03.10.2022

Main Highlights of the Week: September 28-October 2

Executive summary 

Criminals are often behind cyberattacks on various structures, but states also use cyberspace to spy on companies and politicians, spread disinformation, and interfere in democratic processes. Modern wars are fought not only with ammunition and cruise missiles, but also with bots and malware. Cyber ​​technologies have now become part of modern warfare, as evidenced by russia’s war of aggression against Ukraine. Cyber ​​technologies have become a weapon in the hands of the russians. This was said by German Foreign Minister Annalena Burbock in a speech at the “Shaping Cyber ​​Security” conference in Potsdam. 1

“The illegal and brutal aggression committed by the russian federation radically changed the situation in Ukraine. Representatives of the aggressor country are also present here and talk about progress and standards. But the reality is that the russian federation has turned into a weapon even communication, which should work in the interests of well-being and development”, – the head of the State Service of Special Communications of Ukraine Yury Shchygol made such a statement at the conference of the International Telecommunication Union (ITU). 2

Oleksandr Potii, deputy head of the State Service of Special Communications, noted at the international conference “Formation of Cyber ​​Security” that the current decrease in russian attacks can be explained by the “preparation period” for future ones. To effectively counter russian hackers, EU and NATO countries must focus efforts on strengthening cyber resilience and preventing aggression in cyberspace. It is important to strengthen the rapid response teams for such incidents, work together on standards, build mutually beneficial partnerships and joint teams to counter cyber aggression. “But the main goal for all of us is threat awareness. Digital security and cyber hygiene should be a part of everyday life for both the average citizen and every executive. Security standards are the line between us and the enemy. And this limit is in any smartphone, computer, registry and company system,” the deputy head of the State Service of Special Communications emphasized.

According to him, several important lessons can be learned from the world’s first cyber war:

  • Cyber ​​attacks on Ukraine serve to support russian military and political operations. Criminal groups are well coordinated by special services: GRU, FSB, russian General Staff.
  • Extorting money and ransom are not the real goals of cyber attacks. The enemy intends to collect information (on both public and private infrastructure, as well as on ordinary citizens). He works to destroy the information infrastructure, to spread panic and mistrust of the government among people.
  • the russian federation deliberately attacks civilian infrastructure and civilian targets.

We must be ready for the next attacks. 3

Ukraine in Cyberspace

  • The SSU neutralized a hacker group from Lviv, which hacked almost 30 million accounts of Ukrainian and EU citizens and sold their personal data on the darknet. 4
  • The Main Intelligence Directorate of the Ministry of Defense of Ukraine found out that the russian occupiers are preparing massive cyberattacks on critical infrastructure facilities, in particular on enterprises of the energy sector of Ukraine and its allies. 5
  • The Government Computer Emergency Response Team of Ukraine CERT-UA, which operates under the State Service of Special Communications, has published recommendations for avoiding cyberattacks and ensuring the protection of information systems, having investigated dozens of targeted attacks aimed at disabling information and communication systems and violating privacy information that is processed in. 6

russia in Cyberspace

  • In connection with the large number of cyberattacks, putin signed an order to create a special unit to combat cybercrimes in the Ministry of Internal Affairs of russia. 7
  • IT specialists are leaving the russian federation because of the mobilization, fearing that it will not be the last. ANO “Information Culture” believes that 100,000 IT specialists, who have potentially left, is the minimum from which one should start. 8
  • The russian Ministry of Digital, in order to develop the IT sphere in the public sector, is gathering specialists in the field of information technologies in the personnel reserve. 9
  • EU countries propose to ban the russian cyber security company Kaspersky Lab as part of sanctions against r 10
Cyber attacks on Ukraine

Phishing/Malware:

  • Unknown persons on behalf of the Bihus.Info editors send requests to the state bodies of Ukraine. 11

Data theft:

  • the russian bookmaker 1XBet created a network for collecting personal data of Ukrainians: MelBet, PointLoto, FanSport, BetWinner. 12
Cyber attacks on russia

Dos/DDos:

The IT Army of Ukraine attacked:

  • russian gas stations, namely online services for payment, fuel cards, systems of operatorless fuel leave; 13, 14, 15, 16
  • Moscow Stock Exchange moex.com; 17
  • Sovkombank; 18
  • Goznak, which is responsible for the production of government signs, including the production of banknotes; 19
  • Rosinkas, the largest cash carrier in russia; 19
  • The single state information platform for all participants in the market of precious metals, stones and jewelry; 19
  • specialized online stores for drones. 20, 21

Data leak:

  • There was a leak of user data of the largest electronics store dns-shop.ru. The hacker posted a 6.6 gigabyte file containing the data of 16 million customers. 22