a3f.in.ua

Registry operations have resumed following the attack, but this isn’t the end: what changes can we expect for the system moving forward?

2025-01-21 07:58:54https://news.telegraf.com.ua/ukraina/2025-01-20/5894846-robotu-reestriv-ponovili-pislya-ataki-ale-tse-shche-ne-kinets-yaki-zmini-chekatimut-sistemu
Registry operations have resumed following the attack, but this isn’t the end: what changes can we expect for the system moving forward?

Today, January 20, exactly one month after the large-scale cyberattack by the Russians, the Ministry of Justice of Ukraine reported the complete restoration of all State and Unified registers. Meanwhile, the investigation aimed at determining who is responsible for the temporary suspension of the system's operation is ongoing. At the same time, lawmakers have prepared proposals for legislative changes to prevent such situations in the future. This was stated in a comment to "Telegraph" by MP ("Servant of the People") and honored lawyer of Ukraine Igor Fris, who heads the working group under the Special Commission for eliminating the consequences of the blocking of state registers.

The key state registers, the websites of the Ministry of Justice and the state enterprise "National Information Systems", the "Diia" state services portal, and other critically important systems went offline on December 20, 2024. This occurred as a result of a targeted attack by the enemy. Immediately after the emergency incident, various timelines for restoring the affected systems were mentioned. The first three registers – the Unified Register of Powers of Attorney, the Inheritance Register, and the Unified Register of Special Forms of Notarial Documents – were launched on the 11th day. The restoration of the remaining systems was expected to take an additional 7 to 20 days.

As a result, on January 9, the Unified State Register of Legal Entities, individual entrepreneurs, and public formations (USR) resumed operations. On January 10, the transfer of civil status records from paper documents into the State Register of Civil Status Acts was completed, and the following day they became available in the "Diia" app. According to the Ministry of Justice, the last group of registers was restored on January 20, including the State Register of Rights to Real Estate; the State Register of Encumbrances on Movable Property; the Automated System for Enforcement Proceedings; the Electronic Apostille Register; the Unified Register of Convicted Persons and Persons Taken into Custody; the Automated System for "Bankruptcy and Insolvency"; and the Unified State Register of Persons Subject to the Provisions of the Law of Ukraine "On Lustration".

- We met the deadlines; I even expected that the work would last until January 26, but we managed to complete it by the 20th. Well done, — briefly assessed the work of NAIS and all those involved in the restoration of the registers, Igor Fris said. – However, as of today, notaries and registrars do not have access to the State Register of Property Rights to Real Estate. It is necessary to update the paper information — court decisions, enforcement proceedings, arrests, and prohibitions on alienation that have emerged since December 19 to the present. Once this information is integrated into the system, we can talk about the full resumption of the registers' operations. But predicting how long this will take is difficult.

The MP also emphasized that the question of the status of the state enterprise "National Information Systems" as part of critical infrastructure and the reservation of its employees remains in limbo.

- According to the information from the head of NAIS, on one of the days, a key system administrator, responsible for forming and managing the infrastructure of the state registers, was served a summons, — noted Igor Pavlovich. – I don’t know how this issue was resolved, but a precedent occurred, which is why we said that the Cabinet of Ministers should have made the appropriate decision. However, in response to our inquiry, the Ministry of Defense informed us: NAIS was recognized as a critical infrastructure object until changes in the relevant procedure are made, which is why the enterprise needs to submit documents again. This was mentioned in one letter. In another, it stated that the state enterprise is a critical infrastructure object, but this does not imply an increase in the number of reserved employees (which should not exceed 50% of the conscripted employees – Ed.). The Ministry of Justice assured us that they are in communication with the Ministry of Defense and will persuade them that such decisions are necessary. So, for now, we are witnessing some kind of bureaucratic football in government agencies, which does not lead to a productive outcome.

Regarding personnel changes in the state enterprise responsible for the operation of the registers, and the question of who is to blame (apart from the Russian hackers, of course) for the system's failure, the deputy emphasized: first — the responsibility lies with the Ministry of Justice, and second — with the Security Service of Ukraine. At the same time, Justice Minister Olga Stefanishyna announced, alongside the news of the restoration of state registers' infrastructure, that the investigation within the criminal proceedings opened immediately after the attack is ongoing, as is the internal investigation. Additionally, cooperation with the head of the state enterprise "National Information Systems" has been terminated. This refers to Alexey Berezhny, who has led the enterprise since 2019.

– We requested that during the resumption of the registers' operations, the Ministry of Justice ensure the presence of a professional representative familiar with all the intricacies of the functioning of state registers, – noted Igor Fris. – And it seems to me that the deputy head of NAIS, who has taken on the full weight of this work, is managing absolutely adequately.

Both the Minister of Justice and the MP also reported that the development and approval of mechanisms to secure the state system against enemy cyberattacks are ongoing. In particular, the Verkhovna Rada of Ukraine has already adopted bill No. 11290 in its first reading. "This is an important step. A professional network of cybersecurity specialists will be created in all state institutions that process important data of Ukrainians. This will be part of the same 'Pentagon for state registers'. But this is just part of the plan for strengthening," emphasized Olga Stefanishyna in a message on her Facebook page.

Furthermore, the deputies propose revisiting the issue of restricting access to certain data contained in state registers. The corresponding bill No. 11533 was presented back in late August and agreed upon with the relevant committee.

- I believe that we will consider it in the first reading in the near future, — emphasized Igor Fris, one of the authors of this bill. – We propose to introduce restrictions on access to sensitive information from the register of legal entities and from the register of property rights. This data, if publicly accessible, poses a threat to the defense sector of the state and to the citizens of Ukraine.

And already in the evening, a message appeared on the NAIS page stating that scheduled technical work on maintaining the software of the registers would be conducted by the morning of Tuesday, January 21, so their operation may be unstable.