The SSSCIP is constantly strengthening protection of the national information resources. One of such activities is detection of vulnerabilities in Ukrainian information resources, warning of the personnel in charge and control over the elimination of the detected cybersecurity holes.

The SSSCIP’s State Cyber Defense Center (SCDC) experts have performed 310 targeted web scans in the .UA and GOV.UA domains since the beginning of 2022. Those scans have detected 1,784 vulnerabilities in 310 resources. 16% of those vulnerabilities are of high severity level, 63% have medium severity level and 21% have low severity level.

Once a vulnerability was detected, the SSSCIP experts interviewed the owners of the affected resources and provided recommendations for addressing the gaps.

“We usually check if the owners have eliminated the vulnerabilities afterwards. In most cases, we have the results we need.” the SSSCIP SCDC Head Valeriy Bushkov explains. “If the follow-up scan shows that a vulnerability has not been eliminated, we contact the resource’s administrators again to find out the reasons, help them and consult them until the issue is resolved. It’s a routine and systemic work, an important element that ensures Ukraine’s resilience in countering the cyber aggression.”

The SSSCIP emphasizes the critical importance for all the public and private institutions and organizations to strengthen cyber defense of their information resources, systems and networks, to contact experts once an issue or a question arises and not to ignore cybersecurity challenges and threats.