In 2024, Russian hackers primarily targeted Ukraine’s security and defense sector, as well as companies directly linked to it.
Oleksandr Potii, head of the State Service for Special Communications and Information Protection of Ukraine, said this in an interview with Ukrinform.
“Russian hackers have increasingly focused on establishing long-term access within information systems to gather intelligence. While this remained their priority throughout the past year, they were particularly interested in battlefield-related data. Their main targets were Ukraine’s security and defense sector, along with companies supporting it — especially those in the defense industry. Additionally, in 2024, financially motivated Russian cybercriminal groups have intensified their activities, engaging in fund theft through fraudulent schemes and targeted cyberattacks on large organizations,” Potii said.
According to him, since the start of the full-scale war, Ukraine’s cybersecurity agencies have observed a shift in Russian hacker tactics. In 2022, their main goal was to destroy information infrastructure and rapidly access databases to achieve quick results and propaganda effects.
“At that time, they attacked systems indiscriminately, going after any weak targets they could find. By 2023, however, attacks had become more focused and complex. We observed increased activity from Russian hacker groups conducting destructive cyberattacks. The main victims were IT companies, internet providers, and telecommunications service providers. At least 11 internet providers suffered from these attacks in 2023, culminating in the large-scale cyberattack on Kyivstar in December 2023,” he added.
Potii said that all these cyberattacks were accompanied by data leaks and publications in Russian social media.
Source: Ukraine's cyber watchdog reports on shift in Russian cyberattack focus
