Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
State Hydrographic Service of Ukraine

State Hydrographic Service of Ukraine Vendor Cyber Rating & Cyber Score

hydro.gov.ua

The State Hydrographic Service of Ukraine (SHSU) is a national hydrographic office, lighthouse authority and Maritime Safety Information (MSI) / NAVTEX national coordinator established within the framework of the Ministry of Infrastructure of Ukraine, while the State Service for Maritime and River Transport of Ukraine performs surveillance over the navigational and hydrographic support of shipping. The main tasks of the SHSU are hydrographic surveying performance; electronic (ENC) and paper navigational nautical and inland waterways charts compilation, production and update; aids-to-navigation (AtoN), including lighthouses, deployment, maintenance, operation and exploitation; MSI, including coastal warnings dissemination, using the NAVTEX


SHSU A.I CyberSecurity Scoring

SHSU
Company Information
Website:http://hydro.gov.ua
Employees number:25
Number of followers:0
NAICS:483
Industry Type:Maritime Transportation
Homepage:hydro.gov.ua
SHSU Risk Score (AI oriented)
Between 800 and 849
logo
SHSUMaritime Transportation
Updated:
05/04/2026
809/1000
Good
A
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
SHSU Global Score (TPRM)
xxxx
logo
SHSUMaritime Transportation
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

SHSU
SHSUGood
Current Score
809A (GOOD)
01000
1 incidents
-8 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
809Before Incident
JUNE 2026
809Before Incident
MAY 2026
809Before Incident
APRIL 2026
809Before Incident
MARCH 2026
808Before Incident
FEBRUARY 2026
808Before Incident
JANUARY 2026
816Before Incident
Vulnerability
15 Jan 2026SHSU
Zimbra and Ukraine’s State Hydrographic Service: Russian hackers exploit Zimbra flaw to breach Ukrainian maritime agency

Russian APT28 Exploits Zimbra Flaw in Stealthy Phishing Attack on Ukrainian Agency

808After Incident
CRITICAL-8
ZIMSTA1773930456
Russian APT28 Exploits Zimbra Flaw in Stealthy Phishing Attack on Ukrainian Agency A Russian state-backed hacking group, APT28 (also known as Fancy Bear), targeted Ukraine’s State Hydrographic Service in a sophisticated phishing campaign exploiting a cross-site scripting (XSS) vulnerability in Zimbra webmail. The attack, uncovered by cybersecurity firm Seqrite, leveraged CVE-2025-66376 to inject malicious code into an email’s HTML body, bypassing traditional security measures. Unlike conventional phishing attempts, the email contained no malicious attachments or links. Instead, it appeared as a routine internship inquiry in Ukrainian, with the exploit embedded directly in the message. When opened in an active Zimbra session, the code executed silently, enabling attackers to harvest login credentials, session tokens, backup 2FA codes, stored passwords, and up to 90 days of mailbox data. The malicious email was sent in January 2025 from a compromised student account. By exploiting a trusted webmail environment, APT28 evaded detection, intercepting authenticated sessions without deploying malware or triggering standard defenses. APT28, linked to Russia’s military intelligence, has a history of targeting Ukrainian and Western government entities, defense contractors, and logistics networks. Recent research also tied the group to operations involving new malware strains, BadPaw and MeowMeow. Zimbra webmail has been a recurring target for Russian-linked groups, including APT29 and Winter Vivern, in espionage campaigns across Eastern Europe.
INCIDENT DETAILS -
TYPE
Phishing, Espionage
MOTIVATION
Espionage, Data Theft
IMPACT
Data Compromised: Login credentials, session tokens, backup 2FA codes, stored passwords, 90 days of mailbox dataSystems Affected: Zimbra webmailIdentity Theft Risk: High
DATA BREACH
Type Of Data Compromised: Credentials, Session Tokens, 2FA Codes, EmailsSensitivity Of Data: HighData Exfiltration: YesPersonally Identifiable Information: Yes
DECEMBER 2025
816Before Incident
NOVEMBER 2025
816Before Incident
OCTOBER 2025
816Before Incident
SEPTEMBER 2025
816Before Incident
AUGUST 2025
816Before Incident

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for SHSU ?
?
What was SHSU's A.I Rankiteo Cyber Score in June 2026 ?
?
What was SHSU's A.I Rankiteo Cyber Score in May 2026 ?
?
What was SHSU's A.I Rankiteo Cyber Score in April 2026 ?
?
What was SHSU's A.I Rankiteo Cyber Score in March 2026 ?
?
What was SHSU's A.I Rankiteo Cyber Score in February 2026 ?
?
What was SHSU's A.I Rankiteo Cyber Score in January 2026 ?
?
What was SHSU's A.I Rankiteo Cyber Score in December 2025 ?
?
What was SHSU's A.I Rankiteo Cyber Score in November 2025 ?
?
What was SHSU's A.I Rankiteo Cyber Score in October 2025 ?
?
What was SHSU's A.I Rankiteo Cyber Score in September 2025 ?
?
What was SHSU's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on SHSU's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with SHSU ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view SHSU's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?