4 January 2023

Hackers launched over 1,500 attacks against Ukraine since the start of Russia’s invasion


Hackers launched over 1,500 attacks against Ukraine since the start of Russia’s invasion

The Computer Emergency Response Team of Ukraine (CERT-UA) has detected and analyzed more than 1,500 cyberattacks launched by threat actors against Ukraine since Russia had unleashed war on the country in late February 2022, the State Service of Special Communications and Information Protection of Ukraine (SSSCIP) revealed.

According to the agency, most of the attacks have been launched from Russia.

Between September and December 2022, the Ukrainian defenders have observed multiple malicious operations coming from numerous Russian and pro-Russian hacker groups, including those believed to be affiliated with Russian security and intelligence agencies such as Armagedon (aka Gamaredon, Primitive Bear), which CERT-UA tracks as UAC-0010, Sandworm (UAC-0082), APT28 (Fancy Bear, UAC-0028), APT29 (Cozy Bear, UAC-0029), and UNC1151/Ghostwriter (UAC-0051). The letter APT group is thought to be working on behalf of Belarus Ministry of Defense. The government in Belarus has supported Russia since the start of the war in Ukraine by providing weapons, military bases and logistical support.

The list of attackers also includes pro-Russian cyber terrorists such as Xaknet, Killnet, Z-Team, Cyberarmyofrussia_reborn (tracked as UAC-0106, UAC-0108, UAC-0109, UAC-0107 respectively).

Primary objectives of the hackers include espionage, more specifically, obtaining intelligence regarding logistics, armaments, plans and operations of the Security and Defense Forces; attempts to cripple critical information infrastructure facilities, block access to public, banking services, and disseminate false or misleading information to undermine public confidence in capabilities of the public authorities, the Security and Defense Forces, and spread panic among people.

“But nonetheless, russia-affiliated groups are still unable to achieve their strategic purpose and inflict substantial damage to our infrastructure,” the SSSCIP assured.

Back to the list

Latest Posts

Chinese hackers target OpenAI employees in phishing attack

Chinese hackers target OpenAI employees in phishing attack

OpenAI said it disrupted cyber threats from China-based and Iranian groups.
10 October 2024
Fortinet, Mozilla Firefox flaws exploited in the wild

Fortinet, Mozilla Firefox flaws exploited in the wild

Users are urged to update to the latest versions immediately to protect against potential exploitation.
10 October 2024
Mamba 2FA PaaS platform targets Microsoft 365 accounts in advanced AiTM attacks

Mamba 2FA PaaS platform targets Microsoft 365 accounts in advanced AiTM attacks

At $250 per month, the platform offers threat actors well-crafted phishing pages and mechanisms to bypass MFA.
9 October 2024