SHC “AICЕM” DATA PROTECTION WAS STRENGTHENED WITH THE SUPPORT OF THE INTERNATIONAL FUND “RENAISSANCE” IN THE CONTEXT OF LARGE-SCALE RUSSIAN AGGRESSION AGAINST UKRAINE
As a part of the project SG54982 “Strengthening of the data protection (including personal data) of the SHC “AICЕM” under war conditions”, which was implemented by the SSI “Institute of Educational Analytics” (SSI “IEA”) in January-April 2023, the research and development of methodological and practical approaches to improving the efficiency of data protection of participants in the educational process (including personal data) by improving the comprehensive system of countering cyber threats that impede the sustainable operation of the SHC “AICЕM” in the context of the russian aggression against Ukraine was ensured. In particular, the security audit of SHC “AICЕM” to identify necessary improvements has improved the control of information flows, facilitated the detection of attempts to enter the network and prevented unauthorized access to system resources.
The feasibility and timeliness of the implementation of the SG54982 project is determined by a number of factors, in particular, in the context of martial law, cyber protection becomes particularly relevant.
According to the report of the American company Microsoft, in the first two months of the war, hacker groups associated with russia carried out more than 230 cyberattacks against Ukrainian enterprises and state institutions.
Attacks were often aimed at destroying their computer systems. Hacker attacks were also directed at SHC “AICЕM” – the state information system of education management of the Ministry of Education and Science of Ukraine with the SSI “IEA” as its technical administrator.
According to the Resolution of the Cabinet of Ministers of Ukraine No. 1255 dated 02.12.2021, the technical administrator, inter alia, must provide an integrated system for the protection of verified information; implement measures for the cryptographic and technical protection of information; preserve the information processed in the automated control complex; ensure personal data security, etc. All this is complicated by persistent cyber threats to educational information systems and databases in the form of hacker attacks (DDOS, fishing, SQL injections, etc.).
The threat to SHC “AICЕM” is the loss of data reliability and integrity, and personal data leakage. This requires the use of reliable information security mechanisms and stricter requirements for orderly access to it.
The above-mentioned led to the need for additional research and development of methodical and practical approaches to increase the effectiveness of data protection of participants of the educational process (incl. personal) in the conditions of cyber attacks on the SHC “AICЕM” as part of russia’s large-scale armed aggression against Ukraine. It is also necessary to carry out a security audit of the SHC “AICЕM” to identify the necessary improvements that will strengthen control over information flows, facilitate the detection of network intrusion attempts, prevent unauthorized access to system resources, and also ensure the preservation and integrity of the data in the information system.
All of the above became possible with the support of the International Fund “Renaissance”.
Among the main results of the project implementation, the following should be noted:
- Conducting a comprehensive study to develop methodical and practical approaches to increase the effectiveness of the data protection of the participants in the educational process (including personal data) under the cyberattacks on the SHC “AICЕM” under the large-scale armed aggression of the Russian Federation against Ukraine;
- Conducting a security audit of the SHC “AICЕM” to identify the necessary improvements that will strengthen control over information flows, facilitate the detection of network intrusion attempts;
- Creation of a new, and improvement of existing IT tools and mechanisms for software and hardware protection of the data stored in the SHC “AICЕM” under russia’s armed aggression and cyber war against Ukraine.