Ukraine Says Russian Hackers Are Preparing A Massive Strike

Hackers from Russia are infecting Ukrainian companies with malicious software to create “back doors” for a large, coordinated attack, Ukraine’s cyber police chief told Reuters on Tuesday 26th June. The hackers are targeting companies, including banks and energy infrastructure firms, in a roll out that suggests they are preparing to activate the malware in one massive strike, cyber police chief Serhiy Demedyuk said. 

Ukrainian police are working with foreign authorities to identify the hackers, Demedyuk added.

Law enforcement and corporate security teams around the world pay close attention to cyber threats in Ukraine, where some of the most destructive hacks in history have originated. A virus dubbed “NotPetya” hit Ukraine in June 2017, taking down government agencies and businesses before spreading to corporate networks around the globe, causing companies billions of dollars in losses.

“The fact that the Ukraine government has decided to go public with this shows that they are scared that this could have a big impact and want people to be aware,” said Jaime Blasco, chief scientist with cybersecurity firm AlienVault.

It is difficult to contain the impact of a cyberattack within one nation, so it is possible this new threat could spread around the globe, he added.

Since the start of the year, Ukraine police have identified viruses in phishing emails sent from legitimate domains of state institutions whose systems were hacked and fake webpages mimicking that of a real state body.

Hackers have sought to evade detection by breaking malware into separate files, which are put onto targeted networks before they activate them, Demedyuk said.

“Analysis of the malicious software that has already been identified and the targeting of attacks on Ukraine suggest that this is all being done for a specific day,” he said.

Relations between Ukraine and Russia plunged following Russia’s annexation of Crimea in 2014, and Kiev has accused Russia of orchestrating large-scale cyberattacks as part of a “hybrid war” against Ukraine, which Moscow repeatedly denies.

Some attacks have coincided with major Ukrainian holidays. Demedyuk said another strike could be launched on Thursday — Constitution Day — or on Independence Day in August.

The United States and Britain joined Ukraine in blaming Russia for the NotPetya campaign in 2017. It took a costly toll on quarterly results of major global corporations including Cadbury chocolate maker Mondelez International Inc and freight logistics company FedEx Corp.

The scale of the current campaign is the same as NotPetya, according to Demedyuk.

“This is support on a government level - very expensive and very synchronized. Without the help of government bodies, it would not be possible. We’re talking now about the Russian Federation,” he said.

“Everything we’re seeing, everything we’ve intercepted in this period: 99 percent of the traces come from Russia.”

Ukraine is better prepared to withstand such attacks thanks to cooperation with foreign allies including the United States, Britain and NATO, Demedyuk said.

Still, there are some Ukrainian companies that have not cleaned their computers after NotPetya struck, which means they are still infected by that virus and vulnerable to being used for another attack.

“We are sounding the alarm to remind people - come to your senses, check your equipment,” he said.

Reuters

You Might Also Read: 

Leaked Emails Expose Russian Exploits In Ukraine:

Ukraine Detects A Cyber Attack On A NATO Member:

« Chinese Hack Breached US Satellites
Former UK Spy Boss Say Russia Is 'live testing' Cyber-Attacks »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

SafeUM Communications

SafeUM Communications

SafeUM Secure Messenger is an encrypted secure communications protection mechanism for instant messaging.

Second Nature Security (2NS)

Second Nature Security (2NS)

2NS provide vulnerability assessment, penetration testing, security audit, application and network security and secure software development processes.

HudsonCyber

HudsonCyber

HudsonCyber, part of HudsonAnalytix, provides leading cyber risk management services for the global maritime transportation industry.

Avira

Avira

Avira provide a portfolio of antivirus, security and performance applications for Windows, Android, Mac, and iOS.

Document Security Systems (DSS)

Document Security Systems (DSS)

DSS anti-counterfeit, authentication, and brand protection solutions are deployed to prevent attacks which threaten products, digital presence, financial instruments, and identification.

Slice

Slice

Slice offer subscription based Cyber Insurance for small businesses.

Nokia

Nokia

Nokia is a proven leader in fixed, mobile and IoT security offering capabilities that range from systems design to integration and support.

PQShield

PQShield

PQShield are specialists in Post-Quantum Cryptography. We provide quantum-secure cryptographic solutions for software, software/hardware co-design and data in transit.

Sabat Group

Sabat Group

Sabat Group provide relationship-driven information security & cyber security recruiting services.

SHe CISO Exec

SHe CISO Exec

SHe CISO Exec is a sustainable global training and mentoring platform in information security and leadership.

Unlimited Technology

Unlimited Technology

Unlimited Technology offers a wide range of talent and experience, from assessing your requirements to implementing technologically advanced security solutions to best fit your needs.

Paradyn

Paradyn

Paradyn-managed security services can provide a holistic view of your business environment, no matter how simple or complex it is.

Metabase Q

Metabase Q

Metabase Q protects you from financial and reputational losses with more efficient and intelligent cybersecurity, using the best worldwide in technologies, processes and specialists.

ANSSI Burkina Faso

ANSSI Burkina Faso

ANSSI is responsible for managing the security of information systems and cyberspace in Burkina Faso.

Reken

Reken

Reken are building a new type of AI platform and products to protect against generative AI threats.

Cyber Compliance Watch

Cyber Compliance Watch

Free index and notification of main new cyber security publications (standards and regulations) from agencies and regulators.