The State Service of Special Communication and Information Protection of Ukraine: War in Ukraine: Pulse of Cyber Defense – Monthly analytics, June, 2022
UKRAINIAN CYBERHUB
The largest since World War II, war on the European continent continues not only on the land and in the air, but also in cyberspace. The State Service of Special Communication and Information Protection of Ukraine is responsible for the standards of cybersecurity in the country and takes an active part in its defense. The lessons of this war are extremely important for enhancing the protection of democratic states attacked by aggressive countries like russia.
In this regard, the SSSCIP initiates making available a public analytical report on the state and means of cyber defense. The SSSCIP CyberHub will make public its data and conclusions that may be used by the global cyber community for their own defense.
Statistics of cyberattacks, H1 2022 – 802, H1 2022 – 548; in total for six months: 1350
Highlights
- russian hackers do not seem to be curtailing their activity. Instead, they are still trying to attack Ukrainian infrastructure and even descending to civilian targets
- All the cyberattack methods used by russians are well known, there are no high-complexity or hardly identifiable ones among the latest cyber incidents. Phishing accounts for around 60 to 70% of russian hacking attacks on Ukraine’s public sector, recorded by the CERT-UA
- Current russian war against Ukraine has given mature democracies some extra evidence that it is no one but russia behind aggressive attacks on critical infrastructure all over the world
- The response to such attacks should be collective, joint and united. A collective security policy is the only way for all of us to defend ourselves efficiently
- New methods of cyber defense are being shaped here in Ukraine through successful resistance to attacks. The key elements of cyber defense are sufficient funding at the national level as well as at private companies managing critical infrastructure, efficient use of these funds, cyber hygiene at all levels, and extensive international cooperation
Details:
- Top sectors targeted by russian hackers
• Government and local authorities
• Security and defense
• Energy sector
• Financial sector
• Commercial sector
• Telecommunication sector and
developers
• Transport sector - Phishing emails help russian hackers steal user account data and use compromised accounts to distribute spyware or destruction software. Their proficiency in creating phishing emails has reached a high level over the years of regular cyberattacks on Ukrainian infrastructure.
- russian cyber troops show that their actions are tightly coordinated with land and missile assaults
- Attacks on energy infrastructure never stop since the Ukrainian energy system was disconnected from russia and synchronized with the EU.
- Sharing threat indicators and joint training exercises of cyber defense specialists working for the public sector are the two primary aspects of the collective cybersecurity system. Deeper integration of Ukraine into the CCDCOE will contribute to setting this system up. In late May, the Ukrainian delegation participated in a meeting of the NATO Cooperative Cyber Defence Centre of Excellence for the first time.
- Come Back Alive is one of the largest charitable foundations that supports Ukrainian soldiers, founded by the IT specialist Vitaliy Deynega. The organization collected more than 210 million UAH (more than $7M) in 2014. According to Na chasi, the Patreon page Come Back Alive is in the top ten projects by the number of financial donations.
- Army SOS, which develops drones;
- Everybody Can, an organization that supports internally displaced people;
- Help on the Ministry of Defense website.