22.08.2022

Main Highlights of the Week: August 15-21

Executive summary

Representatives of the Ukrainian authorities for the first time took part in the largest and most prestigious cyber security conference Black Hat USA 2022, which took place in Las Vegas. It was noted that during almost half a year of combating hackers who are part of the russian military machine or supported by russia, Ukrainian specialists not only obtained an extraordinary amount of information about the enemy’s activities, but also demonstrated the ability to effectively use this knowledge to oppose the enemy and strengthen their own cyber resistance. The acquired knowledge should become part of common knowledge that will make it possible to protect the civilized world from such threats.1

British intelligence named Ukraine an effective cyber defender, but russia lost the information war in Ukraine and in the West: «russia’s use of aggressive cyber tools after the full-scale invasion of Ukraine was irresponsible and indiscriminate, and its information operations were shoddy». 2

The American company Microsoft said that a few months before the full-scale invasion of the russian federation into Ukraine, the russian hacker group SEABORGIUM carried out attacks on the Ukrainian government sector. SEABORGIUM’s campaigns are primarily aimed at phishing and stealing user credentials. 3

The enemy is now continuing its disinformation campaigns through its groups, and in the last month or a half has again increased its activity on the cyber front. Now one of their priorities is to reach the regional level: administrations, institutions outside of Kyiv and more precise planning of operations to penetrate critical sectors. 4

Analysts predict an increase in attacks on the russian federation in the second half of the year, as cyber threats to russian business continue to grow due to the unleashed war. Large russian companies intend to increase their cyber security budgets by 15-20%. 5

Ukraine in Cyberspace

  • The Security Service of Ukraine stopped the activities of the «FR Destructor» hackers, who had been terrorizing Ukraine with mass messages about «mining» for the past two years. 6
  • The SSU exposed an underground server center in Kyiv that russian hackers used for cyberattacks against Ukraine. 7
  • With the support of the State Service of Special Communication, Cyberport.institute was created on the basis of the State Biotechnical University – a unique educational institution that will train specialists in cyber security, computer engineering, IT finance, the cryptocurrency market – and many others.8

russia’s Position in Cyberspace 

  • The US is offering a $10 million reward for information about the russian cybercriminals who created the Conti virus. 9
  • Since the beginning of 2022, hackers have stolen more than 300 secret databases from russian companies. According to InfoWatch analysts, the number of leaks this year has increased by 46% compared to the first half of 2021. 5
  • the russians mistakenly dropped a drone for the Armed Forces thanks to IT specialists who hacked russian telegram channels about the occupied Kherson region. There they posted an announcement about collecting aid for a detachment of the russian military. 10
  • The head of Killnet told russian media that the group managed to hack the website of Lockheed Martin, which works in the field of the US defense industry, and obtained 9 GB of «various information». 11
Main Highlights of the Week: August 15-21
Cyber attacks on Ukraine

Dos/DDos:

  • the largest cyber attack on the official website of the State Enterprise «NAEC «Energoatom» since the beginning of the full-scale invasion of the russian f 12
Cyber attacks on russia/belarus

Dos/DDos:

  • he website of putin’s united russia party was attacked. 13
  • More than 600 online resources were attacked by the IT army of Ukraine in the period from August 1 to August 14 14:
  • Online resources of the post of russia
  • Pension Fund of the russian federation
  • Online banking
  • Platforms for video conferences

Deface:

  • Hackers from the United Headquarters of the Resistance (UHR) attacked the «belaruskaliyu» website and posted on it the demand «destruction of Lukashenka’s bandit regime». 15
  • Ukrainian cyber activists hacked television in the occupied Crimea and included Zelensky’s address, reminding whose peninsula it is. 16
Main Highlights of the Week: August 15-21