In a world where cyber threats constantly evolve, few experiences are as sobering as those of a nation that has faced hybrid warfare for years. Dmytro Kuleba, former Minister of Foreign Affairs of Ukraine (2020-2024), shared a practical recipe for building resilience under extreme circumstances at Infosecurity Europe. His message applies not only to governments but to any organization that relies on technology to operate.

The Cyberattack That Paralyzed KyivStar: A Lesson in Recovery

In December 2023, Ukraine's largest mobile operator, KyivStar, suffered a devastating cyberattack orchestrated by Russia. According to Kuleba, the attackers managed to penetrate the core of the network system through a single employee's account. The result was a total service outage. However, the company managed to restore the system and isolate the threat within days, an achievement Kuleba described as "almost miraculous." This incident underscores the importance of having robust contingency plans and the ability to execute them under pressure.

Since then, successful cyberattacks against Ukraine have drastically decreased. Kuleba attributes this shift to a pre-planning methodology focused on resilience, adopted by both the government and the private sector. "We don't know what will happen or how, but you can anticipate, brainstorm, calculate, and prepare until it becomes muscle memory," he explained. This approach not only mitigates damage but also generates organizational survival instincts.

Preparation Before the Storm: The Case of the Ministry of Foreign Affairs

Kuleba began preparing his ministry for war in November 2021, months before the full-scale invasion. The first step was to precisely understand how their systems worked and plan contingencies, such as alternative communication if messaging apps failed. When war broke out, services were evacuated abroad without losing time. "We didn't waste a second figuring out what was possible because we already knew it in advance," he stated.

This extreme planning may seem like a distraction from more immediate projects, but Kuleba insists it is vital. "If you care about your company or your country, you have to prepare for the worst," he noted. Resilience, according to him, is not just about repairing damage but the ability to keep repairing while destruction becomes the new normal.

The Dark Side of CRMs: How Russians Exploit Everyday Systems

The war has also revealed stealthy tactics. Russian operatives have infiltrated customer relationship management (CRM) systems used by small businesses like barbershops, gyms, and nail salons. The goal: to obtain intelligence on life patterns to assassinate officials or kidnap their family members. Kuleba mentioned the case of an official whose son was kidnapped after tracking his movements through a barbershop's CRM.

The vulnerability of these systems lies in the fact that, before the invasion, Russian companies offered CRM platforms at very attractive prices to Ukrainian businesses. "Did they act on their own initiative? Perhaps. Did the Russian security service ask them to do it? It could be. But the reality is that even an apparently innocent program can help your enemy kill or kidnap," Kuleba warned.

This case highlights the importance of technological sovereignty and the need to audit the tools we use. For businesses, choosing a CRM developed by trusted providers is not just a matter of functionality but of national security.

Recommendations for Businesses: Beyond Technology

Kuleba left a clear recommendation: "Do not trust products developed by your potential enemy." In a global context where geopolitical tensions are reflected in cyberspace, businesses must evaluate the origin of their technological tools. Configuring VPNs and firewalls is only part of the equation; true resilience requires a holistic approach that includes contingency planning, staff training, and periodic security audits.

Furthermore, the Ukrainian experience shows that even small businesses can be targets. Cloud security and system isolation are crucial, but so is the awareness that any data, no matter how insignificant it seems, can be exploited. As Kuleba points out, resilience is not a destination but a continuous process of adaptation.

In a world where AI and automation are advancing rapidly, as discussed in Fable 5, human preparation remains irreplaceable. Pre-planning, crisis simulation, and creating "muscle memory" are the tools that allow organizations to survive when the unexpected happens.

Original source: ComputerWorld. Analysis and adaptation by ForgeNEX.