Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime

Ukraine Successfully Blocked Over 4,500 Cyberattacks in 2022

Russia Continued Its Cyber Offensive With an Average of 10 Cyberattacks a Day
Ukraine Successfully Blocked Over 4,500 Cyberattacks in 2022
Illia Vitiuk, chief of SSU Cyber Security Department (Source: Security Service of Ukraine)

Ukraine's domestic intelligence agency revealed earlier this week that it successfully blocked more than 4,500 cyberattacks in 2022.

See Also: How to Build Your Cyber Recovery Playbook

The Security Service of Ukraine, which protects Ukraine's information and digital security in wartime conditions, says the number of cyberattacks has tripled since last year and increased fivefold since 2020, when only 800 cyberattacks were documented.

The chief of the SSU Cyber Security Department, Illia Vitiuk, attributed the success of his department to what it learned from the BlackEnergy cyberattack that caused power outages for about 1.4 million Ukrainians in the peak of 2015 winter.

"We approached 2022 with eight years of hybrid warfare experience. After all, the war in cyberspace had been ongoing," Vitiuk says. "At the time of the invasion, we were ready for the worst scenarios. And the massive cyberattacks that we repelled in January and February became extra training before the invasion."

Ukraine's Cyber Rapid Response Team of the State Cyber Defense Center earlier in the year reported that it had observed a very high volume of suspicious cybersecurity or information security events in the first three months of the year (see: Ukraine Observed Nearly 14M Cyber Incidents in Q1 2022).

Vitiuk in an interview with state-run news and information platform We-Ukraine fingered Russia for its cyber offensive tactics and said: "Today, Russia launches on an average more than 10 cyberattacks a day."

Vitiuk says the SSU knows the names of several Russian secret service hackers working against Ukraine. The agency acquired this information by continuously monitoring the networks of these hackers. "After Ukraine's victory, they will face separate charges in an international military tribunal," Vitiuk says.

The cyber division chief of the SSU added that Russians have not changed much of their previously known tactics, but they are now targeting energy, communications, logistics, military, government databases and "of course, information resources that help in conducting special psychological warfare," Vitiuk says.

In mid-December, Russia launched yet another missile attack on Ukraine's energy system. Vitiuk says the latest shelling of energy facilities was accompanied by cyberattacks, but none of the attacks succeeded.

"Systemic" cyberattacks against the energy sector has been underway since October. Hundreds of these attacks have been observed, and at least 30 could have been highly critical, which means they could have turned off the lights and destroyed the digital infrastructure of individual Oblenergo distribution systems. But fortunately, this was averted, Vitiuk says.

Russia has been trying to spread a pro-Kremlin narrative among Ukrainians through disinformation. It uses bots that can send messages to millions in a single deployment, the SSU says. But the agency, along with the cyber police, Vitiuk says, has cracked down on 45 bot farms across the country that controlled 2 million fake accounts spreading disinformation.

The latest such crackdown was reported last week when the Ukrainian cyber police dismantled more than a dozen bot farms controlling 1.5 million fake accounts (see: Ukraine Takes Down Domestic Pro-Kremlin Bot Farms).

Vitiuk also said that the agency has actively taken down hundreds of YouTube channels spreading fake propaganda. These channels had more than 15 million subscribers, he says.

In addition to defending Ukraine's critical infrastructure, the SSU also has learned to successfully attack the country's adversaries. Vitiuk did not share further details on Ukraine's offensive capabilities but in an October interview he said, "Ukraine's counteroffensive in cyberspace began on February 24 [the first day of Russian invasion]. We dealt with them in the morning, and in the evening we struck back. ... Our counteroffensive is still in full swing."

In June, Gen. Paul Nakasone, the U.S. Cyber Command director, confirmed the use of offensive cyber activities to support Ukraine through its Hunt Forward program (see: US Confirms It Has Provided Cybersecurity Support to Ukraine).

About the Author

Mihir Bagwe

Mihir Bagwe

Principal Correspondent, Global News Desk, ISMG

Bagwe previously worked at CISO magazine, reporting the latest cybersecurity news and trends and interviewing cybersecurity subject matter experts.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.