Main FS Group Safeguards Reputation of Major Ukrainian Government Agency Amidst Wartime Cyber Threats

FS Group Safeguards Reputation of Major Ukrainian Government Agency Amidst Wartime Cyber Threats

State-sponsored cyberattacks from Russia broke out in 2014, targeting a leading Ukrainian government agency with a critical national function. The agency had insufficient security practices and tools to counter and prevent the attacks, so they sought expert assistance. FS Group provided the agency with advanced cybersecurity solutions for web security, threat intelligence, and incident prevention, response, and investigation, coupled with expert guidance and human support.

The Challenge

In 2014, amidst the outbreak of conflict with Russia, the public agency experienced its first significant cyberattack – a major DDoS incident.

What happened during the incident:

The website (with hundreds of visitors per day) and email service initially slowed down and were inaccessible for around 20 minutes.
Officers were unable to communicate with each other and the public due to the attack.
There was a threat to the country’s reputation and public trust.

The major challenge:

The agency didn’t have a cybersecurity department at that time. They urgently required expert intervention to halt the ongoing attack and safeguard their web resources from future threats.

The agency contacted FS Group, as they trusted the extensive expertise of the company and the experience of it with similar incidents.

The Solution

FS Group, renowned for its expertise in defending against cyberattacks in Ukraine, embarked on its first project with such a large and critical public organization. The initial step involved implementing FS Anti DDoS to protect the client’s web resources.

The solution comprises:

A web application for monitoring website parameters and providing timely alerts and reports.
A dedicated web security team (In collaboration with the client’s team):

Watch for anomalies in the FS Anti DDos web app;
Create custom preventive WAF rulesets for new potential threats;
Counter new attacks promptly and professionally. If needed, the FSG team reacts during non-work hours;
Consult a client’s team on any web resources-related questions.

Over time, the FSG team demonstrated their ability to handle high-stakes situations and fulfill a significant responsibility to protect Ukrainian citizens. They also proved to be flexible, highly responsive, and professional.

Result

As a result, FS Group has achieved the following:

Over 11 years of web resources stable operation. Including no incidents during the intensified attacks on Ukraine’s public sector since 2022.
150,000+ web attacks were prevented over 5 years.
50% of all data breaches were mitigated due to the timely identification of compromised accounts.
Hundreds of cyber threats were prevented thanks to immediate alerts from the FS group.
FS Group promptly provided over 50 incident reports with recommendations for mitigation and prevention.
Calm and assured public agency personnel, who know they have immediate access to cybersecurity experts for timely assistance in preventing and responding to attacks.

costs data breach for critical infrastructure industries

of the DDoS attacks in the EU targeted public administration, followed by transport for 17%, and banking/finance sectors for 9%.

employee training, proactive threat hunting, and threat intelligence reduce the cost of a data breach.

Key takeaways

The successful result of this case was possible thanks to the FS Group’s Cybersecurity customized solutions and services for incident prevention, response, and investigation beyond web resources:

1) FS IRT (incident response team) is an annual subscription to a range of services:

Consultations and trainings on how to improve client’s cybersecurity posture;
A monthly newsletter that highlights emerging vulnerabilities and threats, along with recommendations to address them;
Information security incident investigation;
Annual penetration testing.

2) DeepTopo is a software solution that provides a feed of anonymized IP addresses from the TOR, PROXY, and VPN categories sold on public forums or the DarkNet.

Integrating DeepTopo with the client’s SIEM system allows corporate networks to monitor traffic and determine whether to block or flag incoming and outgoing connections to specific IP addresses.

To circumvent network traffic monitoring systems, cybercriminals often hide their IP addresses. Restricting access to the client’s resources from suspicious IPs is one of the effective ways to reduce the risk of cyber incidents.

3) DeepCobalt is a monitoring tool that analyzes multiple data leaks to identify compromised accounts. The client gets prompt notifications about confidential data leaks before they become public.

What clients say

“The FS Group team gave us the confidence and knowledge to better prepare for future threats. Their regular consultations and training were invaluable in building our internal cybersecurity expertise.”

Engineering manager, client’s IT department.

Products that were used

FS IRT

DeepTopo

DeepCobalt

Secure Your Business Now

FS Group will protect you from evolving cybersecurity threats around the world.

First name Provide your First name Last name Provide your Last name

Company name Provide your Company name Job Title Provide your Job Title

Company sector

IT Sector Finance Health Public Sector Telecommunications Retail Education Other

Business email Invalid Business email Phone number Invalid Phone number

Check where your cyber security gap is This site is protected by reCAPTCHA and the Google Privacy Policy.

I need help right away