Data published on Ukraine DDoS attacks

Data published on Ukraine DDoS attacks

DDoS keyboard 16.9.jpg
Stock image.

Ukraine's telecoms infrastructure is under "constant scrutiny by hostile hacker groups" as DDoS attacks on the country's networks soar.

The conclusion was drawn by coms provider and infraco Datagroup, which last week said it had resolved more than 350 DDoS attacks on Ukraine's telecom network during one month of war.

Datagroup said the largest attack measured 103.6Gbps, 28Mpps; the most powerful attack measured 27.6 Gbps, 43 Mpps; and the longest recorded attack lasted 24 days.

"While Russian missiles attack physical infrastructure, Russian hackers attack information - financial, government and telecommunications," Datagroup said in a statement, adding that all attacks were resolved.

According to the State Special Communications Service, Ukraine has suffered more than 3,000 organised DDoS attacks since the beginning of Russia's war on the country. The record was 275 DDoS attacks per day, while the most powerful, at its peak, exceeded 100 Gbps.

Additional figures, released on Friday by the government's CERT-UA cybersecurity team counted 60 cyber-attacks from March 15-22 on Ukrainian critical information infrastructure and public organizations of the country.

Announcing the figures via Telegram, CERT-UA reported that of the 60, 11 occurred on the websites of the government and local authorities, eight in the security and defense sectors, six in the financial and commercial sectors, four in the telecom and software sector, and two in the energy sector.

A further 22 cyberattacks were categorised as "other."

Deputy Head of the State Service for Special Communications and Information Protection Viktor Zhora said: "The number of attacks is growing, but most of them are unsuccessful. Even successful ones have almost no effect on the operation of the critical information infrastructure. However, we do not observe such serious activities that were at the beginning of the year."

In the last two weeks CERT-UA has also detected attacks based on the malicious programme Cobalt Strike Beacon; HeaderTip and SPECTR malware; and the DoubleZero and LoadEdge destructor programmes.

Earlier in March, Cloudflare recorded a continued increase in layer 7 DDoS traffic originating in Ukraine. It said there had also been a large increase in bot traffic in the country and that "these two things may be related".

Gift this article