29.12.2022

Main Highlights: 14-25 December

Executive summary

Cyberspace is one of the key areas for russian attacks in the war against Ukraine. Since its inception, they have repeatedly tried to hack the websites of government institutions, state-owned companies, mass media, and banks. And according to Elon Musk, they even tried to attack Starlink.

However, according to official reports, most hacking attempts were prevented. This became possible thanks to the coordinated work of the government, as well as Ukrainian and foreign IT specialists.

One of them is Robert Potter, a great specialist in the field of cyber security, Co-Founder and Co-CEO of the Internet 2.0 company. It works with Australian authorities to combat cybercrime in the public sector.

Potter also shares his developments with Ukraine — his company has developed a product called obfuscation specifically for our country, which helps to hide critical infrastructure data from malicious attacks.

The cyber security specialist has experience in the fight against russian hackers. In an interview with the Ukrainian Pravda publication, he talked about their weaknesses and strengths, as well as effective methods of combating them.

According to Potter, russian cybercriminals are quite competent.

“You have to admit that russian hackers are some of the best in the world,” he says. – They are not stupid, but they do not have strong motivation and can fail or make mistakes due to their “apathy”. The best of them are involved in espionage campaigns, not destructive ones. Now they face a challenge: they have to retrain.”

Speaking about ways to defeat russian attacks, Potter praises the tactics of the Ukrainian IT army, which “successfully uses 200 thousand inexperienced but motivated young hackers, neutralizing the hacking attempts of 200 super cool hackers.”

Robert Potter advises to pay attention to the low motivation of russian criminals.

“I think you can play on their frustration,” he explains. — russian propaganda and ideology are not popular in all hacker communities. Previously, there were also Ukrainians in these communities. Now the latter simply give out the names of their former russian colleagues who have become enemies. In addition, russia is a terrorist state and, of course, all russian government hackers are simply slaves of the regime. I don’t think it makes them happy.” 1

Ukraine in Cyberspace 
  • The State Service of Special Communications conducted an educational course on cyber protection for information security specialists of the public sector. 2
  • The cyber police exposed a bot farm in Lutsk that planned to attack opinion leaders on social networks. 3, 4
  • Cyber police eliminated 13 bot farms from 1.5 million accounts that spread fakes and russian propaganda in social networks. 5
russia in Cyberspace 
  • Speaker of the State Duma of the russian federation Vyacheslav Volodin announced the development of a draft law that would introduce an increased tax rate for russians who left the country. Volodin wrote about this in his Telegram channel. 6
Cyber attacks on Ukraine

Malware:

  • Cyber attack on DELTA system users with the help of FateGrab/StealDeal malware. 7

Other:

  • russian hackers attacked the “Lvivoblenergo” website, but the attack was repelled. 8
  • Unknown people are trying to disrupt the website of the Institute of Mass Information through the form of subscription to letters. 9
Cyber attacks on russia

Data Breach:

  • An open Elasticsearch server with data from the company “ruscon” (site ruscon.ru), which is engaged in container transportation, was discovered. 10

DDoS:

  • The IT Army of Ukraine made a number of attacks on russian freelance exchanges (FL.ru, advego, Profi, youdo.com, freelance.ru, perevodchik.me, vakvak.ru, copylancer.ru, tranzilla.ru). 11, 12, 13, 14, 15, 16