The article describes problems of modern criminal investigation of cyber-attacks on elements of critical infrastructure in Ukraine. It is focused on cyber-attacks as one of the most dangerous attacks at the application level of the OSI model. The implementation mechanisms of the most common cyber-attack types at the application level are analyzed and include: SQLinjections, session interception, DNS cache poisoning, attacks on the RDP and other remote administration tools. Particular attention is paid to the analysis of these attacks artifacts in order to create methods of criminal investigation.
cyber-attacks, artefacts, criminal investigation