Main Highlights of the Week: October 3-9

Executive summary

For several years now, our country has been participating in the global initiative to draw attention to cyber protection and from October 1 to 31 holds the «Cyber Security Month».

This year, this event is particularly important: russia has unleashed a full-scale bloody war against Ukraine and is trying to destroy us not only with tanks, shells and missiles. And attacking in cyberspace. Under the «sight» of hostile hackers are state institutions, critical infrastructure facilities, the military, and the civilian population. Cybercriminals can use anyone to destroy vital systems and services. ¹

«Work on strengthening the protection of our state against russian cyberattacks continues daily and around the clock. During the Cyber Security Month, we want to focus the attention of Ukrainians on the fact that we must all work together to resist the enemy. The world’s first cyber war is underway, and working together to strengthen cyber defenses will allow Ukraine to defeat russia on this front. Now more than ever, it is important for citizens to follow the rules of cyber hygiene. Representatives of critical infrastructure facilities should conduct an audit of their systems, be in constant contact with our Government Computer Emergency Response Team CERT-UA. It is everyone’s responsibility to take care of their own cyber security, thereby protecting the country as well,» stressed Yuriy Shchygol.

The head of the State Service of Special Communications also reminded that Ukraine actively cooperates with international partners in the field of cyber protection. Thus, at the end of September, the second cyberdialogue «Ukraine-EU» took place, where, in particular, the issue of repelling russian cyberattacks was discussed. ²

Ukraine and the EU exchanged views on the current threat landscape, including numerous cyberattacks against Ukraine’s critical information infrastructure that began before the full-scale invasion began in February and continue to this day.

The participants noted that thanks to close cooperation between the EU and other international partners in the field of cyber security and cyber defense, Ukraine has demonstrated a remarkable ability to resist cyber attacks and protect its critical infrastructure.

Ukraine and the EU talked about the current state of their respective institutional potential in the field of cyber security, about responsibilities and changes in policies and legislation, including changes in the Directive on the security of networks and information systems (NIS Directive). Attention was also paid to Ukraine’s efforts in developing its own policies and legislation in the field of cyber security and bringing its institutional and legislative framework to EU standards.

Ukraine noted that the unjustified aggression on the part of the russian federation is another evidence of the importance of international cooperation in the field of cyber security. The Ukrainian side emphasized that cyberspace has no borders, and in order to be resistant to cyber threats, we are joining forces to build an effective system of collective protection against hacker attacks.

The Ukrainian side also emphasized that the agenda of the second cyber dialogue «Ukraine-EU» is dictated both by the need to strengthen cooperation between Ukraine and the European Union, and by the implementation of joint projects in the field of cyber security against the background of the military aggression of the russian federation against Ukraine and in view of granting Ukraine the status of a candidate in EU members.

During the dialogue, the participants noted that the implementation of the Cyber Security Strategy of Ukraine for 2021-2025 is an important step on the way to strengthening cyber security and gaining the status of a full member of the EU.

The EU will continue to provide coordinated political, financial and material support to Ukraine to strengthen its cyber resilience. Participants agreed to further strengthen their efforts to ensure cyber security. Representatives of Ukraine and the EU emphasized the importance of promoting dialogue on cyber security issues and achieving further concrete operational results. The EU has allocated EUR 29 million to Ukraine to strengthen its resilience in countering cyber and digital threats. Of this amount, €10 million was used to purchase hardware and software for digital security and provide other relevant support, while the remaining €19 million is intended to support sustainable digital transformation. ³

Ukraine in cyberspace

Since the beginning of the war, the SSU has neutralized almost 3,500 cyber attacks on government bodies and infrastructure facilities. ⁴

The Main Directorate of Intelligence of the Ministry of Defense of Ukraine foiled the provocation of the russians against the general director of the Baykar Defense company, Halyuk Bayraktar. ⁵
The cyber police exposed a large-scale bot farm, which had more than 50,000 bots in social networks and mail services and spread fakes and propaganda about the war in Ukraine. ⁶
Favbet Tech company specialists joined the initiative of the Ministry of Digital Transformation and joined the ranks of the IT army. ⁷ According to the CEO of the company Artem Skrypnyk, cyber resistance has now become part of the work of almost the entire team under his leadership.⁸
Ukraine is developing cooperation with the EU Agency for Network and Information Security (ENISA). Launched in 2019, the project aims to support the Eastern Partnership countries in the development of their cyber potential and legal framework, as well as to promote the compatibility and convergence of legal frameworks, best practices and cooperation. ⁹

russia in cyberspace

The status of russia as a country-in-exile was confirmed by members of the International Telecommunication Union. ¹⁰
Hackers of the russian federation began to carry out cyber attacks on targets inside their country. ¹¹
The russian authorities plan to use «white hackers» to check the portal of «public services» in connection with numerous hacks. ¹²
The Ministry of Digital Affairs of the russian federation proposes to introduce fines for data leaks for companies and their officials. ¹³

Cyber attacks on russia

Dos/DDos:

The following sites were attacked http://militarist.ru/¹⁴ and https://alfabank.com/¹⁵

The IT Army of Ukraine attacked:

online store chains where russians can buy drones: citilink, ¹⁶^,¹⁷ mvideo, ¹⁸ and another 72 specialized stores; ¹⁹
cartographic and geo-information systems, in particular one of the largest similar systems of the aggressor’s country – 2GIS; ²⁰
Sber ID, a Sberbank service for logging into websites and applications; ²¹^,²²
marketplace ²³^,²⁴

Deface:

The IT army of Ukraine hacked the site of the collective security organization (Collective Security Organization) to «congratulate» Putin on his birthday. ²⁵

Malware:

Kelvinsecurity was attacked by the russian companies «DEKS» LLC, IP Duvanova Svetlana Petrovna and «Bio Les» LLC. ²⁶

Data leakage/destruction:

Anonymous stole the passport data of a russian influencer who called for the massacre of Ukrainian women, and blocked her bank account. ²⁷
The OneFirst group deleted the database of the russian satellite communication network «Gonets», without which the network cannot function normally. ²⁸

Other:

The IT Army of Ukraine and Anonymous conducted a successful joint operation «Silence of the Steppe» as a result of which hundreds of office routers of ISPs and other companies across russia were disabled. ²⁹