Preparation, resilience and self-reliance are the traits that cybersecurity professionals need in the fight against cyber threats, according to former Ukrainian foreign minister.
Dmytro Kuleba, who served as Ukraine’s Minister of Foreign Affairs from 2020 to 2024, shared several stories of wartime experience that chimed with attendees at Infosecurity Europe.
The first has a powerful message for incident responders. Kuleba cited the massive outage at telco KyivStar, which was swiftly remediated by the company after Russian hackers struck in December 2023.
“You don’t know what and how it’s going to happen, but you can practice, brainstorm, calculate and prepare so it becomes your muscle memory of how to behave in a crisis situation,” Kuleba said. “You plan, not to follow the plan but to know your environment perfectly. And to develop instincts of survival in this environment.”
Kuleba practices what he preaches and he began “strategic planning” for a possible invasion a year previously in his ministry, wargaming what would happen if employees had no access to online messaging apps.
This forward planning is essential, even if an eventual incident turns out differently to the plan, he argued.
“When [the invasion] happened, we evacuated our servers to a safe place abroad. Almost everything else we did differently [to the planned scenario] under the pressure, of circumstances” Kuleba explained.
“But we didn’t waste a single a second figuring out what was possible or impossible, because we knew all of that in advance.
“If you care for your company, you have to prepare for the worst. If it happens you will still be instinctively capable of winning even if your initial plan is ruined. If it doesn’t happen, you’ll find yourself in a stronger position.”
Security and Self-Reliance
Kuleba also shared how cybersecurity is being prioritized by even the smallest Ukrainian businesses through their experiences of the war.
He shared how Russian operatives target Ukrainian officials and their families by hacking CRM systems used by innocuous businesses like nail bars, gyms and barbers in order to build a profile of targets’ movements.
“If even CRMs can be weaponized even the smallest business will have to invest in cybersecurity to protect itself from such a breach,” Kuleba argued. “This is the trend Ukrainian businesses are very much looking at.”
A second lesson from the tale is that the CRM software in question is usually Russian – provided by software companies over a period of years through “lucrative offers” to Ukrainian businesses. Although it’s unclear whether this aided Russia-alligned hackers, there are lessons to be learned, Kuleba claimed.
“Even such innocent software as a check-in system at a restaurant … can help your enemy,” he said. “Do not trust the products made by your potential enemy. In principle, self-reliance becomes the driving force.”
Kuleba ended on a defiant note, highlighting how Ukrainians survived their “worst winter in modern history” recently and are now on the front foot.
“Resilience is not about being prepared to repair the disruption. Resilience is your ability to keep repairing the wrecks as destruction becomes the new normal,” he said.
“Giving up – whether you’re fighting a cyber-attack or a thug on the street or a nation that tries to destroy you – does not bring relief. It does not bring the end to your suffering. It only multiplies it.”