 and welcome to tent abacus on day four of mch 2022 we are still waiting for one of our speakers he will be here any minute second week day from now um while we are here um who of you is uh is attending a hacker camp for the first time can i have a show of hands awesome are you enjoying it excellent have you signed up for it who has signed up for an angel shift yet show of hands come on uh come on that should be more there's still time to do so please please please do sign up as an angel it's very simple you get wonderful beautiful t-shirts you get a warm meal for it and if you're picking up one of the highly exclusive trash um trash shifts you even get a physical badge for for your effort so please please do sign up as an angel we need we need more of those and um um need any help that we can also if you want to stay for tear down you will get a meal you will get fat you will get water and you will get a warm warm feeling of helping us um clean up the event afterwards so everyone's sleeping on the on the premises right no no hotel guests no everyone's so hands show of hands who has been bitten by mosquito yet okay uh more than one bite and show of hands more than five hand more than five bites uh come on where are you all the time in the tent well um from what i've heard our speakers almost there we're just verifying the last few details and then we should get going um yeah i think i don't have to defragment it's still good still places are still seats available right yeah come up oh yeah um if you if you have a pre-ordered merch please pick it up at the merch shop over there um because otherwise it would get sold to somebody else who hasn't pre-ordered i mean they are probably happy about it but you won't um also i found unfortunately there's no seating on the sitting on the floor even at the back so please find yourself a chair there's plenty available even up at the front with a good sight of everyone um do i do i have any any more talking points let me guess to apply sunscreen so the the rain is dropping of your body more easily that's also a good idea okay it's always fun when the speaker shows up a little bit late but we are we are he gets he gets he gets cabled up so we are ready to go hi man so without further ado um as you prob as no hello and welcome to msh 2020 do this is day four this is tent ebacus as you probably have noticed um when the politics um decided that the pandemic is over um yeah good joke um there was also a war started in europe's backyard um and for the first time um cyber in what several forms also played a major part to introduce you to the panel that will discuss all these topics i will hand this over to kirill's so please give kirill's and his panel a very warm round of applause hello hello everyone so it's been a nine nine year old war nine year long war but it's been a full on hell in ukraine for full five months yesterday that's five months and one day since the renewed invasion of ukraine already uh this is a an important topic this is not a not a fun topic but it has to it has to be discussed we're here today to take 90 minutes of your time and discuss it from the cyber perspective but also of course we cannot forget the sacrifice the lives being given as well on the battlefield uh here today with me is uh peter van den howell security analyst from saxion university of applied sciences yeah uh we have also chris kubek who is a ceo and founder of hyposec netherlands and the shingles chair for the middle east institute of cyber security and emerging technology program and remotely we have anastasia vitava who is head of customer solutions security engineer at cosac lab she's joining us live from ukraine yes so i want to start and and thank you so much anastasia especially to you for joining us uh since i know it's it's it's very much to do right supporters from from outside ukraine many of us here are supporters of ukraine that are we are not in ukraine uh we have the privilege of taking a day off or a week off people in ukraine don't have that they have to work every day to keep their country safe and secure so i'd like to start with you anastasia since this is a nine-year long war already i want to just bring everyone up to speed and and and just go back in time a bit here and talk about 2014 how did you perceive 2014 what was your initial reaction well in 2014 i when i was 24 i got my master's degree in software engineering and i was already working right so i was not expecting the war and suddenly my whole career afterwards it was all related to the war right so as a young professional as someone who works in software i didn't have a chance to enjoy a peaceful life that's all and i live in kiv i'm not in kiv right now but i live in kiv in the capital of ukraine and since 2014 we got really a lot of people moving from the east parts of ukraine to kiv to capital people rebuilding their lives right and a lot of my colleagues are from the east parts of ukraine and that war in 2014 in effect it affected everyone even if the shelling was located in the east it was felt everywhere everywhere across ukraine what about you personally um would you be willing to share um some examples from your personal life how that affected you so i didn't know how you feel about um young women but instead of buying dresses and sweets like that i was buying a new sort of equipment because in 2014 we already have this strong volunteer movement and i was buying a lot of things i never thought i would be buying and i got up to speed with all this shooting with fast age these anti-terrorists but what to do in case of terrorist attacks and things like that so i just you know um personally i think most part of my conscious adult life is connected with the war in one way or another right and i remember after a couple of years living in ukraine i went to um litva i guess and i seen fireworks and i was super scared and again i was living in kyiv in the capital so without all the shelling but right now in 2022 i don't know if i will be enjoying fireworks ever in my life like ever because i don't like loud sounds there was a thunderstorm here two days ago and it was quite scary because of the sound so yeah personally i think all the premiums are affected since 2014 and your life this is nine years and right now it's uh five months and one day of the full spell invasion recombinates every day thank you um the cyber front was also not static for the past nine years uh cyber activities were there from 2014 onwards so uh i'd like the panelists to chime in on not petia black energy all the other activities that the russian hackers were conducting um if if we could start by outlining what it is i'm sure that nine years is a long time for for some of you some of you are around 18 here right so um you may not be aware of the attacks maybe we can have a panelist that can outland that uh anastasia would you be able to do that for us just a couple words about what not petia is technically what uh black energy yeah this is one of the named cyber attacks to the critical infrastructure in ukraine and then over the world uh these are only ones i mean i'm sure there are more of them but these examples are well studied and there are books about them there are Wikipedia articles basically black energy and then later petia not petia uh like a critical infrastructure malware kind of things that affected short critical infrastructure in ukraine especially black energy we had some kind of blackouts like brownouts how we call it and then um petia not petia has affected a lot of enterprise companies all around the world i think if you don't know about that we will really recommend reading a book about sandworm yeah yeah so it's interesting how um not petia initially masqueraded as a ransomware right but it turned out to be a government malware the instructed malware that they had no intention of collecting any money from the victims they just wanted to damage certain sectors in ukraine um peter may i ask you to tell us briefly about your life before the 24th of uh february how far do you want to go on that one yeah let me start first for where my journey regarding ukraines uh began um i think it's already 2013 the end of 2013 beginning of 2014 um where you see courageous young people taking stave into their own hands and um go out for a protest against their at that moment current president who has to sign an association agreement with the european union um i was touched by that you see young people fighting for something that we hear in uh in the rest of europe take for granted and that is freedom and that is destination uh that is more or less fair leadership uh democracy which wasn't the case back in 2014 in ukraine so i was touched by that and um yeah i started digging into what is going on there because i have to be honest i knew little about ukraine only the fact that we had a foundation in our small village that takes fostered children over for the summer vacation and stuff like that um but that's it that's all i knew about ukraine um now then of course in 2014 um a really terrible disaster hit dutch society as well uh 298 people died in a really coward action of what i considered to be uh yeah it's clear really clear that russian army was behind this attack um and yeah of course there is a race inside you and you know already that there is a war going on but now it comes really close it just starts getting innocent people and that yeah are just flying over a country so that's a fear the race and um yeah then you see in 2015 2016 uh i discussed it with chris as well and an uprise of what i call a pro russian narrative on what i think this doesn't fit into dutch society you see certain movements within dutch society uh getting fueled up you see a certain narrative getting into the media and that's for me where i started to get to dig into this and get into dig into this topic what actors are involved uh how do they hold up to each other and in 2016 we had the referendum in the Netherlands about the association agreement in ukraine um yeah from that moment on i was actively involved with a couple of other people uh gathering information about certain things that happened here um and yeah until now i'm involved in that kind of uh yeah the stuff and um yeah and since 2018 and that's where i met anastasia as well uh i'm attending to the no-name con conference in ukraine uh because i have a strong belief that uh we should at foremost and even back then support ukraine on the pathway uh getting into the european union and uh from a cyber atmosphere i try to yeah be kind of like an ambassador or whatever you want to call it uh but intermediary uh to to to make the community here and they're aware of each or and of each other's capabilities and yeah that's in a short brief until uh thank you thank you for that we'll certainly take a minute near the end of the panel to talk about uh EU uh ukraine cooperation and nato um ukraine cooperation as well uh but to move on talking about the cyber front we first need to answer a really simple question as anastasia i'd like to ask you the question so uh because you are the best person to answer that how digitalized is ukraine because many people aren't aware do you have digital services how advanced they are how long have you had them oh actually it's a good test uh for ukranians because many people um like you know since 2017 i guess ukranians can go visa free to shengen area and many countries of european union so they could they can compare really easily and a lot of feedback what i have here is that ukrainian digital services are really really sophisticated compared to some countries in european union so we have everything digitalized okay not everything not maybe the level of estonia but a lot of things are digital uh we do have this d application you probably heard about that this is a mega application of ukrainian government that allows to have in one application your id like a passport id your driver license your covid certificates uh recently they start doing evoting kind of polls in this application asking people opinion on guns control and things like that right so this is the main application that allows you to to move in ukraine without your id card or without your passport because you have a mobile app for that um then we do have all banks have zero applications and things like like when more kind of things are very popular so you can send money to other people accounts in in the blink of an eye right it takes like seconds literally uh applications like monobank allow you to get together shake your app and send money again it's it's not like some kind of new things they're just super spread out right in many many shops uh you can you can pay with a pay pass so i just use typically i use my apple watch and this is all i need is to pay for something uh all the tickets everything can be bought online so typically you don't need to have you know a lot of papers with you and i i read this joke in twitter which is not a joke uh you know about air raid syrians so when russia launch missiles we receive an air raid syrian which is um which we call trivoga trivoga means like emergency some kind of uh and there is a map digital map of ukraine with regions and those regions become like red because the air raid syrians are on in this region so depending where russians send their missiles to different regions become red and if you watch the map you see it's changing from red to green again so the the application for air raid syrians was built on february 25th it was available in all the app stores uh and it's widely spread and a couple of days later the delivery services like food delivery services got synchronized with this application so if you are ordering food from kfc for example and there is air raid syrians ran in your city your delivery will be paused during syrin and then depending states either you will get money back or the career will arise a little bit later after air raid syrians so we are talking about this kind of uh digital life here and of course uh when many services are digitalized everything can be broken right and this is why we're here yeah but that is an amazing example not only of the digitalization and using technology to to actually uh survive and and uh try try your best to live normally during such situation it's also a great example of fast response so one one day after after the missiles hit you had the app that's uh that's impressive um chris i understand that you were already busy helping ukraine before the 24th of february can you tell us more about that uh certainly so uh part of my background is i've dealt with uh one too many nuclear cyber attacks and uh one of the things i was asked to do was there was a fear that one of either in production or decommissioned uh nuclear facilities would get hit by a cyber attack um uh one of which uh uh intranobal uh this had happened before someone was able to hack the radiation sensor that showed online and this was back in 2018 pushing a false reading up uh so those types of things can cause panic uh not only that but obviously if you're hitting a in production uh control system that's attached to a nuclear facility so i ended up catching the very last air france flight in on the 20th uh all the rest of my flights were canceled especially after the airport was kind of destroyed um so i got to see some of the uh cyber buildup and what was going on uh so a bunch of atm machines and banking logins uh didn't function the way they were supposed to be uh some were intermittent some were denied service for a while um there were also hits against government websites in ukraine and while they were getting hit uh when i would hit refresh over and over again i would also notice that a bunch of them started switching to cloud flare uh very very quickly uh so by the 21st 22nd a bunch of government sites were then on cloud flare luckily um there was also a cyber attack in luhansk against the water infrastructure uh which the russians tried to turn around and use against ukrainians saying look at what they're doing to our people in luhansk when it was absolutely untrue so there were a lot of these like kind of false flag kind of events but also related to cyber attacks i mean why would ukraine want to take out all the water in luhansk there's no reason for it um but you know media spends things there were also uh interruptions in some of the ukrainian apps and that was starting to happen right before the first bomb started to drop and one thing to understand is some of these effects if you want to buy something how many of you have cash on you right now can i have a show of hands how many of you have more than 200 euros on you cash really i swear to god i won't rob you the reason i ask that is if you can suddenly you can't take money out of an atm machine or your google pay is disrupted or your regular way of paying is disrupted and you suddenly have to flee because there's shellings you can see paratroopers in the sky you hear about columns of tanks um you kind of need cash especially when the russians were starting to disrupt internet service and your host if you don't have a bunch of cash right so it's a psychological thing where people start fearing what's going to happen if something really does so it's very upsetting and it's something to think about so these things started building up and it was very funny where when some of the cyber attacks started to hit as well as one of the first series of wiper attacks most ukrainians in kiv that i spoke to were like oh yeah it's all cyber we don't expect our electricity to stay on tonight because it was just expected that there would be cyber attacks against infrastructure so that's how normalized to a certain extent things had become when it shouldn't have been you know this is one of the problems where there this war has been going on for quite some time and it's become so normalized uh so um i ended up having a very interesting experience i was in the capital uh at the hotel that most of the international journalists were at the intercontinental so i got over beers lots of additional information and and things of that nature that i might not have gotten elsewhere and when on the 23rd we had received a pentacon briefing saying that the pentagon thought that shelling would begin at 4 a.m and of course that's the last thing you want to hear when you're in a capital city and you're hoping hey you know there's just been a lot of media maybe it won't happen maybe it's you know what have you because nobody really wants to get shelled instead on the 24th at 4 a.m everybody got woken up and i must add since the buildup from monday the 21st most people really weren't sleeping because things were already coming over the east so here you're surviving on no sleep you're thinking oh i just want to get a little sleep and then boom and it's it's not a pleasant thing you know how many of you have woken up to a fire alarm a few now imagine a fire alarm times a million because you've just heard a shelling and you go to look out your window and the sun's starting to come up a little bit and you can already see columns of smoke so this was just not a pleasant experience so i hope i i set the stage between me and anastasia of how it was when the war for first began thank you to continue on that note and and and help the audience here and online better in the context anastasia could you tell us about your personal 24 hours around the morning of the 21st of of february so the previous night and and and the morning what did you do can you walk us through through your time then first of all i totally agree with chris news were very disturbing for a couple of days already right and you remember that when news about the russians will attack in february 16th which didn't happen so everyone was like relaxed for a day but then again you started falling out and yeah many people didn't have enough sleep and we were like it's it's some kind of very anxious and disturbing expectations of something you really really really don't want to happen and part of your consciousness understand that there are real risk but another part really tries tries its best not to think about it you know what i mean on february 23 i was working and i seen some friends in the evening and i got back at home and i continued working because the news were pretty disturbing so i didn't i was not feeling relaxed i was not feeling ready to go to sleep i was working until i feel i will feel you know as tired that they will just go and sleep and i ended up like near 2 a.m or something which i decided okay so it's february 24th 2 a.m key of time i decided well enough let's go to sleep i um i got into my pajamas and i tried to sleep but i was scrolling twitter i was reading news and it didn't actually help because in some point they closed the the air the airplane space above Ukraine and this was a sign we know really well from 2014 this is a sign of disaster this is a sign of plane this is a sign of shelling this is a sign of missiles so after this news i was like okay it looks like something will happen tonight and i didn't catch any any sleep at all on some point again i was reading news and i seen this meeting in a room and Putin saying something something and then my twitter feed stopped saying that hey Putin has declared war and i was like well maybe it's someone overreacting but then these news continue to you know the same news continue to repeat and i was like okay looks like we are in real trouble right now it was near 3 a.m or 4 a.m key of time and i got from the bed no sleep remember and i uh i decided to finish packing my bag because my bag was already packed because for months months before February all Ukrainian media they were sharing the stories how to pack your panic bag what do you need to have as a first aid kit how to make sure that your shelters at your house are okay and safe how much water do you need and things like that right so it was not like out of the blue so i decided to finish out to finish packing my bags and i was like packing everything and near five in the morning i heard first explosion and first i was like well maybe it was something else who knows kiv is a large city if things happen during night but then i heard the second explosion and i was super scared uh i watched all the time and later i've seen my heartbeat and it was like you know 80 80 80 180 yeah hearing missiles hitting your home city is not the best experience ever so i finished to pack my bag really really quickly i called my mom my mom was already packed because she was expecting something and i told her hey mom so this is kiv near six a.m five thirty five forty something that i called my mom and i told hey mom please leave right now take your bags take your jaw leave because the city will be jammed in hours and the city was jammed and then people who were trying to leave later in the morning around eight or nine they stuck in a traffic jam they could spend hours trying to get from the city kiv is a huge city it has like four million people three and a half including us in agglomeration and it's located in two banks of the river so people who are trying to escape from another bank they spend fully hours in traffic jams okay right so i told my mom to go and did the weather one decision and then um in my company we were also prepared so we had the new campaign plan we had the vacation point and we just brought everyone in slept in six a.m saying hey who is ready to go right now gather here and here and we waited until people start gathering um and we packed some food and some water and we packed cars and we drove away in the morning of february 24th uh in different in in couple of in several groups moving into different cities on the west side of ukraine consisted of three cars totally packed children bags absolutely packed trying to find safe routes and to make now imagine millions of people are driving away millions right they're all at a jammed as well and we were trying to find routes not so jammed at the same time we have this column of cars we cannot just you know drive away we need to stay as a group uh so in many cases we took safest route instead of the quickest route and one of these decisions led us into staying at traffic jam for 12 hours since nine in the evening to nine in the morning on the next day we slept in the cars in a field and of february it was not very warm let's put it this way but then we successfully moved to two locations we wanted to move and again divided our groups and we started working on february 25th because as a security engineers we are involved in to supporting some kind of critical infrastructure first other group was working on february 25th and they didn't have any weekends through march our second group my group uh we went to the mountains so ukraine is a huge country and it has mountains open mountains we went to the compacted mountains we find some kind of hotel we created we spent weekend building up the infrastructure satellite internet all this you know internal rotors and since we need and we on monday monday february 28th we were working as well and when i say working i don't necessarily mean working on commercial projects as a company which we continued but also doing working in terms of doing a lot of sudden help insecurity for other companies that become target of cyber attacks that needed to help with the data security and then we were involved in many military related volunteering activities and we stayed in this we are still in this mode right it just we did everything correctly for the first 24 hours we ever created almost everyone from kiv and from different cities as well we regrouped we created second office on the west part of ukraine and we continued our operations you know business as usual thank you yes we would like to to hear more of course about the the cyber operations what you can tell us what you can tell the audience and the internet in in a second uh but uh chris uh i understand you were also in kiv where anastasia was and just for the context to get from kiv to the uh western border of ukraine it's 500 kilometers it's not it's not super far ukraine is a large country what 500 kilometers which you can usually make in in in in some amount of hours right and as anastasia mentioned uh her experience was was in a traffic jam for for 12 hours and we here we heard why why why that can be because the largest traffic jam that i experienced in some of the in in some of the bad countries with bad infrastructure are not 12 hours but in war of course it's it's really hard which is also why anastasia could can't can't join us here uh physically today because traffic is still uh quite unpredictable uh chris how did your um mission continue or changed after after it became kinetic in kiv uh well uh so uh i we decided to uh leave ukraine and we saw that the traffic jams were building up we had waited for some other people to evacuate but unfortunately after loading them up they panicked took all their luggage off and somehow thought that they were going to hitch a ride even though they were american and did not speak ukrainian so i don't actually know what happened to them but it gave us time to uh grab eight romanians who had no idea how to get home because their employer uh wouldn't answer their call when everything happened uh so it worked out and we decided to go a southern route and over initially a bunch of farmers roads and we actually got stuck in one of those roads in mud but we're trying to avoid the traffic jams and also as as anastasia said take the safest route not the shortest route we wanted to stay away from any sort of military targets uh the first time we were going to take a break we had two vehicles a sprinter bus and a car so we had 26 people with us with kids i'm not used to kids they never let you sleep um but uh we were going to take a break uh south of kiv and one of the uh next sort of biggest cities and uh i'd had a dutch friend uh tracking me via gps and right when we were about to pull in he goes don't go to that town uh bombing is imminent and so we immediately turned right and in less than a minute they started shelling that entire town uh so we would have walked right into a bunch of uh shelling and we drove for about oh i want to say 22 hours uh the uh first evening going through these villages and so forth finding out that the Wagner group had actually planted people in some of these villages trying to set up checkpoints we found propaganda leaflets and i even took a picture of the truck that was dropping propaganda leaflets which was inviting the Ukrainian people to welcome the russians with open arms um which i think they underestimated the Ukrainian people quite a bit and we ended up finding a hotel in the middle of nowhere not usually open but far away from everything because we're hoping we wouldn't get bombed um and then trying to go over the border and uh we chose this syriette romanian border and when we got there the next day there was just a huge traffic jam i think there was something like nine kilometers of traffic just to uh get up to the border and there were reasons for that i found out later uh on i think the next day uh was that the Ukrainian border patrol had been hit by a wiper virus so it's important to remember is um uh when you're trying to get over a border ukraine had an exit procedure like many countries do and they were also checking to make sure that you were eligible to leave if you weren't actively conscripted or not if you're a medical personnel they wanted you to stay if you were going with your children they wanted to make sure that those children were actually yours which is kind of a good idea right um but uh again if if you're fleeing not even though the Ukrainian government like many governments say hey prepare do this do that well many people were hoping it wouldn't happen and some did not prepare so if suddenly your neighbor's house is on fire or part of your house has been blown apart you might not have that go back with your children's birth certificates or your passport or things like that um so obviously the Ukrainian border patrol did not want to let anybody take children well because of the wiper virus uh they were down to literally pencil and paper only letting one car through and so if you saw some of those pictures of uh kilometers and kilometers of traffic along some of the borders that's one of the reasons why it was slowed down and it caused a humanitarian crisis in and of itself uh the border crossing that I was at uh one woman froze to death because she was there was uh two petrol stations one on each side and she was waiting in a very long line to use the bathroom and it was very cold uh so she froze to death I mean we ended up sleeping in the sprinter van again the children did not let me sleep but they're wonderful children and uh because they had already restricted the sale of petrol uh when the war started we could only keep uh the heated seats on for myself and Misha we were trading off driving while everybody else tried to sleep in the back but we couldn't keep the heat on because we might not have enough fuel to make it if we had to stay any more days in that traffic jam so we were fighting to make sure we had just enough heat to stay awake and keep moving while everybody put together their jackets and slept in a big pile to try to keep warm because we didn't want to die of hypothermia so it was very striking it might sound cool but in reality it's not I'm now the first person to discover a Geneva convention violation through the use of cyber and that was at the Ukrainian border patrol when I went public with what happened sounds cool but I've seen the human effects people had to try to walk across the border because they didn't have enough fuel there were mothers pushing babies there were people in wheelchairs or people walk barely walking through and it was cold it was snowy it was icy it was unpleasant and because they could only process one car at a time or one person at a time people lined up at the border luckily when he got close enough within half a kilometer they tried to give people tea but there was no place to sleep there was no place to keep warm and you were just standing there if you weren't in a car all because of malware or russian wiper virus thank you for for that sharing that experience with us Peter what was the first thing that came into your mind when you heard about the missiles landing in Ukraine what what do you think what do you feel yeah you saw an uprise of activities going on for weeks but yeah I was bluntly naive to believe that Putin would be that stupid to make such a move so you keep in mind that yeah he wouldn't be that stupid although you see an uprise of troops on the border of Belarus Russia still remember the day before the 24th I had the positive COVID-19 result so I felt already really shitty like if something happens I'm bound to the house because of restrictions and yeah indeed it happened I saw it really quickly in the morning because I really slept well already for weeks so when the first message is coming in that they're bombing Ukraine what you first do is start contacting people like Anastasia friends you know from the con friends you know from Ukraine how are their relatives doing and for me the the days after like that contacting if everybody's safe where what is their position what information can I get for them to the country or even get to save a part of the country and yeah that was for me the weeks after but at most it was disbelief how can in 2022 such a world leader we now considered to be a bloat dictator can make such an action and can affect so many lives for five million people are now displaced within Europe in the Netherlands 17 million that's one third of the and you can take other countries as well that imagine yourself that like Anastasia described as well that you get the message that there are bombs dropping on your country and you have to grab as much as you can and you have to leave your house not knowing where you're going not knowing to a country if you can speak the language of how the weeks upcoming even months upcoming so my first concern in the weeks after war really about people I got a request from professor from harkiv can you please take care of the daughter of my wife and his son so we did then you get requests from people who are in the foster of in the in the homes as well can you please assistant on on legal matters so my weeks after the the war were really filled yeah like that people first Anastasia Chris previously mentioned the attack on border patrol of course could you could you share the most prominent attacks that that you can share that the Russians performed on the cyber infrastructure of Ukraine and how did those attacks if at all changed over the time of five months yeah um to talk about this let's spend 30 seconds on my background I'm a security engineer and I work in data security company so we deal with cryptography we do have our own open source flow source solutions for data security for for encryption and we often build security solutions that involve different kind of encryption anonymization technician communication yada yada yada yada so experience is related really a lot to companies whose data was a target of cyber attacks right um for the first the first months we seen crazy things how russians attacked non-military targets just simple commercial companies just because you know because they can't I remember a call that lasted nine hours together with our engineers and the engineers trying to do incident response trying to understand what was hacked what data like how data was corrupted if there are backups what should we do how they should risk it up the infrastructure because we strongly advised you know to wipe the server and to set up new ones from spread we've seen attacks on and these are not military related companies these are not critical infrastructure companies these work companies with just funny names some names were um related to some governmental services names so it feels like people who attack those companies didn't really understand what they are attacking and why they are attacking then we've seen companies that stopped operating in Russia right and they were trying to protect the infrastructure they were trying to protect their data and their access from Russia geography let's put it this way and they were protecting and they for example they have some servers physical servers in Russia so their goals were to protect those servers or maybe to use it as they're already physically located in Russia for some other purposes right then as I mentioned previously we do work with um some critical infrastructure with OT with operational with a with hardware telemetry kind of thing so secure telemetry and we spent really a lot of time for the first months to in rebuilding some security layers some data protection layers of huge enterprise companies to make them more resilient for for cyber attacks and you might see that many Ukrainian companies switched to a cloud so this these first months many companies did like emergency migrations they migrated their infrastructure from physical servers located in Ukraine to fully cloud solution and it of course brings all the security risks and all the zero trust approach will last a lot but under pressure missiles and the constant need to recreate your family somewhere right um so regarding regarding the specific types of the attacks what what were the most prevalent cyber attack types that companies experienced in Ukraine I can say that this was sophisticated cyber attacks sometimes it was just a simple dose sometimes it was a simple malware wiping malware for example we've seen examples where um someone had access to companies infrastructure and then just wiped part of database you know it's nothing sophisticated sometimes it was yeah a lot of defaces and defaces typically masked other activities like data leakage you know so those were mostly destructive cyber attacks then what do you think were main goals of the cyber part of the Russian operation in Ukraine I don't think that I'm a correct person to ask this question because you want me to think how Russian things and I don't want to do that that makes even a matter of thinking in the yes let's open up the question any other panelists want to take that oh when you're in war and things that you rely on are disrupted it also has a psychological effect on you because one thing to understand is nowadays cyber the use of digital technology has a huge psychological effect I heard one of my friends coined the phrase for misinformation disinformation malinformation and propaganda as psychological malware because that really is what it is right if you want to shake someone's spirit you try to affect them in some way you saw a lot of misinformation especially the first days um yeah around what you described as well that they that troops were surrendering that uh the cities were already being taken and yeah later on turned out to be all fake news so yeah from that point of view they took a lot of action into that and it was well prepared yeah uh for the counter offensive this is the one of the more interesting sub topics here and I hope some of the panelists will be able to to to to indicate something so from I'm from Latvia myself and where where I'm from we see that there are different hacker groups forming on both sides of of of this war and doing different things uh but from your experience three of you um is anything happening how are they being organized and more importantly or or the peculiar question I have is how do Ukrainians range from a legal perspective if if at all this is an open question for the panel as well from legal perspective um yeah I have mixed feelings about it because um I am not aware and Chris next to me knows more about it as well um that if we as vigilant civilians take actions into our own hands are disrupting operations that are already going on and are organized by uh intelligence service or by military so um I'm kind of like double into this on one hand I think yes disrupts everything regarding Russia that is possible but on the other hand I also am aware of the fact that uh we have intelligence services that might be in or might take actions already and then we are disrupting their work so yeah that's the double moral I haven't this one well I'll tell you some good news when it comes to this part of we'll say hacktivism um when it comes to trying to protect Ukraine I was just in Geneva uh at the UN the week before last after a member where I travel sometimes I travel too much and uh as was pointed out from uh high ranking official from the UN uh towards the Russian minister of foreign affairs deputy director of information security who decided to show up and disrupt the conference um and had shouted at some people because this is how it works it's because of Russia that there is no actual international definition of what cyber warfare is and also Russia fought the UN on what many countries and people believe are what are referred to as international norms and cyberspace uh so uh it leaves this gray area open for people to actually try to help Ukraine um and try to disrupt Russia all because Russia wanted to be a bunch of assholes I mean I mean bad people um so uh thanks Russia in some ways um the person from Russia was not too thrilled uh by the UN person from Estonia and yelled at her and called her some names in Russia and then left and caused an international incident but it's of their own making I too am kind of torn because I also think about the safety aspect you know it's one thing to do face a website or a distributed denial of service um it's another thing if it were to cause a loss of human life and we are definitely we have been at that point in cyber operations where you can actually do that so I too have mixed feelings I love the fact that the Kremlin's website was completely defaced um but also uh hope that it doesn't affect uh civilians in Russia because there are some people in Russia uh who do not agree with this war and Russia can use anything that could affect safety in this respect as completely twisting it around and unfortunately affecting the hearts and minds of some of those people who support Ukraine and Russia is there anything to add to this to see it yeah you know that starting from February 25th probably one of the first days of full scan invasion in Ukraine we have a law that legally allows Ukrainians to kill occupiers without any legal consequences there we go so do you accept Ukrainian citizens do you accept new citizens you can come become citizens twice for you I think that's that's one way to do it honestly the same citizen thing is very complicated in Ukraine so many people who actually want to receive Ukrainian citizens they it's very complicated to do for now maybe it will be easier so yeah so we are seeing a lot of information leaks especially in the the five months four months ago we've seen that information of Russian officers is being leaked almost every month we also seen some leaks from the Ukrainian side um why and how do you think is that happening is that are those hacktivists are those government officials government official hackers is there a difference in this war between those two groups open question I think that yeah let me jump in here I think that many people especially Russians believe that Ukraine has some centralized cyber security hierarchy and uh you remember one of the first days they hit the tv center in Kiev with missile so hitting assuming that we if we hit tv center the tv will be down but all tv is digital satellite kind of thing you know so they just killed innocent people they didn't actually disrupt the operations maybe like for some hours so the thing that there is no one single centralized knowing all cyber security structure in Ukraine there are tons dozens of groups that do something some of these groups are governmental and like created by government officials like it army for example the huge telegram channel 200 000 people right other groups are created by in military organizations because military also has a structure so intelligence external internal intelligence some different kind of military organizations they have their own cyber units they can create their own groups for their own operations right and there are people who just work in a field there is security community there are many many people who want to feel involved the who group together and do something so it's a huge distributed mesh kind of system which has both pros and cons it's very complicated to stop such structure because there is no single point of failure at the same time it's very complicated to control such structure so yeah and since end of February I believe that many foreigners who wanted to impact the situation they offered their help and some of them continue working on different operations right so we cannot say that this structure is purely Ukrainian no it's not it's a mix of things and as in hacker movies often people don't know the names of other people they're working with they might know they might not know the end target they do some things and they feel that they have impact on the situation that they help in the country and they don't need any money they don't need any you know put they don't need putting their names onto this they just put their time and efforts and skills so I understand according to to my knowledge both in the occupied parts of Ukraine and if and three parts of Ukraine the internet is up and running not flawlessly but but well enough open question once again to the whole panel why do you think that is how how does that work and why is it allowed to work why is the internet up yeah I have my my own views on it one of the reasons why I think that the internet was kind of allowed to stay up to a certain extent is because Russia kind of enjoyed the fact that people were documenting this war on social media this is the first war that's really been documented all over the place on social media so if you are sitting in Moldova and you are fearing that something's going to happen and you are seeing what's happening just over the border and you're like you know maybe we should you know kind of fold when it comes to Russia because we don't want what's happening in the Ukraine and all the atrocities that happen here I think it was very much at least in my opinion part of the reason was the psychological effect on neighboring countries which also Russia has either both threatened directly or has also launched various cyber attacks against any more comments on that part it's very easy to destroy infrastructure with missiles right couple of missiles in certain places and you can physically destroy a part of infrastructure but it might be not so easy to destroy these kind of state infrastructures with cyber attacks what I also think is it's already since 2014 that this is going on and if you look to the Ukraine situation I can imagine myself that they were prepared for such an event coming so their infrastructure was already on a certain level prepared to such an invasion I think so yeah that's what I consider to be the reason why it's still up and running there so four days ago the occupiers have started blocking Google services in Luhansk and Donetsk any sorts of that in relation to the the internet being available in general what's that going there control the narrative Russia also instituted fine against Google in Russia because it was serving up Google news that the Kremlin did not agree with so if you can control the flow of information and only push your agenda because there's no more free media inside Russia there's none the last channel ended just after the start of the war so control the narrative there is this great paper that was written by a guide at Dutch University I'm terrible with names can't remember it for the life of me but it is called the dictators guide to the internet it's about 20 some 30 some pages double spaced and it is a playbook about 10 11 years old about how dictators can control the internet I highly recommend it it has a weird URL but it really is that but the dictators guide to the internet it's almost like a playbook of shutting down certain services controlling the media allowing your version of social media to stay up while blocking out other forums such as Twitter or LinkedIn fun fact several years ago Russia actually made LinkedIn illegal so to communicate with some of my friends who worked at Kaspersky I had to set up a special email account just for communications because Signal also didn't work in a few other things so it really follows that guide so those can be some of the reasons to control that narrative yeah and it's easier to do when you have occupied the territory my point is that cyber attacks have limited scope on such huge infrastructure as internet as mobile network as critical infrastructure but when you have missiles or you you are physically on this territory you can do more things that's why I really like the initiative of squad 303 I presumably you my co-fellows here on the table know them as well it was an it is a service where you can send people in Russia information like you know what is going on and I did it as well and I had some really interesting conversations most of them swearing at me like yeah you're just a Nazi corporate or whatever but I also had a couple of conversations where people actually said that yes we are aware of the situation and we are organizing ourselves and of course the true worthiness is yeah hard to determine but yet still this little yeah I hope you have within Russian society that some bright mind maybe take up some action against the current dictatorship going on there but that is a really nice action to start a conversation from human to human yeah and there's no lot of tech involved in that everyone can do it you can even ask your mom to do that it generates automatically a message use google translate and try to get the yeah get them in in a conversation with them so that's now before we move to the final part of the panel when where we talk about what should happen next and how can we help further a question for this part of the panel on the cyber front do you think russians have achieved their goals so far no and that never will be yeah everyone agrees okay the easy and sweet answer no you already see that that the first stage of the reason why they started this war was a quick move towards Kiev yeah and on everything they failed and that has many military several reasons for that logistics corruption material yeah the the strongest of the Ukrainian army because after 2014 after Yanukovych completely ripped that army the army was completely rebuilt and also according to modern standards i'm not going to address it but yeah that he made a fatal mistake that he could overrun and you see that as well he was also misled you see around Putin a couple of intelligence officers were detained ended up being falling out of balconies and stuff like that that happens in Russia sorry that happens in Russia yeah that the Russian tradition but on that you can indicate as well that Putin was completely misled into this war but now he stepped in and now what you see in the past few months that destruction is his only goal destruct as much of Ukraine as you can because his real fear is not Ukraine as a country not Ukraine as a member of the european union not Ukraine as a NATO member no the success of Ukraine is Putin's biggest fear because then Russians see what happens to Ukraine can also happens to us yeah no i i agree i mean definitely he underestimated Ukrainian farmers picking up tanks and towing them away but also he was surrounded by a lot of yes men i mean if you're around Putin you'd kind of be afraid of being around Putin anyway and i think more people have died falling out of balconies who are government officials and of covid at this point so i don't think it has achieved the goals that they intended they had intended for example to strike fear and to some countries as well and that hasn't quite worked out in Georgia there's one of these areas it's they kind of refer to as breakaway south otessa and just before a new leader was voted in the now previous leaders said we're going to have a referendum and join russia right before the referendum a new leader was voted in and they're like no we don't want to be part of russia we're fine the way we are because you know what russia's not going to have our back russia's not going to be able to pay for stuff they're they're hosed so this idea that certain you know russian enclaves or former soviet countries would kind of bow down to russia isn't happening and so i think that's also proved positive between that and the spirit of the ukrainians that is ongoing proves that russia has not reached its goals thank goodness they haven't christ you touched international aspects here so peter you would be a good person to state your opinion on what do you think ukraine needs internationally moving forward um i was in leviv in the beginning of june met up of course now see how we drunk and i've spoken to the guy we handed over the medical gear michailo and i asked michailo as well what does ukraine beside weapons need after the war and plain answer was knowledge knowledge how you construct your societies knowledge how you construct your uh governmental organization uh knowledge on on how the rule of law in your country works um and in order to make i think we should yeah rebuild ukraine after this even stronger even better than before to make sure that such a brutal action never will be accepted by the free and liberal society in the western world we won't let this happen and we promise ourselves after 45 this will never happen again and we should stick to that promise no matter what and um yeah from that perspective i think and especially for people here in the room um i think we should support ukraine with whatever we can whatever you can do to make this turn into a better outcome for ukraine do it so what what should ukraine do after they win the war make sure they never come again um yeah build a real freaking wall uh on on the russian ukrainian border as high as it can uh because yeah they will come again and um yeah become resilient become stronger than ever before and with the help of of of uh yeah all the the the civilized countries i think we can yeah get them reset the goal any more thoughts on that in the panel i think a couple of other things are going to be required such as tech diplomacy i think this is a real good opportunity from the digital world to rebuild things to give you some background a lot of farming equipment is still made in Belarus and that was one of the places that a lot of ukrainian farmers would buy their gear because it was less expensive than say a caterpillar tractor or something like that in the us so looking at cybersecurity portion definitely looking at the laws like you mentioned especially in regards to privacy because a lot of the data leaks have been done to try to get you know surveillance and information on people looking at agricultural technology because a lot of the fields have been really badly burned and destroyed so they're going to have to be redone so more efficient agriculture is going to be needed ukraine has for a very long time been the bread basket of europe and now it's also the bread basket of africa and parts of asia now that's been disrupted so they'll need much more modern farming techniques and a way to cut off farming supplies and agricultural supplies from Belarus completely for the next season and it also give this opportunity to even add more digitization where required because the russians will not stop i mean if you look back at history i remember when my grandmother and her family had to leave they had to live through a famine in the 1930s in ukraine and then when world war two happened so they went to the us but since then we have a real opportunity to make ukraine a powerhouse and ukraine has for quite a few years already been used as a lower cost center for a lot of developers programmers and a lot of digital technology already so there's a good amount of knowledge in that realm there as well so i'm looking forward to helping with all of my friends anastasia peter everyone else making sure that ukraine is even better than we are right now in the netherlands because russia is never going to just stop at ukraine yeah i agree and i think that every extreme situation it requires some extreme efforts right and many people in ukraine in different industries including cyber security right now they gain very unique experience unfortunately but they gain very unique experience that after the war can be used you know for better goals for for improvements for collaboration with different companies for collaboration with different countries to create something more valuable because what we see right now is a mix at least from my standpoint is it it's a mix of digital and real world and how it will all it all work together yeah right now it all works together in a military context for our victory but in a few months in a few years this can lead to you know normal normal usages peaceful time usages because unfortunately every war is has impulse to create something new some new technology to build something after war right so my final question for all the panelists is what did you learn during these five months that can be applicable in peacetime are there any best practices that you can share with us freedom is not for free i think the biggest mistake and the the the nato slash western european countries made was that after the fall of the war we thought that we could cut budgets on all and especially if i look to not for united states but especially the western european countries they cut it on budgets for defense and we now see the impact we don't have a military answer to such a geopolitical situation that should be for what i consider to be the western european countries lessons learned invest in your defense systems invest in uh knowledgeable soldiers to react in such situations um and and that's why i say freedom is not for free uh yes you never hope you will have to use your military interaction but uh in such a situation you rather want to have them well trained well equipped to act on such brutal actions as this dictator is now showing over europe and um yeah what i learned as well is that under pressure everything to become fluid and we saw a lot of legislation because for example Ukrainians were allowed to travel into the european union to be a tourist and because of the situation and the urgent situation at polish border we could arrange so quick so magnificent care for people that i think that if we really want stuff to happen it will happen as long as you you believe in the core values that you have and that's something i also learned that if you really want you can do it thank you chris well um i think some of the things that uh can be made better uh like peter i was also trying to help a lot of people evacuate especially some of the international students or elderly or handicapped or folks who are the most vulnerable who are unfortunately the most difficult to get out and i ran into a lot of governments and their embassies who gave such bad tech advice that they either got people killed or were about to get their own citizens killed um and this is a problem around the world uh but shockingly uh quite frequent in the western world where they don't understand uh how to actually write policy and talk to technologists like us and if they do write policy it's not implementable uh so understanding things i remember when i was trying to get over the border with our convoy i was speaking with someone from the us state department and it turns out she didn't know how to use what's app when i was trying to send a list of uh passports identification for another convoy filled with elderly people many of which had either dementia or uh diabetes and needed to make sure they had some sort of medication and carers can you imagine during a war somebody who works for us state department doesn't understand how to use what's app uh mind was blown i actually had to hang up with her because i was so angry um so a lot of governments also have to understand that uh that psychological malware that i spoke about before why it's so important to build countermeasures and groups and actually take it seriously because we've seen even in the uk where brexit kind of was skewed a little bit and they're already finding links between russian money and so forth so these types of things need to be taken seriously and i think this is one thing that the uh war has taught us is if we are still standing in an analog shadow during a war that is also fought on the digital front we are going to fail miserably so i think that's one thing that should be learned right and this is here well as um if the citizen i would say that i learned that citizenship is not only rights but responsibilities right that's why i'm here in ukraine because as a citizen i have responsibility and i have unique skills and an opportunity as a person i learned that if i survive all of this i will be unstoppable i mean literally if i can do these crazy things i'm doing right now under constant stream of bad news physical missiles and calling my relatives to learn if they're still alive i can do anything as many ukrainians right now yeah we will probably need some break to you know to sleep to regain to like to feel less tired after the war after our victory but then they're gonna be unstoppable in anything thank you this is inspirational words coming from you here um thank you to the panelists thank you uh peter wonder how well from saxophone thank you crisky becker from hypersack and thank you very much anastasia voitova from costa clubs i've been kiros tell us from uh possible security thank you very much for coming here slova ukraine slova ukraine