The number of cyber incidents at the beginning of 2022 grew seven times compared to the same period last year, the CERT-UA government cybersecurity team said in a statement.
According to the data published on the CERT-UA website, since the beginning of 2022, 5,970 cyber incidents have been recorded and processed, of which 5,534 have been processed automatically.
Automatic processing includes informing providers about infected hosts of their clients and blocking phishing pages hosted in Ukraine.
Since the beginning of the year, 613 cyber incidents were classified as malware, and another 4,921 cases were phishing.
By sectors worked out by the CERT-UA team since the beginning of the year, 252 out of 436 incidents were registered in the UAGOV zone, 78 in the UACOM zone, and 62 in the FCOM zone.
According to the targets of the attack, 94 cyber incidents related to the sector of government bodies and local authorities, 68 to the security and defense sector, 25 to the financial sector. Telecom providers, commercial organizations, energy and transport sectors were also attacked.
At the same time, 170 cyber incidents were classified as low, 81 as medium, 72 as high, and 113 as critical.
The Foreign Ministry of Ukraine is in contact with international partners on countering cyberattacks and strengthening the cybersecurity system, measures are being taken to protect the websites of the Foreign Ministry and consulates abroad, Ukrainian Foreign Ministry Spokesman Oleh Nikolenko said.
On behalf of Foreign Minister Dmytro Kuleba, the Ukrainian diplomatic service has begun additional contacts with international partners to strengthen Ukraine’s ability to counter cyberattacks and develop cyber defense systems.
“A team of specialists from the Foreign Ministry, in cooperation with other involved departments, has already resumed the operation of the website of the Foreign Ministry of Ukraine: mfa.gov.ua,” Nikolenko wrote on his Facebook page.
He noted that as a result of the hacker attack, the content of the website was not damaged, no official information was leaked, and the internal IT systems of the Foreign Ministry are operating as normal.
“We are taking practical measures to strengthen the cyber defense of the Foreign Ministry and Ukrainian embassies and consulates abroad,” Nikolenko added.
The Cabinet of Ministers of Ukraine has adopted the provision on the organizational and technical model of cybersecurity developed by the State Service of Special Communications and Information Protection of Ukraine, according to the service’s website. The organizational and technical model of cybersecurity is a set of measures, subjects and actions aimed at developing the capabilities of the national cybersecurity system in prompt response to cyberattacks and cyber incidents. This model creates conditions for minimizing possible negative consequences for information and communication systems.
“The organizational and technical model of cybersecurity not only denotes complex framework and different levels of infrastructure for protecting the country in cyberspace, but also at the sub-legal level defines the main stages of responding to cyber incidents. Both government agencies and the corporate sector and citizens will be involved in the development of this model,” Head of the State Special Communications Service Yuriy Schyhol said.
Such an integrated approach should increase the effectiveness of the national cybersecurity system and, in particular, allows both enterprises and government agencies to develop, implement and continually improve structurally identical and adapted to their own needs and capabilities plans for responding to cyber incidents and cyberattacks.
The organizational and technical model assumes three levels of integrated cyber defense infrastructures:organizational and managerial (the main subjects of the national cybersecurity system); technological (interaction of technological units: information exchange, monitoring, ensuring sustainable cyberspace security) and basic (secure information infrastructure and society).
The organizational and technical model of cybersecurity is aimed, inter alia, at reducing the vulnerability of information and communication systems and ensuring their cyber resilience; creating conditions for the development of public-private partnerships in cybersecurity; and also on the creation of an effective system of national response to cyber incidents, in particular on the development of industry response teams, synchronization and coordination of their actions. The State Special Communications Service said the introduction of an organizational and technical model of cybersecurity determines responsibility for the implementation of specific tasks of each subject of cybersecurity and makes it possible to form an effective system of resource support, including personnel.
The joint statement following the 23rd Ukraine-EU Summit recognizes the importance of further strengthening cooperation in countering hybrid threats and tackling disinformation.
According to the text of the statement published on the website of the President’s Office of Ukraine, the EU will continue to support Ukraine’s resilience, including through the strengthening of independent media and the regulatory environment, as well as sharing best practices on media freedom and literacy, strategic communications and supporting Ukrainian initiatives to tackle disinformation.
“We underlined the important role played by civil society, youth and independent media in all areas of public and political life, also in the context of disinformation campaigns against the EU and Ukraine, including notably by Russia,” the officials said in the joint statement.
The holding of the first cyber dialogue between Ukraine and the EU on June 3, 2021 is also encouraged, and the next round is expected in the second quarter of 2022.
“We emphasized the importance of deepening inter-institutional cooperation on cybersecurity,” according to the statement.
The system of cyber protection of state information resources of Ukraine and critical infrastructure facilities at monitoring sites recorded 376,100 suspicious events from August 18 to 24 August 2021, which is 28% less than in the previous week.
According to the State Service for Special Communication and Information Protection on Thursday, the overwhelming majority of recorded suspicious events concern violations of corporate security policy (32%), detection of network malware (22%), and attempts to obtain administrator rights (20%).
The system of state bodies’ protected access to the Internet blocked 43,100 different types of attacks, which is 18% less than in the previous week. Of these, 99% are application-level network attacks; two DDoS attacks were also recorded and blocked.
During this period, the Government Computer Emergency Response Team of Ukraine (CERT-UA) registered and processed 2,150 cyber incidents.
The vast majority of processed incidents belong to the UACOM domain zone (about 99%). The majority of incidents are related to the distribution of malware (96% of the total) and phishing (3%).
President of Ukraine Volodymyr Zelensky announced that soon a university, which prepares the specialists in combating and countering cyber threats, will be opened in the country.
“We will open a new powerful university, the presentation is almost ready. A university that will have such professions related to the cybersecurity of the country, of the people. Cybersecurity is one of the main faculties of this university […] We will select the best children, we will give very high scholarships […] modern laboratories, cyber centers, biochemical centers will be built there […]”, Zelensky told reporters after speaking at the Ukraine 30 All-Ukrainian Forum.
The President also said that the university will also have a powerful selection of teachers, primarily Ukrainians, but foreign specialists will also be attracted, who will be paid high salarie.