The CERT-UA Government Computer Emergency Response Team, operating under the State Service for Special Communications and Information Protection, registered and investigated more than 2,100 cyber incidents and cyber attacks during 2022.
As reported by the State Service for Special Communications and Information Protection of Ukraine on its website, more than 1,500 of the total number of cyber attacks have been registered since the beginning of Russia’s full-scale military invasion of Ukraine.
According to CERT-UA, the public sector is the most frequently targeted by enemy hackers, accounting for about one quarter of all cases studied.
In addition, the energy sector remains under the special attention of Russian hackers – cyber attacks on energy enterprises are difficult to carry out and prepare, they are harder to detect.
Companies that are providers of services, hardware and software for energy companies are under constant scrutiny. As such, supply chain attacks remain a growing threat. In particular, in December 2022, experts recorded an attempt to attack one of the Ukrainian energy facilities by hacking a software supplier and developer.
In addition, enemy hackers actively attacked the logistics, telecommunications, commercial and defense sectors.
The number of cyber incidents at the beginning of 2022 grew seven times compared to the same period last year, the CERT-UA government cybersecurity team said in a statement.
According to the data published on the CERT-UA website, since the beginning of 2022, 5,970 cyber incidents have been recorded and processed, of which 5,534 have been processed automatically.
Automatic processing includes informing providers about infected hosts of their clients and blocking phishing pages hosted in Ukraine.
Since the beginning of the year, 613 cyber incidents were classified as malware, and another 4,921 cases were phishing.
By sectors worked out by the CERT-UA team since the beginning of the year, 252 out of 436 incidents were registered in the UAGOV zone, 78 in the UACOM zone, and 62 in the FCOM zone.
According to the targets of the attack, 94 cyber incidents related to the sector of government bodies and local authorities, 68 to the security and defense sector, 25 to the financial sector. Telecom providers, commercial organizations, energy and transport sectors were also attacked.
At the same time, 170 cyber incidents were classified as low, 81 as medium, 72 as high, and 113 as critical.
