The SBU Situation Center for Cyber ​​Security records increasing of cyberattacks aimed at public authorities, critical infrastructure facilities and private companies. Pro-Russian hacker groups became more active.

The SBU constantly takes measures to search, detect and localize these cyberattacks and incidents, as well as counteracts cyber threats in ITS (information and telecommunications systems). SBU cyber specialists use a cyberattacks data exchange system based on the MISP-UA platform.

We urge Ukrainians to be vigilant and report all facts of possible cyberattacks to the SBU:

• incident@dis.gov.ua - for notifications of critical infrastructure facilities and public authorities about detected cyber incidents;
• cvd@dis.gov.ua - for notifications on identified vulnerabilities in information and telecommunication systems of critical infrastructure facilities and public authorities (under the terms of the Public Memorandum);
• misp.gov.ua - a platform for the exchange of IOCs between critical infrastructure facilities and public authorities, whose users are already connected (subject to a separate Memorandum).

At the same time, the SBU initiates active informing of the public, including the publication of reports on specific cyberattacks and IOCs.

This information may be used to protect computer networks and to systematically counter cyber threats to national security. Also, the data obtained will increase the level of awareness of technical specialists of public authorities.

Thus, in April 2021, the SBU detected cyberattack on the ITS of public authorities. The offenders used spam notifications about COVID-19.

Downloading and opening of these files from the Internet (via e-mail messages, groups in messengers, etc.) led to virus attack and uploading of work files from computers to hackers’ servers.