Shuckworm Intensifies Cyber Attacks On Ukraine

Uploaded on 2023-06-20 in TECHNOLOGY--Hackers, INTELLIGENCE-Hot Spots-Russia, GOVERNMENT-Defence, FREE TO VIEW

Since the full-scale Russian invasion of Ukraine, the aggressor’s offensive forces have also launched an avalanche of cyber-espionage campaigns against Ukraine and its allies. 

Now, the Shuckworm espionage group is mounting multiple cyber attacks against Ukraine, with recent targets including security services, military, and government organisations. 

The persistent and focused online espionage campaigns by Shuckworm present the most severe threat yet observed to multiple Ukrainian organisations, mostly public sector.

Shuckworm, thought to be linked to the Russian FSB internal security agency, has succeeded in staging long-running intrusions, lasting for as long as three months. The attackers have repeatedly attempted to access sensitive information such as reports about the deaths of Ukrainian military service members, enemy engagements and air strikes, arsenal inventories, military training, and more.

These attacks were discovered by the Symantec (now part of BroadcomThreat Hunter Team and have been using phishing emails with malicious attachments, deploying backdoors and tools, and spreading custom malware via USB drives. 

To avoid detection, Shuckworm has updated its toolset and exploited legitimate services for command-and-control infrastructure. Symantec have spotted up to 25 new variants of the group’s scripts observed per month between January and April 2023.

To mitigate such attacks, organisations are advised to assess the risk of using USB devices, scan them with antivirus software, and educate users to identify and report phishing attempts.

Broadcom:    Symantec:    Oodaloop:     Infosecurity Magazine:     SOCPrime:    Unified Guru:     @OODA:

You Might Also Read: 

The Evolution Of Russian Cyber Warfare:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Is It Possible To Trust AI Decision-Making In Cybersecurity?
Manufacturers Are Today's Top Target For Cyber Crime  »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Feitian Technologies

Feitian Technologies

Feitian Technologies provides authentication and transaction security products for financial institutions, telecoms, government and leading business enterprises.

Citicus

Citicus

Citicus provides world-class security, risk and compliance management software, plus supporting services.

CERT Syria

CERT Syria

CERT Syria is the national Computer Emergency Response Team for Syria.

Bittium

Bittium

Bittium provides proven information security solutions for mobile devices and portable computers.

International Computer Science Institute (ICSI)

International Computer Science Institute (ICSI)

ICSI is a leading independent, nonprofit center for research in computer science. Research areas include network security and privacy.

Swiss Re

Swiss Re

Swiss Re Group is a leading wholesale provider of reinsurance, insurance and other insurance-based forms of risk transfer including cyber risk.

BitSight Technologies

BitSight Technologies

BitSight transforms how companies manage information security risk with objective, verifiable and actionable Security Ratings.

Polyrize

Polyrize

The Polyrize continuous authorization platform for SaaS and IaaS stops tomorrow's public cloud cyber threats, today.

Exire Technologies

Exire Technologies

Exire Technologies is comprised of a team of professionals who are specialised in cybersecurity and a value added reseller and integrator of ICT security systems.

Blue Cedar

Blue Cedar

Blue Cedar's mobile app security integration platform secures and accelerates mobile app deployment for enterprises and government organizations around the world.

Shevirah

Shevirah

Shevirah specializes in products for automated mobile and IoT device vulnerability assessment, penetration testing, and mobile security awareness training.

Theta432

Theta432

THETA432 is a cybersecurity firm that provides 24/7/365 managed prevention, detection, response, Hybrid SOC, cyber defense monitoring services with dynamically defined defense (3D™).

Alibaba Cloud

Alibaba Cloud

Alibaba Cloud is committed to safeguarding the cloud security for every business by leveraging a comprehensive suite of enterprise security services and products on the platform.

Park Place Technologies

Park Place Technologies

Park Place Technologies' mission is to drive uptime, performance and value for critical IT infrastructure.

Techsolidity

Techsolidity

Techsolidity is an emerging e-learning platform that offers a wide range of upskilling programs worldwide in areas including cybersecurity.

Panoptic Cyber

Panoptic Cyber

Panoptic Cyber are a team of elite Armed Forces Veterans who hold a wealth of experience in Information Security, Cyber Security, Data Protection and Risk Management.