Ukraine Media Center hit with cyber attack before cyber briefing

The briefing was conducted by Brigadier General Yurii Shchyhol, head of State Service for Special Communications and Information Protection. In 2022, he stated that CERT-UA reports 2194 attacks for the year. Of those, approximately one quarter were directed against government agencies and local authorities.[i]

Shchyhol stated the objectives of the Russian Federation in their attacks were to hit critical infrastructure, extract information via cyber espionage and as part of a psychological warfare campaign. Spear phishing is the top method used for attacks. When I asked what ordinary Ukrainian citizens can do to help the country, “we urge everyone to take cyber hygiene responsibly: it’s the job for each of you. Each of you is the element responsible for the overall security of cyberspace. This especially applies to civil servants.”[ii]

I asked if the Ukrainian cyber forces could detect any expansion in the Russian Federation investment into hackers, notably any expansion in GRU units used to hack or conscription of freelance hackers busted by the FSB and conscripted then to service for the state. His response was, “We must understand and take into account the fact that essentially all hackers who
work with the Russian Federation are financed by the state.” He added, “These are people who are either military service or are financed by the security forces.”[iii]

Among the findings, 3200 kilometers of fiber optic lines were reinstalled in areas destroyed by the war. They built 1500 new mobile base stations. In addition, they modified the energy independence of over 8000 stations. The cost was approximately 8 billion hryvnia.[iv]

After I left the media center, they made a public announcement affirming the attack that happened at our arrival. “All the Russian hackers were able to do was delay the start of our briefing for 15 minutes. Likewise, with their actions, they are delaying the end of their country. It will definitely happen in the near future,” said Shchyhol.[v]

The next day I noticed the Media Center’s telegram page said:
“Dear journalists! Due to yesterday’s cyberattack, Wi-Fi is not working in the
Media Center. But you are still welcome to visit our co-working space, which has power, places to work and hot tea. We are waiting for you from 10:00 AM to 6:00 PM. “.[vi]

Ukraine has been the front line for Russia’s cyberwar and the Ukrainian cyber defense has only improved over the past several years with both Ukrainian ingenuity and experience and help from both nation state and private cyber security firms who have been especially responsive to the country’s needs since the February 24, 2022. Previous discussions with the cyber defense staff and NatSecMedia maintain that the Russian effort to attack has not waned but instead increased. Those attacks have been met with better counter strategies and education of the energy sector and other vulnerable vectors across the country.

SOURCES

[i] https://mediacenter.org.ua/strong-in-2022-cert-ua-reports-2-194-cyberattacks-a-quarter-of-them-against-government-agencies-state-service-for-special-communications-strong/

[ii] https://mediacenter.org.ua/strong-in-2022-cert-ua-reports-2-194-cyberattacks-a-quarter-of-them-against-government-agencies-state-service-for-special-communications-strong/

[iii] https://mediacenter.org.ua/strong-all-hackers-working-with-russia-against-ukraine-are-state-controlled-war-criminals-strong-strong-state-service-for-special-communications-strong/

[iv] https://mediacenter.org.ua/strong-since-february-24-2022-ukrainian-mobile-operators-restore-over-3-200-km-of-fiber-optic-lines-and-build-over-1-500-base-stations-state-service-for-special-communications-strong/

[v] https://mediacenter.org.ua/strong-media-center-ukraine-ukrinform-hit-by-russian-cyberattack-strong/

[vi] https://t.me/UkraineMediaCenterKyiv/4237