Ukraine is sharing hackers' tricks with the US

KYIV (NYTIMES) - Ukraine has continued to block Russian efforts to penetrate its computer networks since Moscow invaded the country in February and has been sharing information with American authorities about previously unknown hacking techniques, the US Cyber Command said Wednesday (July 20).

The new techniques had been discovered over the past few months, and on Wednesday the United States and Ukraine jointly made public 20 new indicators of possible Russian intrusion into computer networks that use previously unknown forms of malware, the command said.

Ukraine has demonstrated a remarkable ability to hunt down and block Russian attacks on its networks, US and allied officials say. While the US government and tech companies have helped stop some of those attacks, officials say that Ukrainian network defenders, trained by Britain and the United States, deserve much of the credit.

The joint release of information served as a demonstration of the continued cooperation between the US officials and Ukraine's domestic intelligence agency, even though President Volodymyr Zelensky of Ukraine recently removed his intelligence chief, Ivan Bakanov.

Zelensky said Bakanov had not been aggressive enough in weeding out traitors and cited hundreds of treason investigations into members of Ukraine's law enforcement.

US officials have said they believe they still have secure ways of cooperating with trusted members of Ukraine's intelligence services and that the firing of Bakanov would not affect intelligence sharing.

By making the new forms of Russian malware public, the US Cyber Command said, it hopes that American companies will be able to bolster their defences against potential cyberattacks.

"These indicators of compromise were shared with us by our Ukrainian partners to enable industry to take action and assess their own networks," said Maj. Katrina Cheesman, a spokesperson for the Cyber National Mission Force, a wing of Cyber Command devoted to thwarting hackers.

Since starting the war in February, Russia has stepped up efforts to use computer network intrusions to collect information around the world, according to Microsoft.

Still, Moscow has largely held off from mounting major cyberattacks against critical infrastructure belonging to the United States and its allies.

US officials say the threat of a Russian cyberattack remains serious, but so far Moscow appears to have been deterred from attacking the United States.