Ukraine’s Cyber Agency Reports a Surge in Cyberattacks in Q2

Ukraine’s State Service of Special Communications and Information Protection (SSSCIP) released a new report this week that revealed a surge in cyberattacks targeting the country over the second quarter of 2022.The report found that the frequency and volume of attacks had increased significantly, with hackers targeting a range of government agencies, businesses, and individuals.

Since Ukraine was invaded, cyberattacks have been happening more. However, in the second quarter of 2022, there was a spike in the number of cyberattacks. This is when Ukraine’s national Vulnerability Detection and Cyber Incidents/Cyberattacks System found 19 billion events. Out of these, 40 to 64 people were shown to have committed cyber incidents. In addition, the number of malicious hacker group activities increased by 38%.

The incidence of critical events originating from Russian IP addresses decreased by eight and a half times in the previous quarter, according to the SSSCIP. This decrease is due to electronic communication networks and internet access services that have implemented measures against IP addresses used by the Russian Federation.

Most of the events now come from IP addresses in the United States, but this does not mean that all of them are from there. IP addresses can be faked, so they are not a reliable source for attribution.

The SSSCIP reports that most registered cybersecurity incidents are linked to government-sponsored hacker groups like Sandworm and Gamaredon. Ukraine’s mass media and government were high-profile targets in the second quarter of 2022.

Cyjax’s Ian Thornton-Trump says this study proves that “secure architecture and best practices are at least as important, if not more so, than security technology”. He also believes that this research has many valuable insights to be found for the “blue team”.

Thornton-Trump forecasts that as the war continues, Russia will increase its cyberattacks: “Russia will use any tool at their disposal to achieve victory, and cybersabotage is an important part of their political and military strategy.”

The tides and ebbs of physical combat can trigger and even stop assaults. I’m sure we’ll see an increase in the use of bugs, particularly Android, Microsoft, and web browsers, to improve the effectiveness of assaults against Ukraine defenders. These will be used to gather intelligence and even disable systems.

We’ve seen a lot of activity in the past few years from state-sponsored groups, but there has been a recent surge in activity from criminal gangs and even lone-wolf hackers. These groups are more likely to be after financial gain, but they can still do much damage.

It’s important to remember that not all attacks are created equal. Some are more sophisticated than others, and some are more targeted. The best defense against any attack is a good offense. Stay vigilant, and keep your systems up-to-date.