EU Deploys Cyber Response Unit to Ukraine

The EU is deploying a newly formed Cyber Rapid-Response Team (CRRT) to Ukraine to help the country combat Russian threat actors as troops start pouring over the border.

The Lithuanian Ministry of National Defence tweeted the news yesterday, revealing that the move came at the request of the Ukrainian government.

Lithuania will be leading the coalition of six EU countries – which also includes Croatia, Poland, Estonia, Romania and the Netherlands – in order “to help Ukrainian institutions to cope with growing cyber-threats.”

A CRRT official told the BBC that the team of eight to 12 experts would be “composed of different cyber-expertise, such as incident response, forensics, vulnerability assessment, to be able to react to a variety of scenarios.”

It comes after a series of attacks on Ukrainian institutions traced back to Russia over the past few weeks, as it amassed an estimated 190,000 troops on the country’s border.

These began with a massive web defacement campaign in which Ukrainian government sites were replaced with Russian propaganda messages. Then came a “WhisperGate” destructive malware campaign targeting government, IT and non-profit organizations across Ukraine.

Microsoft warned that the campaign shared characteristics with the infamous NotPetya malware, which was also designed to look like financially motivated ransomware.

Last week, the Ukrainian Defense Ministry website and the networks of state-owned banks were DDoS-ed by threat actors later traced by UK and US officials to Russian intelligence (GRU).

“We can see that cyber-measures are an important part of Russia’s hybrid toolkit,” a CRRT official told the BBC.

Ukrainian officials have also warned of Russian disinformation efforts, dismantling a bot farm running 18,000 mobile accounts. These were used to make anonymous bomb threats and spread fake stories alleging mines had been laid in public spaces, it claimed.