National cyber security system of Ukraine: perspectives of policy development and capacity building

In order to raise awareness, cyber hygiene and compliance, its's advisable to take following steps:

Launch the National Cybersecurity Awareness Campaign under the coordination of the National Cybersecurity Coordination Center with involvement of all state authorities, private sector and international donors. Along with the stakeholders of the NCSC the Ministry of Education and the Ministry of Information Policy of Ukraine also should play main role in this initiative.

Develop mechanisms of strategic communications in case of a serious cyber incident of national character.

Provide a compulsory annual computer-based training and following exams on cyber hygiene to all public and military servants as a part of their appraisal process.

Apply disciplinary and administrative sanctions to those public servants and operators of critical infrastructure who systematically breaks the requirements of cyber security regulations. The State Service for Special Communications and Information Protection of Ukraine according to its competence must provide effective monitoring and control on an ongoing basis over cyber protection and cyber hygiene in state sector and critical infrastructure. * Make comprehensive quantitative and qualitative assessment of unlicensed products used in state bodies of Ukraine along with mapping of all state networks, hardware and software in order to determine current needs in licensed products for gradual replacement. It seems hardly possible for Ukrainian government to solve the problem with pirated software on its own taking to consideration high prices of licensed software in comparison with an average income of Ukrainians and existent state budgets for cyber protection of governmental authorities. So it is important to involve international donors for providing necessary software to state bodies of Ukraine and engaging worldwide IT-companies to provide its products under more favorable conditions in the framework of international cooperation and public-private partnership.

Developing Capacities of Main Actors of the National Cyber Security System.

Supported by strong political will and high level of awareness all the comprehensive cybersecurity policy initiatives will led to nowhere if there are no skilled IT-professionals able to provide technical aspect of State's cybersecurity.

One of the main keys to the effectiveness of the National Cyber Security System is providing its actors with necessary human sources -- skilled cybersecurity professionals able to detect, investigate and prevent advanced cyber threats. Unfortunately, today Ukraine cannot provide sufficient maintenance for such employees in government agencies and it's almost impossible to compete with salaries and compensations offered by private industry.

Within the framework of the National Cybersecurity Coordination Center activity all state cybersecurity actors have taken coordinated measures to resolve this problem or at least to make it not so acute. As a result of these efforts, changes were made to the legislation that regulates the payroll of civil servants and military personnel, providing for the establishment of a special allowance for performing tasks in the field of cyber security by approving the Governmental Decree No. 336/2018 [52]. But despite the fact that this allowance provides for additional payments in the amount up to 100 percent of the salary, due to insufficient budget financing for current fiscal year in many government agencies the actual wages were increased by only 10 percent. However now in Ukraine there is at least transparent legal mechanism of financial rewards for cybersecurity professionals of public sector.

Another sufficient problem of stuffing is rather low level of IT and cybersecurity capacities of educational institutions which prepare cybersecurity specialists for the need of state authorities. For example, the National Academy of the Security Service of Ukraine, which has Bachelor and Master Programs in Cyber and Information Security and prepare specialists for the needs of security and defense sector of Ukraine, does not have sufficient training equipment (hardware and software) to provide practical trainings on countering cyber threats because of its high cost and absence of teachers with appropriate experience.

Never the less, it must be noted that the technical capabilities of the main state actors of the NCSS have been greatly developed as well as the professional level of their cybersecurity specialists. This became possible first of all due to the international assistance to Ukraine (supply of modern software/hardware, sharing best practices and organizing systematic trainings on countering cyber threats) and common understanding on the national level of importance of cyber security issues.

However, further development of capacities of main actors of the National Cyber Security System demands following steps:

Insert additional separate budget line for cyber security in the State Budget for the Security and Defense Sector of Ukraine, including expenses for maintenance of cybersecurity personnel. This step will provide full implementation of the Cabinet of Ministers Decree No. 336/2018 and contribute to settling the problem with underfunding of cybersecurity professionals in state sector.

Use outsourcing for providing some of the cybersecurity functions of the State. For example, outsourcing services for providing cyber protection for many governmental structures will be much more effective and cheaper then training and maintaining in-house specialists. This also could be an impetus for bringing public-private partnership on cybersecurity in Ukraine to a higher level.

Establish a short-term working group including main actors of the NCSS, private sector (cybersecurity companies and academia) and Ministry of Education of Ukraine for developing and implementing into educational process common standards and requirements for training cybersecurity specialists taking into consideration best EU practices and standards in this sphere.

Create the National Cybersecurity Training Center aimed at preparing cybersecurity specialists for law enforcement, intelligence and counterintelligence services under the National Academy of the Security Service of Ukraine as the higher educational establishment with the most expertise, resources and experience in this sphere. This will give an ability to bring together efforts of all the national stakeholders as well as international partners (e.g. NATO Trust Fund) to create educational capabilities with necessary technical facilities, teaching personnel and based on best international practices. The regular universities also should be involved into this initiative.

Enhancing Public-Private Partnership

The importance of efficient public-private cooperation in cyber security domain is reflected in Ukrainian cyber legislation and recognized by all state stakeholders of the National Cyber Security System. Though the substantial work in this direction had already been done there still is a necessity to create an appropriate organizational platform aiming at providing and developing public-private partnership mechanisms.

In this prospective a reasonable idea was put forward by Konstantin Korsun [53], Ukrainian cyber security expert, for the government of Ukraine along with international donors and the biggest players in Ukrainian IT-business to establish a non-governmental organization with different stakeholders' shares (for example, government -- 40%, business -- 30%, international donors -- 30%). The share of state shouldn't be controlling in order not to create another state body, but, at the same time, it still should be significant to ensure the stability of the project. All three stakeholders may be able to delegate to the Supervisory Board 3-5 or more representatives, but they all have only one vote together.

According to K. Korsun, the main purpose of its creation will be to build or renew public trust. This Multi-Stakeholder Cybersecurity Platform will carry out the following tasks: cybersecurity prosperity threat

Providing free of charge qualified consultations on all aspects of cybersecurity, available to every resident of Ukraine, private companies, state institutions, law enforcement agencies, organizations of any form of ownership with the possibility to go to the place of cyber incident (in exceptional cases).

Comprehensive raising of cyber-hygiene and cyberawareness level among all strata of the population.

Development of recommendations on primary measures to improve cybersecurity, including the regulatory framework.

Hosting and providing organizational support to cyber conferences, local or international Capture the Flag (CTF) competitions and cyber training.

* Daily publication of newsletters on current cybersecurity news, publication of analyzes, researches and studies on cybersecurity.

This organization must have extensive practical experience in cybersecurity, management, jurisprudence, public administration, experience in international co-operation on cyber security issues, be free to navigate in contemporary world trends and latest approaches, international standards, practices, achievements.

This initiative will not only build trust but also will create shared responsibilities for the state and businesses in cyber security while the international stakeholders will play an important role of mediators providing safeguards to avoid misuses.

Building Legal Framework for Critical Information Infrastructure Protection and Resilience

The protection of Critical Information Infrastructure still remains to be unsettled in Ukrainian legislation. There isn't a specific law on this issue, though a number of bills are being drafted by Ukrainian state bodies during last couple years. But the main gap of legislation in this sphere is absence of the National Register of Critical Information Objects. This means that there is no legal basis to apply to any Ukrainian facility of private sector of vital importance (such as energy production and electricity generation, financial services, telecommunication and transportation infrastructure, and so on) any requirements of cyber protection or providing immediate information to state authorities about cyber incidents and cyber-attacks because none of it has an official status of “Critical Infrastructure Object”.

The formation of such Register was entrusted by the Cabinet of Ministers of Ukraine to the State Service for Special Communications and Information Protection of Ukraine. According to the Governmental Decree from August 23, 2016, N563 [7] this task should have been done till February, 2017 (in six months' time). Despite the colossal work that have been done in this direction by responsible state authority, the draft of the Register wasn't finished and approved by the Government. The main reason is unwillingness of private sector to participate in this process even sabotaging in order not to obtain the status of Critical Infrastructure Object as for them it would mean more financial costs and additional responsibilities [54].

In this contest it's difficult not to agree with conclusion of Madeline Carr [55] that successful public- private partnerships in cyber are either characterized by shared interests or, if the interests of the partners are not well aligned, governed by rules.

To settle this problem in Ukraine the state should demonstrate strong political will and finish the process of establishing strict and clear regulations for critical infrastructure protection. Moreover, it is necessary to provide in legislation clear sanctions of a financial character to owners of critical infrastructure facilities for breaking the requirements of its cyber protection imposed by the state.

Of course, the state authorities should and will provide all kinds of assistance on cyber security issues to critical infrastructure of private sector, including not only methodology and information sharing but practical actions of response to cyber-incidents and cyber-attacks. However, positive motivation in providing critical infrastructure protection has proved insufficient if it's not supported by effective governmental requirements and control.

Taking into consideration European vector of Ukraine's further development the implementation of the EU Network and Information Security directive (NIS Directive) [56] should be the primary step for building comprehensive framework of critical infrastructure protection in Ukraine.

Updating Cyber Security Standards

According to the Law of Ukraine “On Protection of Information in Information and Telecommunication Systems” all state information resources must be processed only in systems secured with the Integrated Information Protection System (IIPS) with verified compliance [57]. But existent standards which are the basis for building such IIPS are outdated and do not take into account present cyber threats (e.g. APT-attacks).

According to the Analytical Report to the Annual Address of the President of Ukraine to the Verkhovna Rada of Ukraine “On the Internal and External Situation of Ukraine in 2018” [58] the issue of upgrading the IIPS or its change to another protection system remains unresolved. The very idea, internal structure and model of the implementation of IIPS in most cases does not meet the requirements of modern cyber protection (especially in the non-state sector, in particular in business). This is the cause of persistent acute criticism among domestic expert and business circles, which focuses on the static nature of this system, its bulkiness, and the scarcity of scalability. In addition, the Law of Ukraine “On Basics of Providing Cyber Security of Ukraine” requires an independent audit of information security of critical infrastructure objects, carried out on the basis of international standards, European Union and NATO standards.

Therefore, in order to strengthen cyber resilience of critical information infrastructure of private and public sector (including state electronic resources) it is a must to update existent national cyber security standards taking into account existent cyber threats or to implement requirements for cyber protection on the basis of international or European cyber security standards.

Enhancing Cybercrime Prevention

The constant rise of cybercrime is a worldwide tendency [59]. Losses from cybercrime are predicted to cost the world $6 trillion annually by 2021 [60]. According to the Head of the Cyber Police of Ukraine, a steady increase in cybercrime is recorded in Ukraine [61]. Thus, the development of efficient capabilities to counter cybercrime is an essential challenge for the Ukraine's National Cyber Security System.

One of the main obstacles preventing Ukrainian cyber police from protecting the rights and freedoms of citizens of Ukraine from encroachments by cybercriminals remains the imperfection of domestic criminal and procedural law. The rapid growth of cybercrime in Ukraine is facilitated by the fact that domestic legislation in the field of criminal prosecution of computer crimes is one of the most liberal in the world. There were cases when international cybercriminals were arrested in Ukraine in a result of an international law enforcement joint operation but pursuant to a court order based on national criminal code they were released after paying a fine or receiving a suspended sentence. For today, no hacker has been imprisoned in Ukraine yet [62].

As the Head of the Department of Cyberpolice of the National Police of Ukraine Sergey Demedyuk noted, “The country is turning into Mecca for cybercriminals. They move to Ukraine and use it, also as a platform for money laundering” [63].

Cybercrime migrates towards those territories where there aren't appropriate laws or it is not possible to effectively apply these laws. So the main issue to promote cybercrime prevention in Ukraine is to increase the penalties for cyber-crimes according to EU and NATO practices.

Another important measure to take is the implementation of the Convention on Cybercrime, to which Ukraine is signatory since 2005. Though Ukraine takes an active part in international initiatives on its implementation within the framework of the Cybercrime Convention Committee (T-CY) of the Council of Europe and has developed draft law harmonized with the Convention, many important provisions are still not implemented to the domestic legislation. In particular, it's important to provide norms that would oblige service-providers to store, preserve and partially disclose computer data including traffic data by a request of competent authorities, and also would address the problem of collection of evidence in electronic form.

Failure to settle this issues not only hampers cybercrime prevention in Ukraine but also complicates international cooperation within contact point 24/7, as the Ukrainian law enforcement bodies don't have necessary authority to obtain from service-providers information requested by foreign partners and necessary to prevent and investigate international cybercrime.

Conclusions. Over the past few years, Ukraine has managed to create from the scratch the National Cyber Security System developing necessary capacity to address emerging cyber-threats, primarily those coming from Russian hybrid aggression. Of course, not all the tasks have been solved so far and there are still many problematic issues that need to be addressed for further development of Ukraine's cyber capabilities in the face of new challenges coming from cyber space. Taking into consideration current problems that hamper further enhancing of the NCSS described in this research, primary steps of Ukraine in this direction should be first of all aimed on establishing effective mechanisms of cybersecurity policy implementation guaranteed by due governmental control in conjunction with public scrutiny, parliamentary oversight and foreseeing disciplinary measures in case of inappropriate fulfillment provisions of annual Plans for Cyber Security Strategy Implementation by responsible state officials.

But primary focus should be oriented towards building strong political will and understanding by highest state authorities the importance of effective implementation of cybersecurity policy for the good of the national security of Ukraine and necessity to take unpopular measures as well (such as strict control and disciplinary sanctions) to provide proper executions of cybersecurity policy and requirements by all responsible state actors.

Next steps should be directed at rising awareness and cyber hygiene first of all among state servants, military personnel and operators of critical information infrastructure within the framework of National Cybersecurity Awareness Campaign launched under the coordination of the NCCC. Also it is necessary to provide a compulsory computer-based training and following exams to the above-mentioned categories of personal as well as applying sanctions in case of systematic violations of cyber security requirements.

Supported by strong political will and high level of awareness all the comprehensive cybersecurity policy initiatives will led to nowhere if there are no skilled IT-professionals able to provide technical aspect of State's cybersecurity.

Taking into account that one of the main keys to the effectiveness of the National Cyber Security System is providing its actors with necessary human sources, developing capacities of the NCSS stakeholders should be primarily based on addressing the problem of low maintenance of cybersecurity personnel and improving existent system of cybersecurity specialists training.

To facilitate public-private partnership it is recommended to create Multi-Stakeholder Cybersecurity Platform with the state, business and international donors as stakeholders aiming at building trust and providing to population, state bodies and private companies free services in cyber security such as qualified consultations, campaigns on cyber-hygiene, recommendations on cybersecurity policy and legislation, organizing cyber conferences, publishing cyber analytics etc.

Other efforts should be directed at building legal framework for critical information infrastructure protection by adopting the National Register of Critical Information Objects and framework law establishing main requirements and responsibilities of their owners in the sphere of cyber protection. Furthermore, providing high level of critical infrastructure resilience is impossible without updating domestic standards of cyber security on the basis of international and European standards in this sphere.

To enhance cybercrime prevention and investigation as well as international cooperation in this area the cybersecurity policy of Ukraine should include measures on increasing penalties for cybercrimes and implementing the Budapest Convention in terms of obliging service-providers to store, preserve, and partially disclose computer data by a request of competent authorities as well as addressing the problem of collection of evidence in electronic form.

All the steps taken by Ukraine to enhance cybersecurity should be based on whole of government approach, broader involvement of private sector, transparent and comprehensive national cybersecurity policy.

Following European vector of Ukraine's national strategy, it is important to consider best European practices in cyber security (such as EU framework on Critical Infrastructure protection, comprehensive cybersecurity standards, approaches to cybersecurity education etc.) while developing the National Cyber Security System of Ukraine.

References

1. E-ISAC. 2016. Analysis of the Cyber Attack on the Ukrainian Power Grid.

2. Park D., Summers J, Michel W. Cyberattack on Critical Infrastructure: Russia and the Ukrainian Power Grid Attacks, 2017.

3. Cyber Security Strategy of Ukraine, 2016.

4. Law of Ukraine on Basics of Providing Cyber Security of Ukraine 2017.

5. Decision of NSDC of Ukraine (December 29, 2016).

6. Decision of NSDC of Ukraine (July, 10, 2017).

7. Resolution of Cabinet of Ministers of Ukraine № 563 (August 23, 2016).

8. State Service for Special Communications and Information Protection of Ukraine. 2015. “У Держспецзв'язку створено Державний центр кіберзахисту та протидії кіберзагрозам” [State Center of Cyber Protection and Countering Cyber Threats was created in SSSCIP].

9. “CERT-UA: скорая киберпомощь” [CERT-UA -- Cybersecyrity Emergency] 2014. PCWeek/UE, № 4.

10. Emergency Response Team of Ukraine. “Скористайтеся нашою допомогою в ліквідації кіберзагроз” [Use Our Help to Liquidate Cyber Threats]. URL: https://cert.gov.ua/ (accessed June 9, 2019).

11. Emergency Response Team of Ukraine. “Відкриття Центру реагування на кіберзагрози” [Opening of Cyber Threat Response Center].

12. Security Service of Ukraine “Голова СБУ відкрив Ситуаційний центр забезпечення кібернетичної безпеки” [Head of SSU Opens Cyber Security Situational Awareness Center].

13. Radio of Freedom “В Одесі відкрили центр запобігання кібератакам при СБУ” [In Odessa the Cyber Security Situational Awareness Center is opened].

14. Tkachuk, Nataliya. 2018. “Правове регулювання взаємодії Служби безпеки України з приватним сектором у сфері забезпечення кібербезпеки” [Legal Regulations of Cooperation between Security Service of Ukraine and Private Sector in Sphere of Cybersecurity]. Information and Law, № 4 (December): 104-111.

15. Security Service of Ukraine “СБУ посилює захист інформаційної безпеки підприємств енергетичної галузі України” [SSU Strengthens Protection of Information Security of Ukraine's Energy Sector].

16. Security Service of Ukraine “Публічний меморандум про взаємодію зі Службою безпеки України у сфері відповідального пошуку та розкриття інформації про вразливості інформаційно-телекомунікаційних систем та/або телекомунікаційних мереж” [Public Memorandum on Cooperation with the Security Service of Ukraine on Responsible Search and Disclosure of Information on Vulnerabilities of Information and Telecommunication Systems and/or Telecommunication Networks].

17. Decree of Cabinet of Ministers of Ukraine № 831 (October 13, 2015)

18. Avacov, Arsen. 2015. “Cyberpolice -- Step to Reform” Facebook, October 11, 2015.

19. Law of Ukraine On the Ratification of the Convention on Cybercrime 2005.

20. Nekrasov, Vsevolod. 2018. «Глава Киберполиции: «Ваш сын в полиции» приносит мошенникам на «зоне» миллион гривен в сутки» [Chief of Cyberpolice -- «Your Son in Prison Scheme Brings Crooks in prison Million of Hryvnas a Day»] The Economic Truth, January 15, 2018.

21. Ministry of Defense of Ukraine. 2013. “Головне управління зв'язку та інформаційних систем Генерального штабу Збройних Сил України” [Department of Communication and Information Systems of the General Staff of the Armed Forces of Ukraine].

22. Cornish P., Livingstone D., Clemente D., Yorke C. 2010. “On Cyber Warfare” Chatham House (November 2010).

23. Ismail, Nick. 2019. “Cyber war is here, according to 87% of security professionals”. Information Age (March 19, 2019).

24. Dombrowski, Peter and Demchak, Chris C. 2014. “Cyber War, Cybered Conflict, and the Maritime Domain,” Naval War College Review: Vol. 67, № 2, Article 7.

25. United States Senate Committee on Armed Services. 2017. “Joint statement for the Record to the Senate Armed Services Committee on Foreign Cyber Threats to the United States” (January 5, 2017).

26. Gorbulin, Volodymyr. 2015. “В поисках асимметричных ответов: киберпространство в гибридной войне” [Searching for Asymmetric Response: Cyberspace in Hybrid Warfare]. The Mirror of the Week: Vol. 6, February 20,

27. Ukrainian Multimedia Platform for Broadcasting. 2018. “Кремль націлений на гібридні, а не військові операції проти України -- Вершбоу” [Kremlin Aims at Hybrid not Military Operations against Ukraine -- Vershbow]. December 20, 2018.

28. Presidential Decree On Strategic Defense Bulletin of Ukraine. June 6, 2016, № 240.

29. Law of Ukraine On Intelligence Agencies of Ukraine 2001. Consolidated, May 9, 2018.

30. Presidential Decree On enhancing of guidance, coordination and control over the activity of the intelligence agencies of Ukraine. January 30, 2015 № 42.

31. Presidential Decree On the Concept of Development of the Security and Defense Sector of Ukraine. March 14

32. Lewis, James. 2018. “Economic Impact of Cybercrime -- No Slowing Down”. McAfee Report: February, 2018.

33. Pavlovska, Anastasiya and Halimon Zarina. 2018. “Кібербезпека у банківському секторі: чи допоможе IT-out- sourcing?” [Cyber Security in Banking Sector -- Will IT-Outsourcing Help?]. Juridical Newspaper: Vol. 10, March 6, 2018.

34. The Washington Post. 2018. “Russian military was behind `NotPetya' cyberattack in Ukraine, CIA concludes”, January 13, 2018.

35. Decree of the National Bank of Ukraine, September 28, № 95.

36. National Security and Defense Council of Ukraine. 2016. “О. Турчинов: Національний координаційний центр кібербезпеки повинен мобілізувати весь наявний потенціал для забезпечення надійного кіберзахисту країни” [O. Turchinov -- National Cybersecurity Coordination Center Should Mobilize All Capacities for Cyber Protection of State]. July 11, 2016.

37. Presidential Decree on the National Cybersecurity Coordination Center, June 7, 2016, № 242.

38. Security Service of Ukraine. 2019. “На базі СБУ проходять міжнародні навчання із забезпечення кібербезпеки систем ЦВК” [On the basis of the SSU International Training Is Going On to Ensure Cyber Security of the CEC systems]. ssu.gov. ua, March 6, 2019.

39. RBK-Ukraine. 2019. “Аваков рассказал о кибератаках на сервера ЦИК в день выборов” [Avakov Told about Cyber-Attacks on CEC Servers on the Day of Elections]. April 2, 2019.

40. Law of Ukraine On National Security 2018.

41. Tkachuk, Nataliya. 2019. “Стан та проблемні питання реалізації Стратегії кібербезпеки України” [State and Problematic Issues of Cybersecurity Strategy Implementation]. Information and Law: Vol. 1 (April, 2019).

42. Order of Cabinet of Ministers of Ukraine “On Approval of Cybersecurity Strategy Implementation Plan for 2016”, June 24, 2016, № 140-р.

43. Order of Cabinet of Ministers of Ukraine “On Approval of Cybersecurity Strategy Implementation Plan for 2017”, March 10, 2017, № 155-р.

44. Order of Cabinet of Ministers of Ukraine “On Approval of Cybersecurity Strategy Implementation Plan for 2018”, July 11, 2018, № 481-р.

45. European Union Agency for Network and Information Security. 2016. “Review of Cyber Hygiene Practices”. enisa. europa.eu (December, 2016).

46. MITRE. 2018. “Ukraine National Cybersecurity Strategy Assessment and Recommendations, prepared for the Government of Ukraine”, January 20, 2018.

47. Security Service of Ukraine. 2017. “Recommendations on Protection Against Virus Petya” Facebook, October 27,

48. CERT-UA. 2018. “Recommendations”. Cert.gov.ua, January 13, 2018.

49. Cyberpolice of Ukraine. 2019. “Cyberpolice Gave Recommendations on Protection of Bank Acounts”. cyberpo- lice.gov.ua, June 7, 2019.

50. Decision of the National Security and Defense Council of Ukraine, August 23, 2016.

51. Decision of the National Security and Defense Council of Ukraine, April 28, 2017.

52. Decree of Cabinet of Ministers of Ukraine, February 21, 2018, № 336.

53. Korsun, Konstyantyn. 2018. “Пропоную загальну концепцію побудови альтернативної системи кібербезпе- ки України” [Suggestions on Common Concept for Building Alternative Cyber Security System of Ukraine] Ukrainian multimedia platform for broadcasting. November 12, 2018.

54. Tkachuk,Nataliya.2018.“Організаційно-правовізасадиформуванняперелікуінформаційно-телекомунікаційних систем об'єктів критичної інфраструктури держави” [Organizational and Legal Framework for Formation of the List of Information and Telecommunication Systems of the Critical Infrastructure of the State]. Information and Law: Vol. 24, December, 2018.

55. Carr, Madeline. 2016. “Public-Private Partnerships in National Cyber-Security Strategies”. International Affairs 92: Vol. 1 (2016) 43-62.

56. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union.

57. Law of Ukraine on Protection of Information in Information and Telecommunication Systems 1994. Consolidated, April 19, 2014.

58. National Institute for Strategic Studies. 2018. “Analytical Report to the Annual Address of the President of Ukraine to the Verkhovna Rada of Ukraine “On the Internal and External Situation of Ukraine in 2018”. niss.gov.ua,

59. Ismail, Nick. 2017. “The Rise of Cybercrime Continues to Accelerate”. Information Age: July 28, 2017.

60. Morgan, Steve. 2018. “Cybercrime Damages $6 Trillion By 2021”. Cybersecurity Ventures: December 7, 2018.

61. Lashchenko, Olesya. 2018. «Ми фіксуємо постійні кібератаки з території Росії -- керівник кіберполіції України» [We fix constant Cyberattacks from the Territory of Russia -- the Head of Cyberpolice]. Radio of Freedom, September 11, 2018.

62. Interfax Ukraine. 2018. «Демедюк: Штрафовать простых людей за VPN мы не собираемся» [Demedyuk: We Are Not Going to Fine Common People for Using VPN]. interfax.com.ua, May 18, 2018.

63. Nekrasov, Vsevolod. 2016. «Легкі гроші: Україна перетворюється на Мекку для кіберзлочинців» [Easy Money -- Ukraine is Turning into Mecca for Cybercriminals]. The Economic Truth, March 28, 2016.

Размещено на Allbest.ru