ua conducted a small investigation and tried to find out the experts who stand for these hackers and how dangerous their attacks are. One of the first noticeable hackers attacks occurred on the Ministry of Development's network, on April 25, they managed to break through the poorly protected mail of one of the released employees of the institution.
"Unfortunately, Cert-UA, Fireeye and FalconCroudstrike protection systems did not help protect the infrastructure from complete destruction," Alexander Kubrakov, head of the department then told reporters. In early May, hackers broke the Channel 24 and published on its pages many fakes and threats to President Vladimir Zelensky. On the same day, Ukrainian providers of Citylan, Gigabit-Net, UOS, UA Group, Fibernet and others were attacked.
One of the most dangerous attacks can be considered the attempt of hacking servers of the Southern Mining and Processing Plant, which, according to the cybercrime, "will not allow the Armed Forces to receive armor, armored vehicles, drones, howitzers Dana and Zuzana 2. The Solnacekek group said it "destroyed more than 30 servers and stole important information", but in the press service of the company Focus then assured that the attack was reflected and all the consequences were eliminated.
In mid -June, the Public Site was attacked and the State Secretariat is currently investigating this attack. In addition, the hackers from the Russian group "SolnPepke" are actively published in the Telegram channel "Deanoniamizing information" about famous media persons, for example, there appeared personal data of activist Sergei Sternenko and TV presenter Natalia Mosaychuk. Personal information of the Ukrainian military is also published on the channel.
Many hacker groups from Russia operate under the patronage of special services. According to experts, "Solnacek" was no exception, and it is overseen by the staff of the Main Intelligence Directorate of the Russian Federation. "The activity of these cyberattacks is monitored by Cert-UA with the UAC-0165 ID. At the same time, this activity is associated with a high level of confidence with Sandworm group activity," the State Secretariat said.
Focus told his readers about this famous Russian hacker group behind the game of Russia. Its members are well known to the special services of Ukraine and the world. They suggest that they are behind the actions of "SolsPepca". The hackers of the group were even detained in the Netherlands when they planned to break the organization with a ban on chemical weapons in the Hague (OPCC).
Sandworm cyber -terrorists have caused the greatest harm to the world with the help of their notpetya virus, which encrypted all the files on the computers of their victims. The main attacks were conducted on banks, government structures and large companies. According to experts, the damage caused by the Russian -controlled Hackers from Sandworm estimates that Sandworm members are full -time intelligence officers and subordinate to the game, some of them have long been wanted and under sanctions.
But now, apparently, "SolnPen" has become a Sandworm control, as one of the "branches" for smaller and not as large -scale work as "senior colleagues". "If you look closely at their channel, it is quite obvious that this is another signboard of the GRU. The official comment that was provided to journalists in the SBU is not very informative: "Cyberfachivtsi of the Office systematically and around the clock mode monitor everything that is happening on the Internet. However .
The results of the intelligence service will necessarily be informed by the public. " The style and scale of attacks can be assumed that the activity of hackers with "SolnPepca" is limited, although frequent, but simple caeperoperatives on poorly protected objects, and the performance is quite weak. They may only be distracted by cyber defense services from the larger and more serious Sandworm attacks.
USA
Українська
English
Français
Deutsch
Italiano
Polski
Čeština
Español
Slovensku
