- Seven Steps to Building a Mature Vulnerability Management Program
- I replaced my laptop with the OnePlus Pad 3 for a week - here's my buying advice now
- IBM’s cloud crisis deepens: 54 services disrupted in latest outage
- Proton VPN vs. Private Internet Access: Which VPN should you choose?
- Moderna’s HR-IT merger: Trend or exception to the rule?
#Infosec2025: Good Cybersecurity Enabled Ukraine’s Surprise Attack
Effective cybersecurity played a key role in this week’s audacious Ukrainian drone attack on Russian strategic bombers, a leading government security expert has claimed.
National Cyber Security Centre (NCSC) director of operations, Paul Chichester, made the remarks on the first day of Infosecurity Europe in London.
The GCHQ veteran argued that simply by keeping Russian intelligence in the dark about the plot, Ukrainian cyber operatives played an outsized part in its success.
“We forget the importance of good cybersecurity. I was reading about Putin thinking about firing his intelligence chiefs for not knowing ahead of time that this was going to happen,” said Chichester.
“I put that down to good cybersecurity helping Ukraine achieve strategic advantage. It’s not just about how you perform offense, but also defense, and how vitally important it is that you protect those secrets.”
Operation Spider Web was reportedly 18 months in the making and involved over 100 drones smuggled inside lorries. They struck air bases across Russia, some as far as 8000kms away from Ukraine, taking out a third of the country’s strategic cruise missile carriers.
The Kursk incursion of August 2024 similarly caught Russian intelligence off-guard, in what was another propaganda coup for Ukraine.
“If you think about the huge amount of effort Russia is putting in not just to disrupt Ukrainian operations but ultimately spy on them – it’s an incredible outcome for Ukraine to continually defend itself, with a huge amount of help from allies in industry,” Chichester continued.
“It shows the importance of good cybersecurity in my view. We don’t tell that story, but I think it’s important to remember that.”
However, there was also more sobering news for attendees, as Chichester explained how Russia, China and others are amassing expertise and capabilities way beyond the cyber-espionage that used to be the extent of state-sponsored digital activity.
He cited not only Russia’s integration of cyber into military operations in Ukraine, and its ongoing efforts to undermine democratic and other trusted Western institutions, but also advanced Chinese groups like Volt Typhoon and Salt Typhoon.
These groups were discovered pre-positioning themselves in US critical infrastructure and targeting major telcos, in a bid to gain a geopolitical and potentially strategic military advantage.
Some Key Takeaways for CISOs
Chichester’s geopolitically focused keynote ended with some useful advice for corporate security leaders:
- Understand that cyber is increasingly the tool of covert statecraft
- States never act randomly – “If you are being targeted by a state, wonder why. There’s always a reason,” said Chichester
- Access to sophisticated capabilities is growing beyond Russian, China, Iran and North Korea
- Think about how geopolitics informs your cyber strategy
“Most large businesses will care about geopolitics and … will be operating on regions where increasingly the geopolitics will be more challenging and testing. So how do you take your cyber conversation with your board and feed it into that broader risk conversation?” Chichester concluded.
“At the end of the day, cyber isn’t really a technical thing. It’s a tool someone uses, be it a criminal or a state. How does that risk manifest for you?”
