The Security Service of Ukraine has established regional cybersecurity centers in all regions of Ukraine. Their task is early identification of vulnerabilities in local critical infrastructure, thwarting and neutralising cyberattacks on these facilities.

This was stated by the Chief of the SSU’s Cybersecurity Department, Volodymyr Karasteliov, during his speech at the Kyiv International Cyber Resilience Forum.

‘We focus on proactive measures. In particular, on preventive detection of vulnerabilities in critical infrastructure protection systems. To this end, we have set up a network of regional cybersecurity centres, operating in every region. Our teams are located close to important facilities and are ready to quickly detect and neutralise any cyber threat,’ said Volodymyr Karasteliov.

In addition to the speech, the head of the SSU Cyber Security Department gave an interview to Forbes on the sidelines of the forum, noting that strengthening of the SSU’s digital capabilities is one of the priorities set by the Acting Head Yevhen Khmara.

‘The technological development of the SSU and the continued strengthening of its digital capabilities have been identified as a top strategic priority by the SSU Acting Head Yevheniy Khmara. To prevail against a powerful adversary, we must always stay one step ahead,’ said Volodymyr Karasteliov.

He informed that, since the start of russia’s full-scale invasion, SSU Cyber Security has neutralised over 14,000 large-scale cyberattacks and critical cyber incidents.

Most enemy intrusions targeted government resources and strategically important enterprises in the energy, transport, and defence sectors.

Volodymyr Karasteliov also spoke about one of the SSU’s most successful recent cyber defence operations. The Service’s cyber experts carefully studied the Pterodo virus used by the enemy and developed specialised software that prevents russian hackers from extracting data from devices infected with it.

For a lengthy period of time, this will prevent the enemy from obtaining the information it seeks. Importantly, this includes sensitive data stored in the electronic systems of critical installations belonging to the Ukrainian Armed Forces.

‘According to our estimates, approximately 18,000 devices in Ukraine have been infected with this spyware virus in recent years. We thought long and hard about how to counter it. We studied it for several months and finally found a vulnerability. We developed software enabling us to encrypt the stolen information during its transit to the attackers, rather than cleaning each infected device. This is one of the Service’s successful cyber operations, which was reported to the President of Ukraine by the SSU Acting Head, Major General Yevhen Khmara,’ Volodymyr Karasteliov emphasised.

The Cyber Department Chief pointed out that in order to strengthen Ukraine’s cyber resilience the Service cooperates on an ongoing basis with other state bodies, operators of critical infrastructure facilities, and the expert community, as well as continuously shares its expertise with international partners.

‘Cyber resilience and cyber defence are formed through interaction. They are not built within a single country, but are created through joint efforts. Ukraine's experience, which is based on real war conditions, has practical value and is already used by our partners today. Readiness for joint action, trust between allies, and the exchange of practices are key to future common security. After all, cyberspace will remain a field of confrontation even in peacetime,’ Volodymyr Karasteliov concluded.