Since the conflict began on February 24, 2022, when Russia invaded Ukraine, 796 cyberattacks have targeted Ukrainian government and commercial sector institutions.
Ukraine’s cyberspace defense and security organization, SSSCIP (short for State Service of Special Communications and Information Protection), claims that since the commencement of the conflict, a continual stream of hacking attempts has been made against the nation’s networks.
“Hackers from abroad are still targeting Ukraine. Although the quality of cyberattacks has been diminishing since the start of Russia’s full-scale military operation, their intensity has not dropped “stated on Thursday by SSSCIP.
In a total of 281 strikes throughout the first few months of the conflict, the government, local governments, and defense groups of the nation have been the main targets.
The banking, telecom, infrastructure, and energy industries are among those that have been severely disrupted by cyberattacks.
The majority of attacks discovered by Ukraine’s cybersecurity defense agency (242 events) intended to gather information, while the remaining attacks sought to hack, take down, or infect targeted systems with malware.
Military strikes related to Russian cyberattacks
The information provided by SSCIP is consistent with a study released by Microsoft in April, which described the scope of Russian-backed cyberattacks on Ukraine since the invasion in February.
Tom Burt, corporate vice president for customer security and trust at Microsoft, reported that the company’s security analysts in Redmond had identified numerous Russian hacking groups that were launching hundreds of attacks against Ukrainian citizens and the nation’s infrastructure with the intention of infecting vital systems with destructive malware and preventing civilians from accessing essential information and services.
At least six distinct nation-state entities with ties to Russia have launched more than 237 operations against Ukraine since immediately before the invasion, including continuous destructive actions that endanger the welfare of civilians, Burt said in April.
The Microsoft Threat Intelligence Center (MSTIC) also noted threat groups (such as APT28, Sandworm, Gamaredon, EnergeticBear, Turla, DEV-0586, and UNC2452/2652) stepping up their attacks against Ukraine and its allies beginning in March 2022. These groups are linked to the Russian intelligence services GRU, SVR, and FSB.
Burt also emphasized how closely the timing of hacking attempts matched that of missile strikes and sieges planned by the Russian army, demonstrating a direct connection between cyberattacks backed by Russia and Russian military activities.
Russian efforts to hack Ukraine’s allies have increased
The GRU, SVR, and FSB, as well as other threat actors connected to Russian intelligence services, have increased their cyberattacks on Ukraine and the governments of allies, according to Microsoft President and Vice-Chair Brad Smith earlier this month.
According to Smith, “MSTIC has discovered Russian network intrusion activities on 128 targets in 42 non-Ukrainian nations.”
“These reflect a variety of strategic espionage targets, 49 percent of which have been government organizations, likely to be involved in direct or indirect assistance of Ukraine’s defense.”
Most of these assaults are primarily aimed at obtaining sensitive information from government institutions in nations that are essential to NATO and the West’s response to Russia’s war.
Microsoft also disclosed that, since the start of the conflict in Ukraine, Russian-backed threat organizations have been successful in 29% of their attacks and were able to exfiltrate stolen data in a quarter of these incursions.
