CSIRT of

State Scientific and Research Institute of Cybersecurity Technologies and Information Protection

News

All news
Out-of-date software is one of the key threats for all categories of organizations - CSIRT

Out-of-date software is one of the key threats for all categories of organizations
15.05.2025 15:13

Among the key threats for all categories of organizations remain non-updated software and other gross errors of system administrators. This is stated in the analytical report Russian Cyber Operations H22024, prepared by specialists of the CERT-UA team, which operates as part of the State Cyber Defense Center of the State Service for Special Communications.

MITRE Updates ATT&CK Framework: New Techniques, Platforms, and Enhanced Defenses - CSIRT

MITRE Updates ATT&CK Framework: New Techniques, Platforms, and Enhanced Defenses
13.05.2025 08:15

MITRE, a leading organization in the cybersecurity field, has announced the 17th update to its ATT&CK framework. This framework is used globally for modeling adversary behavior, analyzing threats, and improving cybersecurity systems. The update reflects the latest trends in cyberattacks, incorporates new platforms, clarifies adversary tactics, and provides deeper insights into defensive measures.

Be Prepared: Hostile Hackers Aim to Scale Up Their Capabilities, Warns Official - CSIRT

Be Prepared: Hostile Hackers Aim to Scale Up Their Capabilities, Warns Official
29.04.2025 10:44

Russian-backed hacking groups are refining their tactics and will likely intensify their cyber operations against Ukraine. Therefore, all owners of information infrastructure must ensure maximum preparedness for potential cyberattacks.This warning was issued by Ihor Malcheniuk, Director of the Cybersecurity Department of the State Service of Special Communications and Information Protection of Ukraine (SSSCIP), speaking at the Secure International Summit in Bydgoszcz, Poland, where he was a keynote speaker.

UAC-0200: Espionage against the defense-industrial complex using DarkCrystal RAT (CERT-UA#14045)
10.04.2025 09:17

The government computer emergency response team CERT-UA has recorded numerous cases of targeted cyberattacks against both employees of defense-industrial complex enterprises and individual representatives of the Defense Forces of Ukraine.During March 2025, the Signal messenger detected the distribution of messages with archives that allegedly contain a report with the results of a meeting. At the same time, in some cases, to increase trust, messages can be sent from persons from the list of existing contacts whose accounts have been compromised in advance.

Cyber Challenges Demand Not Only Technological Solutions, But Also the Best Talent – Oleksandr Potii - CSIRT

Cyber Challenges Demand Not Only Technological Solutions, But Also the Best Talent Oleksandr Potii
10.03.2025 13:53

Today, digital security is a matter of national resilience, and everyone shares responsibility for cybersecurity government agencies, the private sector, expert communities, and civil society alike. Women are playing an increasingly important role in this, especially in the context of war, as they find their place in professions traditionally considered "male."

COMPUTER SECURITY AND INCIDENT RESPONSE TEAM

CSIRT - is a computer emergency response team of the State Research Institute of Cyber Protection Technologies, which functions as part of the State Service for Special Communications and Information Protection of Ukraine. The main functional direction of the CSIRT is to counter cyber threats in automated systems and information and communication systems of the State Research and Development Institute of Cyber Security Technologies and energy industry enterprises. The territorial zone of responsibility consists of the western regions of Ukraine, namely: Khmelnytskyi, Rivne, Volyn, Ternopil, Chernivtsi, Ivano-Frankivsk, Lviv and Zakarpattia regions.

Tasks of the CSIRT:

accumulation and analysis of data on cyber incidents, maintenance of the state registry of cyber incidents;
providing owners of cyber protection facilities with practical assistance in preventing, identifying and eliminating the consequences of cyber incidents in relation to these facilities;
organization and holding of practical seminars on cyber protection issues for subjects of the national cyber security system and owners of cyber protection objects;
preparation and placement on its official website of recommendations on countering modern types of cyber-attacks and cyber-threats;
interaction with law enforcement agencies, providing them with timely information about cyber attacks;
interaction with foreign and international organizations on cyber incident response issues, in particular within the framework of participation in the FIRST Security Incident Response Teams Forum with payment of annual membership fees;
interaction with Ukrainian computer emergency response teams, as well as other enterprises, institutions and organizations, regardless of the form of ownership, that conduct activities related to ensuring the security of cyberspace;
processing information received from citizens about cyber incidents regarding cyber protection objects;
assistance to state bodies, local self-government bodies, military formations formed in accordance with the law, enterprises, institutions and organizations regardless of the form of ownership, as well as citizens of Ukraine in solving issues of cyber protection and countering cyber threats.

Related sites