Russian fakes of the Russian invaders. You can also quickly report cyberincidents on the website of the Center for Active Countermeasures against Aggression in Cyberspace.

Ukrainian IT business plays an equally important role. The major market players and volunteers united IT specialists, working on deflecting cyberattacks on critical infrastructure objects, neutralizing Russian chatbots and hackers, and assisting other businesses to adapt to the drastically changed environment. For example, Gigacloud evacuated the Prozorro data center from Kyiv to Lviv free of charge despite being under shelling.

As you can see, the strength and integrity of Ukrainian cyberspace lie in the ongoing patriotic mutual support and active cooperation of state bodies, Ukrainian business owners, and individuals. Such a synergy creates an invincible strategy that provides Ukraine with a powerful information homefront.

Published in Ukrainian Law Firms. A Handbook for Foreign Clients.