Information Security Protection
State security is closely linked to the security of its cyberspace.
To ensure cyber security of the state the Security Service of Ukraine implements complex measures to counter online terrorism, prevent cyber espionage, defeat hacker attacks, refute subversive activities online, thwart cyber attacks on information and telecommunications systems of public authorities and critical infrastructure.
The SBU experts systematically uncover pseudo-patriotic communities in social networks, troll farms and separatist agitprops recruited by Russia.
In recent years, the SBU has gained substantial experience of defeating hacker attacks. The SBU has a high-powered information counterintelligence unit and its experts effectively interact with partners from EU and NATO countries, being united by the shared goal of protecting critical infrastructure objects and information resources from cyber threats.
The Security Information and Event Management (SIEM) operates at the SBU Situation Center for Cyber Security. SIEM monitors events in real time and conducts cyber security assessment. Potentially critical events are directly handled by security analysts, allowing to promptly detect and thwart threats in the national cyberspace.
- Malicious scan - malicious scanning / intelligence activity
- Mirai - interaction and connection to the botnet
- Web App Attack - attack on web applications
- Malware – malicious software
- C&C Server - connection to the Command and Control server
- Brute Force Attack - an attempt to gain unauthorized access (by guessing login info, encryption keys)