2019-10-23, 16:00–16:45, Europe
Since 2014 Ukraine is under cyberwar.
Energy grid attack BlackEnergy switched off electricity for 230,000 people for 6 hours. NotPetya attack effected ~30% of Ukrainian economy. Airports, railways, banking system, media, critical infrastructure had been attacked by Russian cyber groups (Telebots, BadRabbit, GrayEnergy).
But have those attacks strengthened national cybersecurity system of Ukraine?
Ukrainian cyber activists (hacktivists) checked that and published some shocking results.
This activity got the name #FuckResponsibleDisclosure (#FRD)
My talk is a historical retrospective of #FRD: when and how it started, what emotions it caused in Ukraine, how officials and resources’ owner communicated with hacktivists and others. How #FRD influenced on national cyber security and what local Cybersec-community thinks on #FRD.
The preso contains plenty of expressive screenshots.
I researched #FRD as a unique activity in modern cybersecurity world.
The main goal of #FRD is to increase cybersecurity level in Ukraine.
However Ukrainian cyber activists used controversial methods to get this goal publishing indicators of low level of cyber protection in Governmental institutions and critical infrastructure objects.
What was right/wrong in #FRD and how it influenced on national cybersecurity?
This is the matter of the research.