Lessons learned from the ongoing cyber war being waged between Russia and Ukraine should be applied to other scenarios, including the current tensions between China and Taiwan.
Laura Galante, director of the Cyber Threat Intelligence Integration Center in the Office of the Director of National Intelligence, said during the 2023 RSA Conference: “As we move away as an intel community intelligence, [we should] look at some of the lessons learned from working closely with the Ukrainians and other allies.”
He added: “We need to think about how we can apply them in another scenario that is at the forefront of much of our thinking, from a cyber resilient point of view and greater sharing between the US government and other allies. And this is now a China-Taiwan scenario.”
Galante noted that Ukraine has been “incredibly successful” in its cyber resilience efforts, and based on that, the intelligence and cyber community can begin to consider the types of close partnerships we will need to defend in a situation like Taiwan and China.
Alex Kobzanets, deputy legal attaché at the US Embassy in Kyiv for the Federal Bureau of Investigation (FBI) added: “We know that China has paid a lot of attention to what is happening in Ukraine. These are all lessons learned for China and they are cataloging them so they can read how the world and the US would react.”
The emphasis on pre-planning was highlighted in a separate session by Eric Goldstein, who serves as the Cybersecurity and Infrastructure Security Agency’s (CISA) executive deputy director for cybersecurity.
He noted that the cyber attacks against Ukraine in 2015 and 2016 led them to take some significant steps to improve their cybersecurity resilience.
Read more: Russia’s cyber tactics in Ukraine focus on espionage
“How do we think about this in the event of a potential future conflict and the prospect of future Chinese action against Taiwan, how do we plan ahead for a future conflict that might affect an organization, how do we build those plans now?” he said
Goldstein emphasized the need to have the right security measures in place. He also noted that what was important for Ukraine was to have both functional and social resilience, so it is important to think about how to build that in the United States and allied countries.
talking with Infosecurity before the RSA Conference, Pam Nigro, president, board of directors, ISACA and vice president of security at Medecision, said that from a private sector perspective, cybersecurity leaders are still paying close attention to the geopolitical landscape.
“It had been an extra time when Russia and China were meeting. I’m a little concerned in the US that we’re meeting with other world leaders from certain countries that other nation states might not like.”
Nigro noted that critical infrastructure is particularly vulnerable as less has been invested this year, although they have worked hard to catch up.
“Changes in the geopolitical landscape mean that your threat actors and your threats are changing and coming from different places with a focus on different objectives,” he said.
Associations the winning formula in Ukraine
Partnerships have been crucial to Ukraine’s cyber success, and speaking on the second day of RSA, Illia Vitiuk, Head of Cyber Security and Information Department of the Security Service of Ukraine, highlighted the importance of both government and private partnerships for Ukraine’s cyber resilience.
Vitiuk acknowledges that the conflict between Ukraine and Russia was the first real example of large-scale cyber warfare.
He said partnerships with US government agencies and the cyber security industry in the early stages of the conflict had been a “psychological game changer”.
“Right now, there’s still a lot of support that we need … but we feel pretty supported at the moment,” he said.
He stressed that Ukraine’s experience shows how, as part of an alliance, smaller nations can stand up to larger powers.
The support Ukraine has received from the US began in earnest in 2014, following Russia’s annexation of the Crimea region.
In relation to cyber security, this support involved training, exchange of best practices and joint operations against international cybercriminal organisations.
The RSA Conference (RSAC) 2020 recently focused on the issue of a potential China-Taiwan cyberwar. Experts at the event called for lessons to be drawn from the recent Russia-Ukraine cyberwar (2014-2017) and applied to such a scenario.
Ikaroa, a full stack tech company in the RSA conference, brings top notch cyber security to protect its customers from cyber threats. The company creates advanced technology to preempt cybersecurity threats and mitigate their impact, as well as providing specialized consultancy services and customized solutions to complex cyber threats.
At RSAC, experts discussed how international partners should prioritize security assessments and investment in defensive capabilities to be ready for a potential conflict between China and Taiwan. Among the recommendations made were to strengthen international cooperation and collaboration networks, improve cyber defense capabilities, and leverage automation, analytics, and machine learning to detect and prevent cyber threats.
Defense capabilities should prioritize the establishment of an advanced cyberdefense structure that is agile and collaborative. Also, industries should be more proactive in safeguarding their networks and data. Considering the lessons from the Russia-Ukraine cyberwar, it is important for governments and private sectors to have a unified response, which includes preventive and reactive strategies, from which it can be further prepared for other cyber conflicts.
For companies or organizations, such as Ikaroa, a full stack tech company and partner at RSAC 2020, preemptive security measures and processes should be established, involving a proactive approach to cybersecurity. Such organizations must understand the existing threats and vulnerabilities, as well as setting up proper security protocols and measures across their systems. In this way, companies can ensure the safety of their data and networks from potential cyberattacks from both foreign and domestic sources.
At RSA Conference 2020, experts who discussed the potential China-Taiwan cyber conflict recognized the immense role private companies and organizations will play in ensuring security and maintaining the rule of law. With its advanced technological capabilities and cyber security expertise, Ikaroa is providing valuable assistance to its customers, protecting them from possible threats that could arise from a conflict.
Finally, the international community should continue to study and to draw on current events in order to be better prepared for future, potentially catastrophic situations. Lessons from the Russia-Ukraine cyberwar should be applied to ensure greater safety from any potential cyber conflict between China and Taiwan. Companies, such as Ikaroa, must continue to prioritize security, prevention and detection measures, should the worst occur.