Cyberattacks on Ukraine in the ongoing Russia-Ukraine war

A view shows the Ukrainian State Border Guard Service site damaged by shelling in Kyiv region, Ukraine, in this handout picture released February 24, 2022. Press service of the Ukrainian State Border Guard Service/Handout via REUTERS
1 0
Read Time:3 Minute, 37 Second

Russian attacks on Ukraine will have serious consequences for the world unless there is a miracle and life and freedom is saved.

However, in the present situation the only certainty is that after close to 80 years, it is a full blown ‘War’ in Europe.

And, with no surprises it is not a conventional but a hybrid war — mixing conventional tactics with disinformation and cyber assaults to destabilize the Ukrainian government and ignite chaos across a vulnerable society.

Ukraine has been a frequent victim of cyberattacks for past eight years which it doesn’t doubt are initiated from Russia.

The attacks on 14 January 2022 consisted of the hackers replacing the websites with text in Ukrainian, erroneous Polish, and Russian, which state “be afraid and wait for the worst” and allege that personal information has been leaked to the internet. About 70 government websites were affected, including the Ministry of Foreign Affairs, the Cabinet of Ministers, and the Security and Defense Council. The SBU has stated that no data was leaked. Soon after the message appeared, the sites were taken offline. The sites were mostly restored within a few hours.

Deputy secretary of the NSDC Serhiy Demedyuk, stated that the Ukrainian investigation of the attack suspects that a third-party company’s administration rights were used to carry out the attack. The unnamed company’s software had been used since 2016 to develop government sites, most of which were affected in the attack. Demedyuk also blamed UNC1151, a hacker group allegedly linked to Belarusian intelligence, for the attack.

A separate destructive malware attack took place around the same time, first appearing on 13 January. First detected by the Microsoft Threat Intelligence Center (MSTIC), malware was installed on devices belonging to “multiple government, non-profit, and information technology organizations” in Ukraine.

Later, this was reported to include the State Emergency Service and the Motor Transport Insurance Bureau.

The software, designated DEV-0586 or WhisperGate, was designed to look like ransomware, but lacks a recovery feature, indicating an intent to simply destroy files instead of encrypting them for ransom.

As per reports more recently on 15 February first the websites of Ukraine’s Defense Ministry and army went dark. Then customers of the country’s two largest state-owned banks couldn’t access their accounts — or, worse, saw their balances suddenly drained to zero.

They received fake text messages from Polish, Austrian and Estonian numbers on their phones, which warned them that ATMs were down.

The websites of Ukraine’s defense, foreign and interior ministries were unreachable or painfully slow to load Thursday morning after a punishing wave of distributed-denial-of-service attacks as Russia struck at its neighbor, explosions shaking the capital of Kyiv and other major cities.

In addition to DDoS attacks on Wednesday, cybersecurity researchers said unidentified attackers had infected hundreds of computers with destructive malware, some in neighboring Latvia and Lithuania.

Officials have long said they expect cyber attacks to precede and accompany any Russian military incursion, and analysts said the incidents hew to a nearly two-decade-old Russian playbook of wedding cyber operations with real-world aggression.

ESET Research Labs said it detected a new data-wiping piece of malware in Ukraine Wednesday on “hundreds of machines in the country.” It was not clear, however, how many networks were affected.

“With regards whether the malware was successful in its wiping capability, we assume that this indeed was the case and affected machines were wiped,” ESET research chief Jean-Ian Boutin said in response to questions from The Associated Press.

Boutin would not name the targets “to protect the victims, but these were large organizations that have been affected,” he said, adding that while ESET is unable to say who was responsible, “the attack appears to be related to the ongoing crisis in Ukraine.”   

   “Russia likely has been planning this for months, so it is hard to say how many organizations or agencies have been backdoored in preparation for these attacks,” said Chester Wisniewski,  principal research scientist at the cybersecurity firm Sophos.

One thing to observe in these attacks is that they don’t spare private or business systems in their attacks. It thus becomes imperative and essential to be prepared for the worst and not only establish a robust cybersecurity system but also a fool proof contingency plan.

Happy
Happy
0 %
Sad
Sad
0 %
Excited
Excited
0 %
Sleepy
Sleepy
0 %
Angry
Angry
0 %
Surprise
Surprise
0 %

Average Rating

5 Star
0%
4 Star
0%
3 Star
0%
2 Star
0%
1 Star
0%

Leave a Reply

Your email address will not be published.