Cyberattacks against Ukraine surged in 2023

An increase in cyber incidents compared to 2022 underscores the growing challenges in protecting digital realms.

Ukraine’s State Cyber Defence Center has released a report showing a significant 62.5% increase in cyber incidents compared to 2022. Security analysts directly handled and processed 1,105 cyber incidents in 2023. In response, the government, energy, and military sectors have implemented additional cyber defenses.

In 2023, the System of Vulnerability Detection and Response to Cyber Incidents and Attacks processed approximately 18 billion events through monitoring, analysis, and telemetric information transmission.

The system is a comprehensive framework comprising both software and hardware tools. Its primary purpose is to provide continuous, 24/7 monitoring, analysis, and transmission of telemetric information related to cyber incidents and attacks. The system operates as a proactive measure, aiming to swiftly detect, analyze, and respond to cyber threats.

According to the report, 133 million suspicious information security events were initially identified this year, and 148 thousand critical events represented potential cyber incidents.

The subsystems of the Vulnerability Detection and Response System automatically identified 1,516,861 suspicious unique files. Among the various families of malware detected in information security events categorized as "02 Malicious Software Code," prevalent ones included SmokeLoader, Agent Tesla, Snake Keylogger, Remcos, and Formbook.

Throughout 2023, certain autonomous systems (AS) stood out for being frequently identified as sources of active scanning. Notable among them were "Google," "Hurricane," "Google-Cloud-Platform," "Cloudflarenet," and "DigitalOcean-ASN."

The growing number of cybersecurity incidents is related to the current geopolitical situation. Following the outbreak of the war in Ukraine, there has been a heightened escalation of cyber warfare from both sides. The focus of the cyberattacks has been on strategic infrastructure, aiming to gain advantages in conventional warfare.

Last week, Cybernews reported that Ukrainian officers fell victim to malware delivered through messages on Signal. The deceptive messages falsely presented themselves as associated with recruitment for the 3rd Separate Assault Brigade (AFU) and the Israel Defense Forces (IDF).