News
"Court Summons" Phishing Lure Used in Cyberattacks on Ukrainian Government and Defence Sector
The National Cyber Security Incidents Response Team (CERT-UA) has detected and investigated a new series of targeted cyberattacks on government agencies and enterprises within the defence-industrial complex.
SSSCIP Issues Warning: On-Premises SharePoint Servers Under Attack!
The State Service of Special Communications and Information Protection of Ukraine is alerting about the active exploitation of critical vulnerabilities in on-premises versions of Microsoft SharePoint Server. This was reported by the Microsoft security team in a blog post on July 22, 2025.
APT28 Targets Security and Defence Sector with AI-Powered Software
CERT-UA, the National Computer Emergency Response Team of Ukraine, functioning under the State Service of Special Communications and Information Protection (SSSCIP), has identified new cyberattacks targeting the security and defence sector.According to available information, emails containing an attachment named "Додаток.pdf.zip" ("Attachment.pdf.zip") were disseminated among executive bodies, purportedly sent from a representative of a relevant ministry.
APT28 attacks Ukrainian government agencies via Signal using malware
The National Cyber Incident Response Team CERT-UA records new cyberattacks on government agencies. To attack systems, attackers use a multi-stage chain that begins with sending malicious documents via the Signal messenger.The goal of the attacks is to gain remote access to computers for espionage and data theft.
Russian Hackers Shift Tactics: From Destructive Attacks to Espionage. SSSCIP Report
An analysis of cyber incidents in Ukraine from 2022 to 2024 reveals a significant shift in the priorities and tactics of Russian hacking groups. This is detailed in the report "War and Cyber: Three Years of Struggle and Lessons for Global Security," which specialists from the State Service of Special Communications and Information Protection (SSSCIP) developed in conjunction with the analytical center ICE Task Force.
COMPUTER SECURITY AND INCIDENT RESPONSE TEAM
CSIRT - is a computer emergency response team of the State Research Institute of Cyber Protection Technologies, which functions as part of the State Service for Special Communications and Information Protection of Ukraine. The main functional direction of the CSIRT is to counter cyber threats in automated systems and information and communication systems of the State Research and Development Institute of Cyber Security Technologies and energy industry enterprises. The territorial zone of responsibility consists of the western regions of Ukraine, namely: Khmelnytskyi, Rivne, Volyn, Ternopil, Chernivtsi, Ivano-Frankivsk, Lviv and Zakarpattia regions.
Tasks of the CSIRT:
accumulation and analysis of data on cyber incidents, maintenance of the state registry of cyber incidents;
providing owners of cyber protection facilities with practical assistance in preventing, identifying and eliminating the consequences of cyber incidents in relation to these facilities;
organization and holding of practical seminars on cyber protection issues for subjects of the national cyber security system and owners of cyber protection objects;
preparation and placement on its official website of recommendations on countering modern types of cyber-attacks and cyber-threats;
interaction with law enforcement agencies, providing them with timely information about cyber attacks;
interaction with foreign and international organizations on cyber incident response issues, in particular within the framework of participation in the FIRST Security Incident Response Teams Forum with payment of annual membership fees;
interaction with Ukrainian computer emergency response teams, as well as other enterprises, institutions and organizations, regardless of the form of ownership, that conduct activities related to ensuring the security of cyberspace;
processing information received from citizens about cyber incidents regarding cyber protection objects;
assistance to state bodies, local self-government bodies, military formations formed in accordance with the law, enterprises, institutions and organizations regardless of the form of ownership, as well as citizens of Ukraine in solving issues of cyber protection and countering cyber threats.
