State Service of Special Communications and Information Protection of Ukraine

Since the beginning of December, in these 20 days, the SSSCIP has handed over more than 67,000 drones of various types to the security and defense forces in accordance with military requests. 35,000+ for the first decade of the month. 32,000+ for the second.

Атака російських хакерів на інформаційні системи Міністерства юстиції України стала черговим нагадуванням, наскільки важливим є захист об'єктів критичної інформаційної інфраструктури та органів виконавчої влади. Цей випадок ще раз довів: кіберпростір є повноцінною ареною сучасної війни, де ворог постійно вдосконалює свої інструменти та стратегії. Саме тому державним установам, обласним адміністраціям та операторам критичної інфраструктури необхідно постійно працювати над посиленням своїх систем захисту. Держспецзв’язку запрошує до участі у воркшопі, присвяченому актуальним питанням кіберзахисту. Головні теми: 🔹 Еволюція російських агентів кіберзагроз - експерт з кібербезпеки Володимир Стиран.  🔹 Кібербезпека як ключовий фронт у сучасній війні. Нові виклики та стратегії протидії російським хакерам - начальник Ситуаційного центру забезпечення кібербезпеки СБУ Андрій Окаєвич.  🔹 Інциденти та уроки: як реагувати на атаки на державні установи та критичну інфраструктуру - фахівець команди з реагування на комп’ютерні інциденти CERT-UA Микола Коваль. 🔹 Роль Національної поліції в кіберзахисті ОКІ: загальні аспекти та практичні рекомендації - заступник начальника Відділу оперативного реагування на кіберінциденти на ОКІ Кіберполіції Роман Сочка.  🔹 Як побудувати захист об'єктів інформаційної інфраструктури - на що звернути особливу увагу - фахівець команди з реагування на комп’ютерні інциденти CERT-UA Микола Коваль. 🔹 Комплексна система захисту інформації (КСЗІ) та Комплекс технічного захисту інформації (КТЗІ): вимоги та практика впровадження.  🔹 Імплементація NIS 2 в Україні та її вплив на безпеку даних - директор Департаменту кіберзахисту Держспецзв`язку Ігор Мальченюк. Цільова аудиторія: Представники ЦОВВ, ОВА, ОМС та організацій, що відповідають за критичну інфраструктуру. 📌 Реєстрація обов’язкова. Заявки приймаються до 12:00 23 грудня 2024 року. Посилання на захід буде надіслано на електронну пошту після підтвердження реєстрації. Лінк для реєстрації 👉 https://lnkd.in/duTXG89d 💡 Разом працюємо над безпекою інформаційного простору України!

The Computer Emergency Response Team of Ukraine (CERT-UA) at SSSCIP has detected new cyber attacks, carried out by the hacker group UAC-0099. During 2022–2023, this group has managed to receive unauthorized remote access to several dozen computers in Ukraine. This time, UAC-0099 targeted state organizations, in particular, forestry, forensic institutions and industrial enterprises. Attackers continue to use traditional methods, such as phishing emails with malicious attachments, to penetrate information systems. However, their attack methods and tools are becoming more sophisticated. In this attack, they used emails with attached double archives containing LNK or HTA files. Furthermore, some archives could contain an exploit for the known WinRAR vulnerability (CVE-2023-38831), allowing hackers to execute malware on the victim's computer without approval. CERT-UA highlights the complexity of the tools used by hackers. While previously they used a simple VBS script LONEPAGE, now they employ complex schemes involving encryption and decryption of files on the infected machines. Additionally, cybercriminals continue to leverage Cloudflare services to mask their activities and enhance their infrastructure's stability. If you suspect a cyberattack, contact CERT-UA at incidents@cert.gov.ua or by phone at +38 (044) 281-88-25. Learn more about the incident details: https://lnkd.in/enzZXSKw

👩💻🧑💻 Cyber exercises help protect global cyberspace. The Head of SSSCIP Oleksandr Potii mentioned it during the Ukraine-Estonian cyber exercises “UA-EE Cyber Shield via Tallinn mechanism”, which gathered 250 cyber specialists of state bodies and critical infrastructure companies of Ukraine. The participants trained to protect industrial, information, and operational technology systems from attacks by ethical hackers, who were represented by specialists from leading Estonian cybersecurity company CybExer Technologies and Ukrainian cybersecurity organisations. Ambassador Extraordinary and Plenipotentiary of the Republic of Estonia to Ukraine Annely Kolk emphasized the importance of cooperation to build a stronger and more resilient cybersecurity system. 💬 “In Estonia, a small country, we are well aware that people and human aspect in technology are of utmost importance. People are those who defend our governmental and critical services. Our dearest wish is to continue working with like-minded countries and to combine our efforts with Ukrainian authorities within the framework of the Tallinn Mechanism. More specifically, our cyber security agencies (SSSCIP and Estonian Information System Authority) have already long time good cooperation and now it has been strengthened recently by the Memorandum of Understanding,” said Ambassador Annely Kolk. Cyber training helps to simulate real-world threats, increase employee awareness and reduce the risks of human error, creating a reliable basis for the cyber resilience of the state and society, particularly in the context of the large-scale war of the Russian Federation against Ukraine and its aggression in global cyberspace. 💬 “We conduct joint exercises with partner countries within the framework of various initiatives. These competitions are part of the Tallinn Mechanism, which is coordinated by the Republic of Estonia. Such exercises help to acquire practical skills of teamwork and rapid detection of cyber threats in conditions close to real,” said the Head of SSSCIP Oleksandr Potii. He thanked the Estonian partners for the valuable opportunity to improve Ukrainian specialists’ qualifications and skills in responding to cyber incidents, and added that joint exercises are an important component for training a personnel reserve, as it helps specialists from different countries to better interact and understand each other. The event was organised by the e-Governance Academy and CybExer Technologies, and supported by Estonian Centre for International Development (ESTDEV) in collaboration with the Ministry of Digital Transformation of Ukraine, CDTO Campus, National Cybersecurity Coordination Centre, Security Service of Ukraine and Estonian Embassy in Kyiv.

⚡️CERT-UA detected a new series of phishing attacks by the UAC-0185 group. These hackers have been active since 2022, mostly focusing on stealing accounts in messaging apps & Ukrainian military systems like DELTA or Kropyva. Learn more👉 bit.ly/3OMAYmJ #cybersec #hacker

A MoU in critical infrastructure protection signed with Finland's NESA and SSSCIP. Learn more about the areas of cooperation and unique expertise that each of the partners brings to the table in our article👇 https://lnkd.in/dr6w6Fr6

We have been honored to host the Estonian delegation at SSSCIP recently. Talks focused on the joint efforts for boosting cyber defenses including critical infrastructure objects, & experience exchange in fighting cybercrime 🇪🇪🤝🇺🇦 More in the report: https://lnkd.in/d9baTYEW

Excited to announce SSSCIP has signed a MoU with Spain’s #CNPIC! It will boost the protection of Ukraine's critical facilities through: 🤝Cooperation and experience exchange; 👩🎓Joint trainings; 🇪🇺🇺🇦 Harmonizing Ukrainian laws with EU regulations. https://lnkd.in/d6ynz8D8

SSSCIP & CYBER RANGES launched a cyber training service TRYZUB that emulates cyber attacks by russian hackers UAC-0010 (Gamaredon) & UAC-0002 (Sandworm) in a secure environment. A portion of its earnings will be donated to UNITED24 to support Ukraine. https://lnkd.in/dACgu3m3

SSSCIP's "Data Hunters" team secured 3rd place at the 1st Ukrainian OSINT Hackathon. The event focused on investigating Russian war crimes, such as forced deportation of Ukrainian children, shelling of civilian targets, and torture of POWs. 👀 Learn more👇 https://lnkd.in/dRus4kTJ