The Vulnerability Detection System (VDS) of the State Cyber Protection Center of the State Service of Special Communications and Information Protection processed over 3.8 million information security events in the first half of 2025. Almost 9,000 of them were classified as critical and required immediate intervention by specialists. This was reported by the State Service of Special Communications, writes UNN.
Details
As a result of the analysis by security analysts, 535 confirmed cyber incidents were detected and processed. The main targets of attacks traditionally included government and defense structures, as well as local self-government bodies.
The most common types of threats during this period were:
- network scanning – 34.55%;
- vulnerability exploitation attempts – 23.66%;
- undefined incidents – 14.26%;
- malicious connections – 13.67%;
- malware infection – 7.73%.
The most active groups attacking Ukraine's information resources were: UAC-0010 (cyber espionage) – 164 cyber incidents, UAC-0050 (theft of funds) – 25 cyber incidents, and UAC-0202 (information-psychological operations) – 16 cyber incidents. In total, these three groups accounted for 38% of all attacks during the reporting period.
The State Service of Special Communications continues to expand the System's coverage: in the first half of the year, 11 new network telemetry collection sensors (NDR) were installed, and over 40,000 servers and workstations were protected using the endpoint protection subsystem (EDR)
For reference
The Vulnerability Detection System is a powerful tool consisting of a complex network of sensors that constantly monitor suspicious activity in the networks of government agencies and critical infrastructure facilities.