Attacks and Vulnerabilities
Critical infrastructure
Malware, Phishing & Ransomware
News
Reports
Vulnerabilities

ENISA strengthens cybersecurity cooperation with Ukraine to counter Russian aggression

November 14, 2023
ENISA strengthens cybersecurity cooperation with Ukraine to counter Russian aggression

The European Union Agency for Cybersecurity (ENISA) has formalized a Working Arrangement with its Ukraine counterparts focused on capacity-building, best practices exchange, and boosting situational awareness. The Working Arrangement builds on the discussion initiated last year in Warsaw during the EU-Ukraine Cybersecurity Dialogue and will be a key item at the next Dialogue. A work plan will operationalize the Working Arrangement.

The partnership was signed by ENISA, the National Cybersecurity Coordination Center (NCCC), and the administration of the State Service of Special Communications and Information Protection of Ukraine (SSSCIP) on the Ukrainian side. The Russian full-scale and illegal invasion of Ukraine has been a turning point for the global cyber domain and has confirmed the need for enhanced and wider international cooperation

The Working Arrangement is broad and covers short-term structured cooperation actions while paving the way for a longer-term alignment of cybersecurity policies and implementation approaches.  

Co-operation will be sought in the areas of:

  • Cyber awareness and capacity building to enhance cyber resilience: including facilitating the participation as third country representatives in specific EU-wide cybersecurity exercises or training, possible secondment arrangements, and the sharing and promotion of cyber awareness tools and programs.
  • Best practice exchange to ensure alignment of legislation and implementation; including on key cyber legislation implementation such as NIS2, and sectors such as telecommunications and energy.
  • Knowledge and information sharing to increase common situational awareness: including a more systematic sharing of knowledge and information concerning the cybersecurity threat landscape to increase the common situational awareness of the stakeholders and communities.

“The malicious manipulation of information and cyber-attacks is a key element of Russia’s aggression against Ukraine,” Josep Borrell, the EU high representative for foreign affairs and security policy/vice-president of the European Commission, said in a media statement. “Well-known hybrid tactics are being exploited by Russia on a new massive scale, targeting not only Ukraine but also the European Union. This makes today’s arrangement on enhanced cooperation for cybersecurity even more important. The arrangement is an additional essential component of our overall support to help Ukraine to defend itself against Russia and of our long-term commitment to Ukraine’s security.”

“The European Union will continue to support Ukraine in its fight against the Russian aggressor and on its path to membership of the European Union,” Thierry Breton, European Commissioner for Internal Market, stated. “Today, we bring our cybersecurity agencies closer, launching joint work on prevention of attacks on critical infrastructure, cybersecurity skills, and capacity building.”

“The widespread use of cyberattacks in Russia’s war of aggression has been met with a fierce and resilient defense by our Ukrainian partners,” Juhan Lepassaar, executive director at ENISA, said. “It has also greatly increased our own levels of alertness and preparations in the EU. We are looking forward to implementing this Working Arrangement – ENISA’s first with a partner from outside the EU – in an effort to boost a higher common level of cybersecurity across Europe and as a contribution to the EU’s continuing support for Ukraine.”

“This is a historic day for our nation and definitely an important step on the Ukrainian way to the European Union. Cooperation with ENISA opens up new opportunities for strengthening cooperation in the field of cyber security and sharing best practices with EU states,” Oleksiy Danilov, secretary of the National Security and Defense Council of Ukraine, head of the National Cyber Security Coordination Center said. “What is especially important now when Ukraine is at the forefront of the global cyber war, which the Russian Federation is waging. Joining our efforts will strengthen the European cyber security system, and Ukraine will participate in the formation of strategic approaches and development of new policies in the field of cyber security and cyber defense at the international level.”

“We highly appreciate the cooperation with ENISA and the support that EU countries provide to Ukraine. Cyberspace has become a full-fledged component of the war that Russia has waged against Ukraine,” Yurii Shchyhol, Ukraine’s SSSCIP chairman, said. “This war has also given the whole world a clear understanding that the civilized world only together can resist aggression in cyberspace. We are ready to exchange information and share Ukraine’s experience in the world’s first cyber war to help each country become stronger in the face of new threats.”

Last week, Mandiant researchers disclosed that late last year it responded to a disruptive cyber-physical incident in which the Russia-linked threat actor Sandworm targeted a Ukrainian critical infrastructure organization. The incident was a multi-event cyber attack that leveraged a novel technique for impacting industrial control systems (ICS) / operational technology (OT). 

The Sandworm hackers initially used OT-level living off the land (LotL) techniques to likely trip the victim’s substation circuit breakers, causing an unplanned power outage that coincided with mass missile strikes on critical infrastructure across Ukraine. Sandworm later conducted a second disruptive event by deploying a new variant of CADDYWIPER in the victim’s IT environment.

Anna Ribeiro
Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.

A complimentary guide to the who`s who in industrial cybersecurity tech & solutions

Free Download

Related

Securing cloud, IIoT in Industry 4.0 emerges crucial for protecting industrial operations across OT/ICS environments
Securing cloud, IIoT in Industry 4.0 emerges crucial for protecting industrial operations across OT/ICS environments
Dragos reports decline in ransomware attacks on industrial sector amid law enforcement measures
Dragos reports decline in ransomware attacks on industrial sector amid law enforcement measures
MITRE's CREF Navigator aligns with DoD's CMMC to boost cyber resilience in defense industrial base
MITRE’s CREF Navigator aligns with DoD’s CMMC to boost cyber resilience in defense industrial base
UK’s NCSC debuts CAF v3.2 to address rising threats to critical national infrastructure, boosts cybersecurity readiness
UK’s NCSC debuts CAF v3.2 to address rising threats to critical national infrastructure, boosts cybersecurity readiness
Cisco Talos details ArcaneDoor campaign found targeting perimeter network devices across critical infrastructure
Cisco Talos details ArcaneDoor campaign found targeting perimeter network devices across critical infrastructure
Forescout report warns of growing security risks to critical infrastructure as OT/ICS exposed data escalates
Forescout report warns of growing security risks to critical infrastructure as OT/ICS exposed data escalates
ASIS Foundation reports on impact of autonomous vehicles on security and technology
ASIS Foundation reports on impact of autonomous vehicles on security and technology
European Commission makes €112 million investment in AI, quantum research under Horizon Europe program
European Commission makes €112 million investment in AI, quantum research under Horizon Europe program
MITRE unveils ATT&CK v15 with upgraded detections, analytic format, cross-domain adversary insights
MITRE unveils ATT&CK v15 with upgraded detections, analytic format, cross-domain adversary insights
RMC
Risk Mitigation Consulting acquires Securicon, boosting cybersecurity and mission assurance offerings