Russia changes cyber attack tactics on Ukraine

The SSSCIP report said that although the number of serious and high-severity cyber attacks in Ukraine has decreased significantly, down 85% compared to the same period last year, the total number of cyber attacks has increased by 19% compared to the second half of 2023. It is worth noting that the number of investigated cyber incidents targeting the security, defense and energy sectors has doubled.

In 2022, as the war raged, Russian hackers changed their approach. Instead of targeting easy targets like poorly secured companies and organizations, they began attacking Ukraine’s critical systems, such as computer systems and communications networks. Their goal was to destroy these systems, steal important data, and disrupt communications.

When the old method was no longer effective, in 2023, Russian hackers changed their target. This time, they attacked Ukrainian internet companies, ministries and government agencies. The goal was to disrupt the government's operations and make things difficult for the people. However, the Ukrainians quickly repaired the damage.

In 2024, the situation in Ukraine becomes more complicated as Russian hackers change their targets. Instead of targeting other targets, they focus on those directly related to the war, such as companies that provide services to the military. Their goal is to quietly infiltrate these systems to cause chaos and gather information.

Ms. Yevheniya Nakonechna, head of SSSCIP, warned that: "Hackers are not only exploiting every weakness but are also focusing on attacking important systems that help the military operate more effectively."

In the first 6 months of 2024, only 3 serious cyber incidents were recorded, a significant decrease from 31 incidents in the second 6 months of 2023 and 27 incidents in the first 6 months of 2023. Most of the incidents that occurred were of moderate severity, with the number increasing by 32% compared to the same period last year.

The number of attacks targeting the security and defense sector more than doubled, from 111 in the second half of 2023 to 276 in the first half of 2024. Ukraine observed activity from eight cyber threat groups, some of which may be linked to the Russian National Guard (RosGvardia), the Russian Ministry of Internal Affairs, the General Staff and the Special Communications Service.

Recently, the cyber security situation in Ukraine has become alarming when the number of malware infections has increased dramatically, up to 90%. The main cause is determined to be the massive download and use of pirated and unofficial software by users. These software often contain malicious code, creating opportunities for hackers to infiltrate and steal personal data, disrupt system operations, and even paralyze important national infrastructure.

Cyber ​​attacks against Ukraine are not limited to destroying systems but are also used for illegal profit. Russian hackers have deployed many sophisticated campaigns to penetrate and steal accounts on popular messaging apps such as WhatsApp and Telegram.

In March 2024, the Sandworm hacker group launched a sophisticated cyberattack against 20 Ukrainian energy infrastructure units. By exploiting a vulnerability in the system of a utility company, they were able to simultaneously attack several critical infrastructure facilities. The consequences of this attack were severe, causing widespread power outages, water shortages, and heating shortages, affecting the lives of millions of people and causing huge economic losses to the country.

The SSSCIP report concluded: "The cyber war shows no signs of stopping. Enemies are always looking to exploit every vulnerability to collect intelligence, especially targeting military personnel and government agencies. Cyber ​​attacks are becoming more and more sophisticated, from sending phishing emails to steal passwords, to infecting computer systems with malware to steal important data. Their goal is not only to steal information but also to disrupt the operations of state agencies, cause public panic and weaken the fighting spirit of the army."