Russia's Cyber Attacks on Ukraine Shot Up 123%
New Report Shows Cyber Attack Spike
Photo by Matti Karstedt on Pexels
Russian cyber-attacks against Ukraine surged in the first half of 2023, with 762 incidents observed by Ukraine's State Service of Special Communications and Information Protection (SSSCIP).
This reportedly represents a 123% increase from the second half of 2022, yet these attacks were less successful, as critical incidents dropped by 81% and incidents with impact fell by 48%.
According to the SSSCIP, the shift in tactics from sophisticated tools and malware to a 'spray and pray' approach and 'living off the land' techniques is likely behind this decrease in effectiveness.
Malware distribution is down by 52.41%, largely replaced by less sophisticated phishing attacks and exploitation of open-source email systems with known vulnerabilities.
However, Ukraine's defense of its infrastructure is significantly improved compared to six months ago. The CERT-UA and its partners have improved their detection and response capabilities, as well as their threat intelligence, which has forced Russian threat actors to act faster once they infiltrate a network.
As a result, the attackers have begun to dump large amounts of documents, such as 21,000 office documents, within thirty minutes of a successful breach.
The targeting of Ukrainian law enforcement and media industry has increased, as Russia-backed threat actors look for evidence of Russian war crimes, as well as control over any ground-deployed spies.
Attacks against Ukrainian energy organizations have dropped by 61%, as the attackers shift their focus.
Finally, state-sponsored hackers have been revisiting previous victims who handle critical data needed by the Russian military. This allows the attackers to strategize their future actions and anticipate the responses of the Ukrainian government.
The SSSCIP report highlights the increased sophistication of Russian cyber-attacks against Ukraine and the ongoing risk they pose. Ukraine's defense of its infrastructure is improved, though the attackers have shifted their tactics to remain effective.
As long as the threat of Russian cyber-attacks remains, Ukraine will need to continue to improve its defenses to protect their critical data and infrastructure.