EU to Send a Newly Created Cyber Rapid-Response Team (CRRT) to Ukraine
The CRRT Will Assist the Nation in Combating the Cyber Threat Actors.
The Lithuanian Ministry of National Defense announced the development in a Twitter post, saying that the move was made at the request of the Ukrainian authorities.
In response to #Ukraine request 🇱🇹🇳🇱🇵🇱🇪🇪🇷🇴🇭🇷 are activating LT-led Cyber Rapid Response Team, which will help 🇺🇦institutions to cope with growing cyber threats. #StandWithUkraine pic.twitter.com/posfmv3rVT
— Lithuanian MOD (@Lithuanian_MoD) February 22, 2022
A coalition of six EU nations, including Lithuania, will lead the effort to “assist Ukrainian institutions in dealing with escalating cyber-threats,” according to a press release. The coalition also includes Croatia, Poland, Estonia, Romania, and the Netherlands.
On February 22 the EU Cyber Rapid Response Teams (CRRT) Council confirmed that cyber rapid response capabilities will be activated in support of Ukraine.
Lithuania, Netherlands, Poland, Estonia, Romania and Croatia respond to the request from Ukraine and activate the Cyber Rapid Response Team to support Ukraine’s institutions in the face of cybersecurity challenges,” said Vice Minister of National Defence Margiris Abukevičius.
Concrete numbers and specialization of experts to be deployed are currently subject to coordination. “We are considering deploying a CRRT to Ukraine ,” said Vice Minister M. Abukevičius.
The Cyber Rapid Response Teams have been operational since 2019. A CRRT comprises 8-12 cybersecurity experts delegated at national level by six EU member states – Croatia, Estonia, Lithuania, Netherlands, Poland and Romania. The team is capable of offering assistance in managing a cyber-incident or carry out prevention and vulnerability assessments.
The Lithuanian-coordinated PESCO Cyber Rapid Response Teams and Mutual Assistance in Cyber Security project is among the most successfully developed and most advanced PESCO projects. It reached Full Operation Capability in May 2021.
A CRRT official said that the team of eight to twelve specialists would be “composed of varied cyber-expertise, such as incident response, forensics, vulnerability assessment, in order to be able to respond to a range of situations.
As reported by InfoSecurity, beginning with a broad online defacement effort in which Ukrainian Government websites were replaced with Russian propaganda messages, the campaign progressed to more targeted attacks. Then there was the damaging malware campaign known as “WhisperGate,” which targeted government, information technology, and non-profit institutions across Ukraine.
As a result, Microsoft issued a warning that the campaign had features with the notorious NotPetya virus, which was similarly designed to lookalike a financially driven ransomware attack.
Last week, the Ukrainian Defense Ministry website and the networks of state-owned banks were targeted by DDoS attacks perpetrated by threat actors subsequently identified as Russian intelligence agents by authorities in the United Kingdom and the United States (GRU).
Ukrainian authorities have also issued a warning about Russian disinformation activities, and they have taken down a bot farm that was operating 18,000 mobile accounts. According to the report, they were used to issue anonymous bomb threats and distribute false information suggesting that mines had been planted in public places.
Why Is Ukraine Being Targeted?
The Security Service of Ukraine (SSU) declared it believes that Ukraine is subjected to a hybrid warfare campaign meant to induce fear and weaken public faith in the government’s capacity to protect its population.
The Security Service, within its authority, is continuously analyzing various scenarios – there is a clear action plan for each of them. Together with the leadership of the state, executive and legislative branches, other law enforcement and security authorities, we are ready to respond to the situation not only when the need arises, but in advance. And we are already doing this.
At the same time, we fully understand the motives of the current information pressure – to sow anxiety in Ukrainian society, to undermine confidence in the state’s ability to protect its citizens, to destabilize our unity.
The SSU is seeing such manifestations of hybrid warfare in social networks, some mass media, in the spread of narratives of the aggressor state by certain politicians, etc. The SSU is not just observing these, but also actively counteracting to them. This is reflected in the NSDC decisions, number of neutralized cyberattacks, dismantling of numerous bot farms, exposing agent networks of hostile intelligence services and preventing sabotage and terrorist attacks.
The SSU officers are working in all regions of our country in an intensified mode. We are ready to defend Ukraine.
However, stability and peace in our country at the moment depend not only on the government, but also on the measured actions of every Ukrainian. We should all remain calm and resist provocations. Panic and destabilization play into the enemies’ hands, and do not benefit Ukraine.
We all need to think critically and check all the information; be guided by data from official sources, not anonymous ones; learn to distinguish truth from fakes.
And let’s not forget – Ukraine’s strength is not only in a powerful army, but in the unity of everyone of us. Together, we are able to defend Ukraine. Our freedom, independence and dignity.
The agency also stated that it has already thwarted numerous such attempts connected to hostile intelligence agencies, as well as dismantled bot farms aimed at instilling fear in Ukrainian citizens through bomb threats and false information.