In the first quarter of 2022, the Government Computer Emergency Response Team CERT-UA, operating under the auspices of the State Special Service, recorded 802 cyber attacks. A year ago, 362 cyberattacks were recorded in the relevant period.
The five groups that have carried out the most cyberattacks on Ukraine’s critical information infrastructure include hackers whose activities are linked to the attacking country or who are complicit in the war against our state – Belarus:
- UAC-0010 aka Armageddon (GammaLoad, GammaDrop, HarvesterX): APT (advanced persistent threat) – group of the FSB of the Russian Federation.
- UAC-0041 (AgentTesla, XLoader): Hackers from Russia.
- UAC-0056 (Pandora hVNC, RemoteUtilities, GrimPlant, GraphSteel): hackers-cyber spies from Russia.
- UAC-0051 aka UNC1151: APT group associated with the special services of the Republic of Belarus.
- UAC-0028 aka APT28: APT group associated with the GRU of the Russian Federation.
UAC-0041 and UAC-0056, which the international community associates with hackers from Russia, are unusually active. They exploit existing military issues. Most likely, data about the group is shared by Russian intelligence. Source