Назад CyberEast Interview: On Legislative Development and Training Activities on Cybercrime in Ukraine

The CyberEast project, funded by the European Union and the Council of Europe and implemented by the Council of Europe through its Cybercrime Programme Office (C-PROC) based in Bucharest, Romania aims to support cyber resilience of the Eastern Partnership countries. The project builds on previous capacity building efforts in the Eastern Partnership region and on the good cooperation relationships developed along the years. What is less brought to the foreground, however, is the human factor and the work of individuals driving the progress forward in the country. In this interview you can meet Vladyslav Shkolnikov, from Ukraine.
Ukraine
  • Diminuer la taille du texte
  • Augmenter la taille du texte
  • Imprimer la page
  • Imprimer en PDF
CyberEast Interview: On Legislative Development and Training Activities on Cybercrime in Ukraine

C-PROC: Please introduce yourself and the work that you do. What are the reasons for your interest in cybercrime?

Vladyslav Shkolnikov: My name is Vladyslav Shkolnikov and I work as lecturer of the Department of Information Technology and Cyber Security at the National Academy of Internal Affairs (Kyiv, Ukraine). I am responsible for training courses in crime analysis and cybercrime investigations for final-year cadets and current police officers. My practical work in the Police of Ukraine began as an operative officer of the unit of combating economic crime. After advanced training at the National Academy of Internal Affairs and obtaining a master's degree diploma I worked within the analytical unit of the Police, where I was involved in combating crimes committed with the use of modern information technology. I am currently writing a PhD thesis on «Obtaining information from the Internet during pre-trial investigations». Since 2017 I have been actively cooperating with the Parliament of Ukraine in the development of laws related to law enforcement activities. Understanding the current challenges in cyberspace and having relevant experience in this field, I decided to start research and coaching activities at the National Academy of Internal Affairs.

Any crime investigation must begin with analytics, especially during cybercrime investigations when the flow of information is simply incredible. Implementing that idea, the Crime Analysts Training Center (CATC) was established by the leadership of the Academy headed by rector Volodymyr Cherniei, in close cooperation with the Head of the Crime Analysis Department of the National Police of Ukraine, Roman Bilous. The National Academy of Internal Affairs has established cooperation with companies such as Microsoft, Google, IBM and ESRI to ensure the effective operation of the CATC. Today, the CATC’s activities are aimed at improving the technical skills of current employees of analytical units and Cyber Police. I have already conducted an online training course on the specifics of using Microsoft software products during crime analysis for 50 current employees of analytical units and Cyber Police. In June 2020 an online training course on the specifics of using IBM software products during crime analysis is planned.

Another area of my activity is cyber hygiene courses. This kind of training was conducted for 500 cadets and police officers using the training platform of the Estonian company CybExer. This was possible as a result of a Memorandum of Cooperation between the National Academy of Internal Affairs and the International Cyber Academy in close cooperation with the Ukrainian professional cybersecurity company Information Systems Security Partners (ISSP).

C-PROC: What are the main challenges for combating cybercrime in Ukraine, in your opinion?

V.S.: The main problems that arise are related to the specific features of cyberspace that it is transnational and has no limits. In such circumstances, the effective exchange of information and close cooperation with the private IT sector are the basis of Ukrainian success in combating cybercrime.

Also, there is an urgency to improve existing legislation in cybersecurity and cybercrime investigation. It should be noted that the responsible area of the Committee of the Verkhovna Rada of Ukraine on Law Enforcement is the legislation development in the field of combating cybercrime in the Parliament of the current (IX) convocation. This is the first time that the Parliament of Ukraine has singled out this issue in a separate task. This will facilitate the adoption and improvement of relevant legislation. In addition, the Committee of the Verkhovna Rada of Ukraine on Digital Transformation is responsible for developing legislation in the sphere of cybersecurity. Great progress is being achieved in this direction and the Committee has worked out draft legislations “On cloud services” and “On electronic communications”, as well as other relevant subjects.

C-PROC: How much of an impact did the COVID-19 pandemic have on the situation with cybercrime and cybersecurity in Ukraine, in your opinion?

V.S.: According to the CERT-UA State Service of Special Communication and Information Protection of Ukraine the number of cyberattacks and cyber incidents have increased. During March-May 2020 around 15,000 cyber incidents and 88,000 suspicious events on critical infrastructure were registered.

Moreover, there is an increase of Internet fraud, phishing attacks and dissemination of fake information. Nevertheless, Ukrainian law enforcement agencies are effectively countering these threats. The Cyber Police has developed and launched a powerful information campaign on safe behavior in cyberspace and peculiarities of Internet fraud during quarantine.

In addition, the Cyber Police offers two cybercrime prevention services. The Cyber Police website offers the possibility to check the number of the bank card, phone or website for fraud in the section "Stop Fraud". Also, the electronic system of cybercrime notification offers anyone the possibility to report an offense related to malware distribution, DoS, DDoS, ransomware attacks, online fraud and other cyber-related crimes.

Finally, it is noteworthy that in May 2020 the Security Service of Ukraine together with the Cyber Police arrested a well-known hacker, Sanix, who was selling personal and financial data of EU and US residents.

C-PROC: As you have been working for quite some time with the Verkhovna Rada of Ukraine on draft amendments to cybercrime legislation, can you describe the main concept of these amendments and what the progress is so far?

V.S.: The issue of combating cybercrime is one of the pressing challenges for Ukraine. The Law of Ukraine «On Ratification of the Cybercrime Convention» entered into force on July 1, 2006, but the criminal procedural legislation of Ukraine does not yet comply with the provisions of the Budapest Convention. This complicates the prosecution of criminals, public-private cooperation and international cooperation in our work to combat cybercrime.

It is necessary to develop appropriate changes to the current Ukrainian legislation. On the initiative of the Chairperson of the Committee of the Verkhovna Rada of Ukraine on Law Enforcement, Denys Monastyrskyi, and with the support of the People’s Deputies of Ukraine a working group was set up to develop amendments which will increase the effectiveness of pre-trial cybercrime investigations and the use of electronic evidence.

As a result, relevant amendments to the Criminal Procedure Code of Ukraine, the Criminal Code of Ukraine, the Laws of Ukraine “On Operative Activity” and “On Telecommunications” were elaborated, which will: enable law enforcement agencies to urgently retain information which will greatly increase the effectiveness of tracking and preventing cyberattacks (implementation of Article 16 of the Budapest Convention); enable to temporarily access to non-personal information provided by Internet service providers (ISPs) in exceptional cases of urgency without court decision (implementation of Article 17 of the Budapest Convention); gain legal access to computer systems that are physically located outside of the location of the search, to overcome logical protection systems, to obtain information about the peculiarities of the functioning of the computer systems and the security measures applied to them (implementation of Article 19 of the Budapest Convention); improve the public-private cooperation between law enforcement agencies and ISP during pre-trial investigations.

The final version of the draft law has already been agreed on and we are ready to bring this issue up for discussion in the Parliament. However, this is not treated as an urgent matter, because the issue of regulation of electronic evidence in criminal proceedings is open. The introduction of this new type of evidence can significantly change judicial and law enforcement practice. Today, the Supreme Court collects and analyzes court cases on the use of electronic evidence in criminal proceedings. Preliminarily, in June 2020 we will have a general picture of the use of electronic evidence in criminal proceedings. Based on this, we will be able to develop effective amendments to the current Criminal Procedure Code of Ukraine regarding the use of e-evidence. The issue of implementation of the Budapest Convention is one of the main priorities in the activity of the Committee of the Verkhovna Rada of Ukraine on Law Enforcement.

C-PROC: Is there anything that the joint European Union/Council of Europe CyberEast project can do to support your work and make a difference in Ukraine?

V.S.: I would like to express great appreciation for the support which is already provided. Despite the COVID-19 pandemic, the CyberEast project continues to operate successfully. The measures proposed by the CyberEast project fully met my expectations. I hope that we will soon be able to hold a First Responder training for investigators at the National Academy of Internal Affairs. Currently, the IT and Cybersecurity Department of the National Academy of Internal Affairs is in the process of improving its training courses in computer forensics and penetration testing. It would be great for us to get assistance from the CyberEast project in this direction, too.