Skip to main content

Statistical Report on the Results of the Vulnerability Detection and Cyber Incident and Cyberattack Response System Operation for 2023

08.01.2024

Throughout 2023, the Vulnerability Detection and Cyber Incident and Cyberattack Response System resources were used to process about 18 billion events, collected using the means for monitoring, analysis and transmission of telemetry information on cyber incidents and cyberattacks; detect 133 million suspicious information security events (at initial analysis); process 148,000 critical information security events (possible cyber incidents detected through filtering suspicious IS events and secondary analysis).

Besides, security analysts have directly detected and processed 1,105 cyber incidents, which is 62.5% more than in 2022.

24 new cyber defense objects of the government (22), energy (1), and military (1) sectors have been connected to the Vulnerability Detection and Cyber Incident and Cyberattack Response System throughout 2023.

Among the autonomous systems, whose infrastructure was identified as an active scanning source most frequently over the reporting period, we can distinguish Google, Hurricane, Google-Cloud-Platform, Cloudflarenet, DigitalOcean-ASN.

1,516,861 suspicious unique files were automatically detected over the reporting period by the subsystems included in the Vulnerability Detection and Cyber Incident and Cyberattack Response System. At that, SmokeLoader, Agent Tesla, Snake Keylogger, Remcos, Formbook prevail among the malware families detected in information security events under the category “02 Malicious software code.”

The detailed statistics is available in the Report below.

For reference. The Vulnerability Detection and Cyber Incident and Cyberattack Response System refers to a complex of software and software & hardware tools that ensure round-the-clock monitoring, analysis and transmission of telemetry data on cyber incidents and cyberattacks occurring or having occurred at cyber defense facilities and possibly affecting their sustainable performance.



Report file.


Image for the article

By topic «Security»

30.04.2024

The State Cyber Protection Center boosts technical capacities of the National Center for Public Information Resources Backup

18.04.2024

The State Cyber Protection Center boosts technical capacities of the National Center for Public Information Resources Backup

19.03.2024

The State Cyber Protection Center together with Palo Alto Networks Unit 42 have studied the SmokeLoader malware

12.03.2024

The State Cyber Protection Center boosts technical capacities of the National Center for Public Information Resources Backup

14.02.2024

The SSSCIP State Cyber Protection Center team ranks second at Warsaw cyber training

More news