[excircul]

Minister of Digital Transformation of Ukraine Mykhailo Fedorov believes that the role of cybersecurity in today's world is exaggerated.

He said this in an interview with LB.ua [1].

"I think the role of cybersecurity is a bit exaggerated. There is a lot of talk about it, but in fact few can name any real cases of cyber threats. Let me give a simple example. When we came to the President's Office, the IT team showed dashboards with a thousand attacks a day, overloaded servers, etc. Two weeks later, we fired them, and nothing happened for several months while we were assembling a new team." - Fedorov said.

[1] https://en.lb.ua/news/2019/11/29/8183_role_cybersecurity_sli...

[vlovich123]

To all the ones making fun, yes his point about firing and it being fine is a problem. However, any IT team that shows me a dashboard that can actually measure attacks I’m going to be skeptical of. At best you’re seeing probes and you don’t know the intent until it’s too late and then you comb through the logs and find breadcrumbs that no monitoring tool told you about. A port scan is not an attack.

The more likely story is the IT team used this as a way to try to get more budget because politicians don’t respond to anything else (whether or not the budget is justified, impossible to say from the outside). Or they were incompetent and truly believed their firewall was measuring attacks and they stopped them all.

Overloaded servers likely is just bad engineering because there’s many tools (many/most free or incredibly cheap) to help with that. Heck, SO, one of the most trafficked sites on Earth, ran on a number of Xeon machines. I suspect their IT infrastructure was poorly optimized.

[have_faith]

> we had no way of knowing what was happening but we know nothing happened

[nefitty]

"The doctor told me I have a brain tumor. I don't feel sick. I ignored him. It's been two weeks and I feel fine."

[imdsm]

2 years later:

[routerl]

I mean... if you can't be a good example, be a warning?

[raxxorrax]

Firing IT is the worst you can do for IT security. I would still check if maybe they gave out the means to deface the site though...

Honestly there is merit to the claim in my opinion. The security industry is full of scam, now even formerly reputable providers begin to sell very flawed solutions. But internal IT is not part of that.

It is also a care about doing a sensible risk analysis. Your web server should maybe be isolated from critical systems as any other system the public can interact with.