WhisperGate: Russia Responsible For Cyber Attacks On Ukraine

Ukraine's State Security Agency (SBU), says that it has found convincing evidence that the recent cyber attacks on Ukrainian government websites are linked to hacking groups associated to Russian intelligence services.

According to the authoritative Zero Day website, dozens of Ukraine government computers across different agencies were wiped using a malware known as WhisperGate, which deletes or overwrites  important system files, rendering systems unable to boot up or otherwise operate. 

This malware works in stages and may lie dormant until triggered. It has the potential to spread and infect  other connected computers, resulting on permanent data destruction.

The extent to which it has spread to other computer networks operated by the Ukraine government is presently unknown.

This follows a week of fruitless meetings between US and Russian diplomats in which the White House had warned that Russia perpetrate 'false flag' operations and attack its own allies in Ukraine as a pretext to invade. 

The cyber attack has been called a preparatory move in advance of  possible military action. The cyber attack affected around 70 government websites in Ukraine overnight on Friday 14th January, making it the largest cyber attack on Ukraine since the widespread blackouts of 2016 affecting the electricity grid. The Ukraine Foreign Ministry website was hacked and temporarily displayed a message prior to the attack a message appeared warning Ukrainians to "prepare for the worst". 

Ukraine has come under intense pressure from its neighbour, with a build-up of some 100,000 Russian troops near its borders. The US and NATO have offered support to Ukraine and while Russia has made no official statement about the attack, Ukraine's Ministry of Information ministry says that Russian media reported the attacks before Ukraine did.

  • NATO said it would soon be signing an agreement with Ukraine on enhanced cyber cooperation, which would give it access to the alliance's malware information sharing platform.
  • The US government says it it will provide Ukraine with whatever support it needs to recover from the attack.

At the start of Friday's attack, a message on the hacked websites was posted in three languages, Ukrainian, Russian and Polish. "Ukrainian! All your personal data has been uploaded onto the public internet," the message read. It continued: "This is for your past, your present and your future." The Polish language message contained grammatical errors and did not appear to have been written by a native speaker, according to a statement issued by Poland's government, which also blamed Russia for the attack.

Ukraine has been repeatedly targeted since 2014, when Moscow invaded and annexed Crimea and started a war in the eastern Donbas region. About 288,000 cyber-attacks took place in the first 10 months of 2021, according to official figures, with 397,000 in 2020. 

Ukraine says that it does does not have offensive cyber weapons to attack back, but the official said it was prepared to defend against more assaults from Russia. In winter 2015 suspected Russian hackers took out parts of the country’s power grid, which led to almost a quarter of a million Ukrainians losing power and heat. A repeat attack happened in 2016.

Zero Day:    CNN:    CBS:     Reuters:      BBC:     Guardian:      Sky:      France24:     NPR:      PBS:   

You Might Also Read: 

The Emerging Domain Of  Cyber War:

 

« 'War Is Coming’ - TikTok Used To Scare Swedish Children
Employee Cyber Security Training Is Vital To Reduce Cyber Attacks »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Intelligence-sec

Intelligence-sec

Intelligence-Sec is a fully integrated Conferences and Exhibitions Company managing and producing topical events for the security industry.

Electus Recruitment Solutions

Electus Recruitment Solutions

Electus is a leading recruitment specialist in the Engineering, Technology & Digital and Cyber & Security sectors.

IMS Networks

IMS Networks

IMS Networks specializes in the design and management of high criticality networks and telecoms services including network security and Managed Security Services.

Team8

Team8

Team8 is Israel’s most prestigious cybersecurity think tank and venture creation foundry.

Cyber DriveWare

Cyber DriveWare

DriveWare analyzes new traffic in the I/O layer and blocks malware and cyber attacks which organizations have no means to protect against.

OneVisage

OneVisage

Our award-winning 3DAuth digital identity platform turns any consumer mobile device into a real-time 3D facial scanner that securely authenticates the user in seconds.

Red Snapper Recruitment

Red Snapper Recruitment

Red Snapper Recruitment is a market leading staffing services provider to the law enforcement, cyber security, offender supervision and regulatory services markets.

OurCrowd

OurCrowd

OurCrowd is a leading equity crowdfunding platform for investing in global startups.

Valarian

Valarian

Valarian (formerly Worldr) is on a mission to build cutting-edge solutions that empower borderless collaboration in the new era of digital sovereignty.

Seemplicity

Seemplicity

Seemplicity revolutionizes the way security teams work by automating, optimizing and scaling all risk reduction workflows in one workspace.

Wing Security

Wing Security

Wing fosters a stronger security culture by engaging SaaS end-users and enabling easy communication with security teams.

Cloud4C

Cloud4C

Cloud4C is a leading automation-driven, application focused cloud Managed Services Provider.

Laneden

Laneden

Laneden specialise in helping organisations identify security concerns and quantify the risks you may have across your assets, using Penetration Testing, Threat Simulation and Compliance Testing.

CyberTest

CyberTest

CyberTest offers cybersecurity consulting and penetration testing services that helps organizations and businesses securing their assets.

ELK Analytics

ELK Analytics

ELK Analytics is a specialized Managed Security Services Provider (MSSP) that focuses on endpoint security and monitoring & alerting for any type of structured or unstructured data.

Cyber Security Centre for the Isle of Man (CSC)

Cyber Security Centre for the Isle of Man (CSC)

The Cyber Security Centre for the Isle of Man is responsible for the delivery of the Isle of Man National Cyber Security Strategy.