Unveiling the invisible war: Ukraine suffered 29 state-sponsored cyberattacks in 2022

William S. | February 15, 2023

In recent years, state-sponsored cyberattacks have become a growing concern for governments, businesses, and individuals alike. Government-sponsored groups or organizations often carry out these attacks to steal sensitive information, disrupt critical infrastructure, or undermine the operations of a targeted entity.

According to the data analyzed by the Atlas VPN team, Ukraine was a victim of 29 state-sponsored attacks in 2022. Behind most of the government-backed attacks stand China and Russia, with 44 and 38 cyberattacks, respectively.

The data is based on Council on Foreign Relations Cyber Operations Tracker. The cyber operations tracker categorizes all instances of publicly known state-sponsored cyber activity since 2005. The tracker only contains data in which the threat actor is suspected of being affiliated with a nation-state.

The United States suffered 14 state-sponsored cyberattacks. Most of these attacks came from Iran or China-backed hackers who launched phishing and malware campaigns against US companies or government entities.

State-backed hackers launched 7 attacks on Russia in 2022. The majority of them were by the Ukrainian IT army in response to Kremlin’s started war on Ukraine. Various DDoS attacks took down the banks, media, and Russian government websites.

South Korea was a victim of 6 government-backed cyberattacks. North Korean cybercriminals were behind most of the threats. In addition, they were responsible for all 5 attacks on cryptocurrency companies. Later on, the stolen funds are used to sponsor further threats and espionage.

India suffered 5 state-sponsored cyberattacks. Israel, as well as government institutions in the Middle East and EU member states, each were victims of 4 government-backed hacker attacks. Cybercriminals targeted Turkey in 3 cyberattacks. Finally, all other state-sponsored threats on countries not mentioned here made up 76 total cyberattacks.

State-sponsored spying

Governments around the world are engaged in a race to gather as much intelligence as possible. However, state-sponsored cyberattacks are used not only to spy but also to steal money or simply to destroy valuable data.

Nonetheless, out of all government-backed attacks in 2022, 110 were launched to spy on another country or organization. Financial theft was the reason behind 11 threats, while cybercriminals destroyed sensitive information in 8 cyberattacks.

Sabotaging a business or government agency with malware was the goal of 7 government-backed attacks. Hackers launched 6 DDoS cyberattacks to paralyze computer networks or websites. Cybercriminals unauthorizedly changed the appearance of a website, otherwise called a defacement attack, just once.

Governments were the primary targets of state-backed hackers, as they launched 75 attacks on such entities. Businesses faced 55 nation-sponsored cyberattacks. Cybercriminals hacked journalists, human rights activists, or other citizens 48 times. Lastly, military objects suffered 8 state-sponsored cyberattacks.

The rise of state-sponsored cyberattacks poses a significant threat to the stability of our interconnected world. Governments must collaborate to establish clear rules of engagement in cyberspace to prevent the expansion of malicious cyber activities that undermine trust and confidence in the digital infrastructure.