Russian Cyber Crime Group Issues A Warning

Ukraine has been assaulted denial-of-service (DDoS) attacks and other cyber intrusions in advance of the Russian invasion and these are continuing.  In response, the Ukrainian government has called for volunteers from country’s hacker underground to help protect critical infrastructure and set up surveillance on Russian troops movements. 

Now, a Russian cyber crime group Conti, known for using ransomware to extort millions of dollars from US and European companies, has vowed to attack enemies of Russia if they respond to Russia’s invasion of Ukraine.

In a blog, the Conti group said it was announcing its “full support” for the government of President Vladimir Putin. On Thursday 24th February, the Russian military invaded neighbouring Ukraine from the north, east and south, in the biggest attack on a European state since World War Two “If anybody will decide to organise a cyber attack or any war activities against Russia, we are going to use our all possible resources to strike back at the critical infrastructures of an enemy,” the Conti blog post read. “As a response to Western war-mongering and American threats to use cyber warfare against the citizens of Russian Federation, the Conti Team is officially announcing that we will use our full capacity to deliver retaliatory measures in case the Western warmongers attempt to target critical infrastructure in Russia or any Russian-speaking region of the world. We do not ally with any government and we condemn the ongoing war. 

“However, since the West is known to wage its wars primarily by targeting civilians, we will use our resources in order to strike back if the well being and safety of peaceful citizens will be at stake due to American cyber aggression,” says the blog.

First detected in 2019, Conti has since been blamed for ransomware attacks against numerous US and European companies. In those incidents, Conti hackers invaded networks and encrypted data, disrupting operations and demanding payment to restore access. Among the victims were the state government  Louisiana and a New Mexico hospital, according to analysis by Emsisoft.

Conti Ransomware Group

Conti was first detected in December 2019 following  a number of apparently  of isolated  incidents over the next few months, with activity increasing significantly in mid-June 2020. Conti typically function using human-operated ransomware which typically features command line capabilities that enable operators monitoring the target environment to directly control, spread and execute the ransomware. 

This functionality gives attackers the unique ability to selectively choose to encrypt local files, network shares and/or specific IP addresses. Prior to encryption, Conti prepares the compromised system by deleting Windows Volume Shadow Copies and disabling 146 Windows services related to backup, security, database and email solutions. 

While Conti is considered a ransomware-as-a-service (RaaS) model business model, there is variation in its structure that differentiates it from a typical affiliate model. It is thought likely that Conti developers pay those affiliates who actually  deploy the ransomware a wage rather than a percentage of the criminal proceeds a from a successful attack. 

ContiNews     Reuters:     Reuters:     CISA:    :     HSToday:     Y Combinator:    Jerusalem Post:   EMISoft

You Might Also Read: 

The EU Mobilises Its Cyber Rapid Response Team To Deal With Russian Attacks


 

« Using Social Media To Track The Pandemic
Toyota Shut Down Japanese Plants In A Supply Chain Attack »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Cyber Security Associates (CSA)

Cyber Security Associates (CSA)

Cyber Security Associates provides cyber consultancy and cyber managed services which help to detect, protect and educate against the ever-changing cyber threat.

KPMG

KPMG

KPMG s a leading provider of professional services including information technology and cyber security consulting.

A10 Networks

A10 Networks

A10 Networks is a leader in application networking, helping organizations of all sizes to accelerate, optimize and secure their applications.

Quality Professionals (Q-Pros)

Quality Professionals (Q-Pros)

QPros are a recognized leader in providing full-cycle software quality assurance and application testing services.

Performanta

Performanta

Performanta offer a consultative approach to people, process and technology, focusing on security projects in line with adversarial, accidental and environmental business risk.

Neoteric Networks

Neoteric Networks

We deliver a no nonsense procedure to implementing technology. The technology selection process ensures that all customers enjoy an engineered methodology implementing technology.

Entel CyberSecure

Entel CyberSecure

Entel CyberSecure is a portfolio of Cybersecurity solutions and services for the protection, defense, risk management and regulatory compliance of ICT Systems for corporations and Government.

Totaljobs

Totaljobs

Totaljobs is the UK’s largest hiring platform. We have over 280,000 live jobs adverts on our site, helping you to find any type of job in any industry, including cybersecurity.

Incopro

Incopro

Incopro is an online IP and brand protection software provider that arms brand owners with actionable intelligence to combat online and offline intellectual property and copyright infringements.

Nihon Cyber Defense

Nihon Cyber Defense

Nihon Cyber Defence’s mission is to provide robust solutions, services and support to governments, corporates and organisations in order to protect them from all forms of cyber warfare.

SecureTech360

SecureTech360

SecureTech360 is a cybersecurity and IT consulting firm whose principals have extensive experience in Cybersecurity and Information Technology.

US Fleet Cyber Command (FLTCYBER)

US Fleet Cyber Command (FLTCYBER)

US Fleet Cyber Command is responsible for Navy information network operations, offensive and defensive cyberspace operations, space operations and signals intelligence.

Picnic

Picnic

Picnic is a gritty, pioneering team of intelligence and cybersecurity specialists focused on solving the security challenge of our time - social engineering.

Finesse Global

Finesse Global

Finesse is a global system integration and digital business transformation company.

Hackurity.io

Hackurity.io

Hackurity.io is a high energy IT security start-up founded in 2021 out of the frustration that IT Security is highly fragmented and reactive.

Orca Technology

Orca Technology

Orca is a UK-based Managed Service Provider delivering end-to-end managed IT services, support, hosted desktop, cloud solutions and strategic guidance.