In the face of a barbaric Russian invasion, the lives of our staff in Ukraine were turned upside down. As our software engineers and other staff evacuate from affected regions, the news has revealed that we are not only dodging mortars and bullets, but also dangerous cyberattacks and malware against Ukrainian business computers. All put together, this raises many questions. Is it safe to outsource to Ukraine? Is our company data at risk? What risk is posed to our clients? Can operations return to normal?
Although Ukrainian businesses and the nation face a terrible enemy, MobiDev is persevering. The data of our company and our clients are all secure. Our Ukrainian team is moving to safe locations, and business operations have returned to normal. Let’s talk about how we plan to remain strong despite this devastating war, and why you should continue to trust MobiDev.
The Business Continuity Plan: How MobiDev is Enduring the Conflict
Since the Crimean Invasion of 2014, we have been well aware of the risks posed by the Russian Federation. The preparations that we made in light of this resulted in us being remarkably ready for the onset of the COVID-19 pandemic. Namely, all the employees are provided with laptops for remote work; all business processes are in the cloud that ensures uninterrupted operation of all the company units.
Today, the precautions we’ve taken have helped us survive this war. We are relieved to report that thus far, MobiDev’s team has suffered no casualties from the violence. We hope and pray that this remains the case in the future.
Most of our engineers and their families have relocated to safe places. According to the company’s business contingency plan, our office in Chernivtsi (a western Ukrainian city, 40 km from the European Union border) has become the core operations center in Ukraine. This has allowed us to return to regular operation on all accounts and guarantees stability for clients and employees.
Chernivtsi team welcomes MobiDev people from Kharkiv
Furthermore, our Ukrainian team is moving out to our office in Lodz, Poland. This is the third-largest city in Poland and marks the beginning of our European Union Research and Development & Operations Center. This is a safe place for our employees to relocate to over the course of the conflict and will serve as a major IT hub for us to continue working with our clients and delivering projects.
Movement out of the war zone has been difficult due to the terrible violence occurring. It took 3 to 6 days for people to reach safety and settle down. However, today MobiDev has returned to 95% of its normal operating capacity. All of our accounts are secured and most of the Ukrainian team have moved to safety. So we are able to return to delivering our projects and continuing to press forward into the future with innovative software solutions.
Supporting Our Staff
As we continue to move staff into our office in Poland, we are committed to supporting them as much as we can. We have decided to pay all employees for their full compensation in March irrespective of the amount of hours they were able to work. We are so thankful for their incredible effort and perseverance against the challenges in the face of unprecedented violence, the threat of cyberattacks, and more.
Keeping people safe is MobiDev’s highest priority. While we are committed to keeping the projects of our clients safe, we above all are focused on the lives and safety of our staff.
The Current State of Cybersecurity in Ukraine
Word has gotten out about dangerous malware that has been spreading through Ukrainian firms around the country. In fact, this malware was detected a month before the beginning of the war, potentially acting as a prelude to the invasion.
The United States Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) released a cybersecurity advisory detailing information about the detected malware. The first of which was dubbed WhisperGate and was detected on January 15th, around a month before the Russian attack. This virus was designed to target Ukrainian business computers and stop them from functioning. Later, on February 23rd, a day before the military attack, malware called HermeticWiper was detected that targeted Windows computers. This virus makes malicious changes to the boot record, preventing the computers from turning on and initializing.
The advisory offered insight on how to respond to the dangerous malware. Although it’s not explicitly stated that the malware originates from the Russian military, it’s entirely likely that this is yet another attempt to disrupt Ukrainian infrastructure and operations.
How MobiDev Ensures Cybersecurity
Naturally, this generates a lot of uncertainty about how the malware is affecting Ukrainian IT companies like MobiDev and their business operations.
However, we are happy to report that we have been well prepared for a cyberattack of this scope, and no data is at risk. Our team has investigated our hardware and software to not only determine if we have been affected by a cyberattack already, as well as to assess what steps we should take to prevent attacks in the future.
Cloud Server Infrastructure
All servers owned by MobiDev and used for data storage, project management, and other services are hosted on Amazon Web Services (AWS). Amazon maintains some of the largest and most trusted and secure cloud services in the world. The Gartner Magic Quadrant for Cloud Infrastructure has recognized AWS for providing extremely high quality, performance, scale, reliability, and security, ranking #1 for ten years in a row.
Importantly, none of these servers are hosted in Ukraine. Even if we set malware aside, no hardware machines in Ukraine are at risk of being compromised even through physical capture by Russian forces. Since this data is stored in the cloud elsewhere in the world, all information our company maintains for our own use and for our clients remains completely secure.
The AWS servers where our data is stored are located in 38 locations around the United States, as well as 42 locations in Europe including Dublin, Germany, and Luxembourg. Our infrastructure remains compliant with GDPR regulations as well. Amazon has more information about their global infrastructure that explains how our data is stored around the world.
Most of the recommendations advised by the CISA and FBI were practices that our company was already utilizing.
- MobiDev’s projects utilize multi-factor authentication, and we also implement Symantec software. This is an antivirus and firewall combined to protect our digital assets. The software functions by blocking all unused ports and only opens these ports when necessary.
- All hard drives are encrypted to prevent them from being compromised by digital and physical methods. We do not exclude any devices from this rule.
- Phishing has been a major topic in cybersecurity this past year, and we continue to take it extremely seriously. Social engineering is a dangerous backdoor into almost any secure network, and we are committed to prevent phishing as much as possible. All emails that we receive are scanned and filtered by Google’s Workspace tool. We maintain a full-time security team that focuses on aspects of defending our company’s assets and data here at MobiDev.
- Another important factor related to security is that the MobiDev network is isolated from the World Wide Web, which makes all the services we utilize protected from outside. The only way to access the MobiDev network with internal services is through VPN. For example, if an engineer is working remotely, they must use MobiDev’s corporate VPN and can only work in one project environment at a time. What this means is that each worker has limited access to company information at any given point in time, meaning that any intrusion, if successful, would only be able to access a limited portion of the company’s data and assets. This also makes it easier for us to contain and remove any threats.
- As always, SSL encryption is used with every service and data that we work with and transfer. This means that all data that we transfer is encrypted.
The Malware Doesn’t Pose As Large of a Threat for MobiDev
The malware that the CISA and FBI have reported, predominantly, targets older, more vulnerable devices that are not in use by our company.
Trust in Ukraine
Already we have seen that the Russian invasion greatly underestimated the resolve of the Ukrainian people, facing fierce resistance from our brave defenders. However, these malware attacks show that the Ukrainian military were not the only targets, but also business operations in Ukraine like ours. Just as we resist the terrible violence across our nation, MobiDev has demonstrated that our cybersecurity remains strong in the face of these attacks. Our continued operations are a symbol of continued resilience and defiance in the face of aggression, imperialism, and bullying.
As our business continues to move back to normal operations and we continue to deliver products to our clients, we invite you to continue placing your trust in MobiDev. Keeping our people safe is our highest priority. And we will continue to work toward realizing an innovative future of technology across numerous industries. Thank you for trusting us, and we’re looking forward to building an innovative future together with you.