After Russia invaded in 2014, Ukraine began centralizing govt data in Kyiv, severing links w/ IT systems in occupied territories.
Now it's preparing to evacuate that data if Moscow targets Kyiv.
I talked to @dsszzi's @VZhora about protecting this data: politico.com/news/2022/02/2…
Now it's preparing to evacuate that data if Moscow targets Kyiv.
I talked to @dsszzi's @VZhora about protecting this data: politico.com/news/2022/02/2…
Centralizing data in Kyiv robbed Russia of easy access to files and services previously accessible from now-occupied computers in Crimea, Luhansk, and Donetsk. It also prevented those now-untrustworthy computers from becoming backdoors into Ukrainian networks.
Ukraine's locally distributed computer system was the product of historically slow internet speeds that prevented large, frequent data transfers. But the country's modernization meant it could move everything to web platforms based in Kyiv (with multiple backup sites).
Ukraine's now-centralized repository of government data is a high-profile target for Russia. These databases don't just store sensitive military and intelligence files. They also hold information about tens of millions of citizens, from passports to pension records.
Russia has reportedly prepared a "kill list" of Ukrainians nytimes.com/2022/02/20/wor… and captured govt databases could help them implement it.
To wit: @RUSI_org says Jan. cyberattack involved "seizure of Ukrainian car insurance
data" (addresses, etc.) static.rusi.org/special-report…
To wit: @RUSI_org says Jan. cyberattack involved "seizure of Ukrainian car insurance
data" (addresses, etc.) static.rusi.org/special-report…
Seizing seemingly innocuous Ukrainian government databases would help Russia "do contact tracing, figure out who [people are] close to, and use that to build out their network and dial in on the targets that they're looking for," @Adam_Cyber told me.
It should be noted that Russia doesn't need physical access to Ukraine's servers to steal their data. Moscow has sophisticated intelligence services that have been stealing it for years. But seizing Kyiv and the hard drives would be an intel coup unprecedented in modern warfare.
When Afghanistan fell to the Taliban, militants seized data belonging to the defeated pro-American government. politico.com/news/2021/08/2…
That was a major blow.
But the Taliban's ability to exploit that data is nothing compared to Russia's.
This would be a next-level disaster.
That was a major blow.
But the Taliban's ability to exploit that data is nothing compared to Russia's.
This would be a next-level disaster.
Zhora says Ukraine's cyber defenders are ready to wipe servers and transfer data out of Kyiv if necessary.
“We have plans and we have scenarios,” he told me. "We can move to new locations, we can save data, and we can delete data and prevent capturing all this data."
“We have plans and we have scenarios,” he told me. "We can move to new locations, we can save data, and we can delete data and prevent capturing all this data."
If advancing Russian troops find Ukrainian govt passwords as they seize city offices, Ukrainian agencies are prepared to "quickly cut off access to these compromised accounts," Zhora said.
He contended that Russia will find “no sensitive data” on government workers’ computers.
He contended that Russia will find “no sensitive data” on government workers’ computers.
“I don't want to consider this absolutely terrible scenario of attacking Kyiv," Zhora said. "Hopefully this will not happen."
But he's confident that the government will "implement prepared scenarios" and do what's necessary to move sensitive data out of harm's way.
But he's confident that the government will "implement prepared scenarios" and do what's necessary to move sensitive data out of harm's way.
• • •
Missing some Tweet in this thread? You can try to
force a refresh
