Cyber is a critical frontline as Ukraine defends its security, independence and democracy against Russian aggression. Over the past several years, USAID has made significant investments in Ukraine’s ability to respond to and recover from cyberattacks emanating from Russia, including attacks targeting the Ukrainian government and critical infrastructure operators. . USAID’s cybersecurity assistance is part of our overall effort to build Ukraine’s resilience to Russian aggression and to promote economic growth and effective democratic governance. Our programming builds the capacity of Ukrainian government agencies, ministries and parliamentary committees; helps ensure democratic elections; and educates civil society, the private sector and the general public on the importance of cybersecurity. Since Russia launched its full-scale invasion of Ukraine in February 2022, we have expanded our programming to protect public communications networks by repelling cyberattacks and repairing systems after attacks, as well as ensuring continuous voice and data connectivity.
Improve Ukraine’s overall security by strengthening its ability to prevent and mitigate cyberattacks, and rapidly recover and restore critical infrastructure after an attack.
CYBERSECURITY FOR CRITICAL INFRASTRUCTURES IN UKRAINE
USAID launched the four-year, $38 million Ukraine Critical Infrastructure Cybersecurity Activity in May 2020 aimed at strengthening Ukraine’s cyber readiness and protecting critical infrastructure through assistance in three key directions: 1) strengthening the enabling environment for cybersecurity; 2) developing Ukraine’s cybersecurity workforce; and 3) building a resilient cybersecurity industry. The activity improves cybersecurity products and services through increased collaboration between the public and private sectors and expands market opportunities for Ukrainian cybersecurity companies by opening access to capital and new local and international markets. The activity has a strong component to strengthen the cyber-resilience of the Ukrainian energy sector. Under this activity, participating electric utilities develop five- and ten-year network development plans and receive training on how to improve organizational structure, operations and supply standards. Participating energy regulators develop strategies to address energy sector cybersecurity and receive training on cyber-hardened power grid upgrades. They also facilitate dialogue between utilities and regulators to ensure that appropriate upgrades are made to the network in a financially sound manner.
Following Russia’s large-scale invasion of Ukraine, the activity funded technical experts to provide hands-on support to critical service providers within the Ukrainian government, including ministries and infrastructure operators to identify malware and restore systems after a disaster has occurred. This support builds on USAID’s long-standing support for building cyber resilience among regional utilities, particularly in the energy sector. Amid the Russian invasion, USAID also provided more than 6,750 emergency communications devices, including satellite phones and data terminals, to essential service providers, government officials, and utility operators. critical infrastructure in key sectors such as energy and telecommunications.
RESPONSIBLE AND RESPONSIBLE GOVERNANCE PROGRAM IN UKRAINE
In 2016, USAID launched the nine-year, $81 million Ukraine Responsive and Accountable Governance Program to promote citizen-centered elections and political processes in Ukraine. As part of the cybersecurity component of the activity, USAID is partnering with the Central Election Commission of Ukraine (CEC) to strengthen its cybersecurity capacity and counter growing online threats to electoral systems. The activity conducted an election cybersecurity needs assessment and worked with key election and cybersecurity stakeholders to make critical improvements to the election cybersecurity infrastructure. URAP organized cyber hygiene training for electoral commissioners at all levels, as well as for civil society, political parties and Parliament, training 642 people across the country in 2019. In doing so, the activity has developed and organized cybersecurity training courses for IT professionals in Ukraine. and beyond. The activity strengthened the cybersecurity resilience of Ukraine’s election results management system and voter register, enabling Ukraine’s Central Election Commission to combat cyberattacks during the country’s 2019 snap presidential and parliamentary elections, thereby preserving trust in electoral processes.
USAID/WASHINGTON AND REGIONAL PROGRAMS
REGIONAL ENERGY SECTOR CYBERSECURITY ACTIVITY
The United States Energy Association and the National Association of Regulatory Utility Commissioners are cooperating to improve cybersecurity in the energy sector. This $1 million regional program aims to establish mechanisms for sharing knowledge and best practices among energy sector entities in Ukraine, Moldova, Armenia and Georgia, focusing on building cybersecurity capabilities of energy sector regulators and power transmission and distribution companies.