Ukraine Says Russian Hackers Are Preparing A Massive Strike

Hackers from Russia are infecting Ukrainian companies with malicious software to create “back doors” for a large, coordinated attack, Ukraine’s cyber police chief told Reuters on Tuesday 26th June. The hackers are targeting companies, including banks and energy infrastructure firms, in a roll out that suggests they are preparing to activate the malware in one massive strike, cyber police chief Serhiy Demedyuk said. 

Ukrainian police are working with foreign authorities to identify the hackers, Demedyuk added.

Law enforcement and corporate security teams around the world pay close attention to cyber threats in Ukraine, where some of the most destructive hacks in history have originated. A virus dubbed “NotPetya” hit Ukraine in June 2017, taking down government agencies and businesses before spreading to corporate networks around the globe, causing companies billions of dollars in losses.

“The fact that the Ukraine government has decided to go public with this shows that they are scared that this could have a big impact and want people to be aware,” said Jaime Blasco, chief scientist with cybersecurity firm AlienVault.

It is difficult to contain the impact of a cyberattack within one nation, so it is possible this new threat could spread around the globe, he added.

Since the start of the year, Ukraine police have identified viruses in phishing emails sent from legitimate domains of state institutions whose systems were hacked and fake webpages mimicking that of a real state body.

Hackers have sought to evade detection by breaking malware into separate files, which are put onto targeted networks before they activate them, Demedyuk said.

“Analysis of the malicious software that has already been identified and the targeting of attacks on Ukraine suggest that this is all being done for a specific day,” he said.

Relations between Ukraine and Russia plunged following Russia’s annexation of Crimea in 2014, and Kiev has accused Russia of orchestrating large-scale cyberattacks as part of a “hybrid war” against Ukraine, which Moscow repeatedly denies.

Some attacks have coincided with major Ukrainian holidays. Demedyuk said another strike could be launched on Thursday — Constitution Day — or on Independence Day in August.

The United States and Britain joined Ukraine in blaming Russia for the NotPetya campaign in 2017. It took a costly toll on quarterly results of major global corporations including Cadbury chocolate maker Mondelez International Inc and freight logistics company FedEx Corp.

The scale of the current campaign is the same as NotPetya, according to Demedyuk.

“This is support on a government level - very expensive and very synchronized. Without the help of government bodies, it would not be possible. We’re talking now about the Russian Federation,” he said.

“Everything we’re seeing, everything we’ve intercepted in this period: 99 percent of the traces come from Russia.”

Ukraine is better prepared to withstand such attacks thanks to cooperation with foreign allies including the United States, Britain and NATO, Demedyuk said.

Still, there are some Ukrainian companies that have not cleaned their computers after NotPetya struck, which means they are still infected by that virus and vulnerable to being used for another attack.

“We are sounding the alarm to remind people - come to your senses, check your equipment,” he said.

Reuters

You Might Also Read: 

Leaked Emails Expose Russian Exploits In Ukraine:

Ukraine Detects A Cyber Attack On A NATO Member:

« Chinese Hack Breached US Satellites
Former UK Spy Boss Say Russia Is 'live testing' Cyber-Attacks »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Zentek Digital Investigations

Zentek Digital Investigations

Zentek has been providing digital forensics services to the public and private sector for computers and mobile devices since 2004.

Axiomatics

Axiomatics

Axiomatics provides dynamic authorization and access control solutions to protect critical data assets.

SentinelOne

SentinelOne

SentinelOne is a pioneer in delivering autonomous security for the endpoint, datacenter and cloud environments to help organizations secure their assets with speed and simplicity.

Skurio

Skurio

Skurio create cost-effective, intuitive and powerful Cloud based solutions to identify threats, detect data breaches outside the network and automate the response.

SecuTech Solutions

SecuTech Solutions

SecuTech is a global leader in providing strong authentication and software licensing management solutions.

Cyber Security Specialists

Cyber Security Specialists

Cyber Security Specialists Limited provide Security services across a wide range of markets, from multi-national Corporate Organisations and Government Agencies, through to smaller Businesses.

Base Cyber Security

Base Cyber Security

Base Cyber Security is an information and cyber security talent service provider and career specialist.

Upfort

Upfort

Upfort (formerly Paladin Cyber) unifies award-winning security and robust cyber insurance to deliver comprehensive cyber risk solutions.

Wiser Market

Wiser Market

Wiser Market is a leading company in global online brand protection services, intellectual property protection, anti-Counterfeit & trademark infringements.

Arkphire

Arkphire

Arkphire provide solutions across every aspect of IT to help your business perform better.

Intracom Telecom

Intracom Telecom

Intracom Telecom is a global telecommunication systems & solutions vendor offering a complete range of professional services and solutions including Information Security.

blueAllianceIT

blueAllianceIT

blueAlliance IT is an investment and growth platform that unites local MSP and IT companies around the nation, helping them to grow and operate competitively.

Dataships

Dataships

We help companies automate their privacy compliance while building healthy, transparent data relationships with their customers.

SecurityBridge

SecurityBridge

SecurityBridge provide a cybersecurity connection between our customers’ IT departments, the forward-facing business services, and their SAP applications.

Options Technology

Options Technology

Options is a global leader in financial technology, specialising in Capital Markets technology and enterprise-grade solutions.

IS4IT Kritis

IS4IT Kritis

IS4IT is your partner for the successful planning, introduction and implementation of company-specific information security concepts.