Government

State Department pledges $8 million more in cybersecurity aid to Ukraine

The U.S. has increased cyber aid to Ukraine after Russia-linked cyberattacks on power grids in 2015 and 2016.

March 3, 2020

Gamaredon has overwhelmingly focused its hacking efforts on Ukraine (Getty Images).

The Trump administration’s handling of U.S. military assistance to Ukraine sparked an impeachment inquiry, but U.S. cybersecurity aid to the Eastern European country continues to flow, unimpeded and under the radar.

The State Department on Tuesday announced an additional $8 million in cybersecurity funding for Ukraine, whose electric utilities sector has at least twice been struck by Russia-linked hackers in recent years. One of those cyberattacks, in 2015, plunged a quarter of a million Ukrainians into darkness.

Ever since then, Washington has tried to ramp up Ukraine’s cyberdefenses with funding and strategic advice, including through a project to help Ukraine develop a national cybersecurity strategy.

Some of the new funding will be used for building out Kyiv’s legal and regulatory framework for improving cyberdefenses, the State Department said. The new money is on top of the $10 million in cybersecurity aid the U.S. previously pledged to Ukraine.

MITRE Corp., a federally funded not-for-profit, has been contracted to implement some of the existing U.S. cyber assistance to Ukraine. That means helping the Ukrainian government carry out a national cybersecurity strategy to develop a stronger cybersecurity workforce and to better manage hacking threats to the country.

“Ukraine has a very robust technical workforce,” MITRE’s Johanna Vazzana, who is working on the Ukraine project, told CyberScoop. “They are actually very well ahead of many places in the human capital they have access to.”

The challenge is putting those technical capabilities to use with good cybersecurity jobs in government and the private sector, and getting all elements of society involved.

“Creating a tighter connective tissue between government, industry and academia” is key, Vazzana said.

With an onslaught of Russia-linked hacks against Ukrainian organizations, some U.S. cybersecurity companies have been committing more resources to Ukraine.

Talos, Cisco’s threat intelligence unit, which helped expose a suspected Russian botnet that loomed over Ukraine in 2018, is one of those companies. Talos has made six or seven trips to Ukraine and has resources in the country it draws on regularly, a company spokesman said.

FireEye also “has an established research team in Ukraine,” said Charles Carmakal, CTO of Mandiant, FireEye’s incident response unit. “We anticipate seeing an uptick in attacks on this region by Russian operators due to current tensions.”

The State Department’s funding announcement came as U.S. officials visited Kyiv on Tuesday for the third round of a cybersecurity dialogue with their Ukrainian counterparts. They discussed efforts to attribute cyberattacks to perpetrators, security concerns around 5G wireless networks, and training in securing industrial control systems, according to a State Department statement.

Ukraine was one of several allies to join the U.S. in blaming the Russian government for cyberattacks on thousands of websites in the Eurasian country of Georgia last October. Moscow denied involvement in the attacks.