Main Highlights of the Week: June 20-26

Foto — pixabay.com

Executive summary

Microsoft has released data on the number and type of cyberattacks, their targeting, and links to missile strikes on infrastructure [1].

According to the report «Defending Ukraine: Early Lessons from Cyberwarfare», the activities of russian cybercriminals are overseen by three government organizations: the Federal Security Service, the Central Intelligence Agency, and the russian Foreign Intelligence Service.

Microsoft has long said that cyberattacks often precede air and missile strikes. In a recent report, the company published updated data on the following cases:

Meanwhile, the number of DDoS attacks on russian organizations has increased many times since the beginning of the war in Ukraine. Only in March their eightfold increase was recorded. Most attacks were carried out on banks — 35%, on government agencies — a third of attacks, on educational institutions – almost every tenth (9%), on the media — 3% [2]. During the four months of the war, the IT army alone attacked more than 4,200 russian online resources [3].

Strengthening Ukrainian Cybersecurity

Ukraine has approved a delegation for negotiations between Ukraine and the EU on participation in the program of development of modern technologies «Digital Europe». It is a large-scale project worth 7.5 billion euros, which funds research and programs in the field of artificial intelligence, cybersecurity, digital skills and more [4].

russia’s Position in Cyberspace

Against the backdrop of intensified hacker attacks on russia’s IT infrastructure in late February after the start of the war in Ukraine, russia has shown its inability to counter these attacks, a weakness in cybersecurity. Therefore, the largest companies in russia in the field of information security (Kaspersky Lab, R-Vision, specialized units of russian Railways, rosatom, etc.) want to try to join forces in developing joint solutions within the new consortium [5].

Cyber attacks on Ukraine

DeepFake

• Hackers used the appearance of Kyiv Mayor Vitali Klitschko to negotiate with the mayors of Berlin and Madrid [6].

Malicious software

• Cyber attack of the UAC-0098 group on the objects of critical infrastructure of Ukraine using the malicious program Cobalt Strike Beacon [7].
• Cyber attack of the APT28 group using the malicious program CredoMap [8].
• Cyberattack against Ukrainian telecommunications operators using the DarkCrystal RAT malware [9].

Cyber attacks on russia

Malicious software

• Cyberattacks by groups associated with China against russian science and technology companies and government agencies using the Bisonal malware [10].

Data leakage

• Anonymous-related hackers Porteur and B00da merged 69,000 emails (41.1 GB) from the Krasnoyarsk Public Chamber, the largest city in the Krasnoyarsk Territory, russia. Krasnoyarsk is an important junction of the Trans-Siberian Railway, one of the largest producers of aluminum in the country [11].

DDos

• Online resources of russian universities were attacked by the IT ARMY of Ukraine [12].
• State services of the russian Federation were attacked by the IT ARMY of Ukraine [13].
• russian media in border areas were attacked by the IT ARMY of Ukraine [14].