Main Highlights of the Week: October 10-17

Executive summary

Ukrainian cyber society immediately after the start of the war moved to an active counterattack on the cyberfront and forced the enemy to spend serious resources on its defense. ¹

Cyber police informs that hacker groups sponsored by the russian government do not leave attempts to attack Ukrainian internet infrastructure. Websites and services of the government sector, private companies, and even the devices of ordinary citizens can be exposed to cyber attacks. In order not to become a victim of criminals, it is necessary to adhere to several simple rules. ²

«We are 100% sure that even after the end of the war, the number of cyber attacks will increase exponentially. After all, we live in a new world, when bombs may not be dropped, but critical infrastructures will be hacked, so the private sector should help the state,» – cyber security expert, co-founder and CEO of Cyber Unit Technologies Yehor Aushev said. ³

russia Position in Cyberspace

A crowdsourcing project called DDOSIA launched in mid-August by a russian-speaking group called «NoName057(16)» has been discovered, paying volunteers to carry out DDoS attacks on Western organizations. DDOSIA has about 400 members and remains a semi-closed group, accepting new members by invitation only. 60 military and educational Ukrainian organizations are regularly on the list of targets. ⁴

The Ministry of Digital Affairs of russia has launched special projects to combat cyber threats for citizens. ⁵
Hackers from the Killnet group temporarily disabled 14 websites of American airports, including LaGuardia, O’Hare and Los Angeles airport. Important communications were not affected. ⁶
Killnet attacked the site of the administration of the President of Bulgaria, as well as the sites of a number of state bodies in Bulgaria from the russia city of Magnitogorsk. ⁷

Cyber attacks on Ukraine

Dos/DDos:

Powerful DDoS attacks on links to the Monobank fundraiser for the purchase of kamikaze drones: up to 6 million packets per minute inbound + 11 Gbps traffic, which is 35 times more than normal. ⁸

Phishing/Malware:

Microsoft recorded that since October 11, a ransomware cyberattack was launched against transport and logistics companies in Ukraine and Poland.⁹

Cyber attacks on russia

Dos/DDos:

The IT army of Ukraine gave a cyber response to the terrorist attacks on October 10, attacking the St. Petersburg power company: part of the Leningrad region was left without electricity. All data, documents, passports and orders are posted online. ¹⁰

The IT army also attacked:

Tinkoff Bank, Gazprombank and Otkritie Bank; the tax service of the russian federation, brokers finam.ru, solidbroker.ru and financial marketplace banki.ru; rt.com (TV channel “russia today”), Ivi.ru. ¹¹^,¹²^,¹³^,¹⁴^,¹⁵

Drain Information:

Hackers from the Cyber Anarchy Squad hacked the russian Unified Identification and Authentication System (ESIA) and exposed the data of thousands of russian entrepreneurs registered on the Derzhposlug portal for public access. ¹⁶