Shuckworm Intensifies Cyber Attacks On Ukraine

Uploaded on 2023-06-20 in TECHNOLOGY--Hackers, INTELLIGENCE-Hot Spots-Russia, GOVERNMENT-Defence, FREE TO VIEW

Since the full-scale Russian invasion of Ukraine, the aggressor’s offensive forces have also launched an avalanche of cyber-espionage campaigns against Ukraine and its allies. 

Now, the Shuckworm espionage group is mounting multiple cyber attacks against Ukraine, with recent targets including security services, military, and government organisations. 

The persistent and focused online espionage campaigns by Shuckworm present the most severe threat yet observed to multiple Ukrainian organisations, mostly public sector.

Shuckworm, thought to be linked to the Russian FSB internal security agency, has succeeded in staging long-running intrusions, lasting for as long as three months. The attackers have repeatedly attempted to access sensitive information such as reports about the deaths of Ukrainian military service members, enemy engagements and air strikes, arsenal inventories, military training, and more.

These attacks were discovered by the Symantec (now part of BroadcomThreat Hunter Team and have been using phishing emails with malicious attachments, deploying backdoors and tools, and spreading custom malware via USB drives. 

To avoid detection, Shuckworm has updated its toolset and exploited legitimate services for command-and-control infrastructure. Symantec have spotted up to 25 new variants of the group’s scripts observed per month between January and April 2023.

To mitigate such attacks, organisations are advised to assess the risk of using USB devices, scan them with antivirus software, and educate users to identify and report phishing attempts.

Broadcom:    Symantec:    Oodaloop:     Infosecurity Magazine:     SOCPrime:    Unified Guru:     @OODA:

You Might Also Read: 

The Evolution Of Russian Cyber Warfare:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Is It Possible To Trust AI Decision-Making In Cybersecurity?
Manufacturers Are Today's Top Target For Cyber Crime  »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

HackerOne

HackerOne

HackerOne was started by hackers and security leaders who are driven by a passion to make the internet safer.

Energy Sec

Energy Sec

EnergySec is a United States 501(c)(3) non-profit corporation formed to support energy sector organizations with the security of their critical technology infrastructures.

Bromium

Bromium

Bromium deliver a new technology called micro-virtualization to address the enterprise security problem and provide protection for end users against advanced malware.

Conference-Service.com

Conference-Service.com

Conference-Service.com provides a categorised calendar of conferences and events which includes Information Security.

Protocol Policy Systems

Protocol Policy Systems

Protocol Policy Systems specialise in IT policy deployment and management systems that deliver compliance and secure computing environments.

WeSecureApp (WSA)

WeSecureApp (WSA)

WeSecureApp is specialized in providing Cyber Security Solutions to safeguard your applications and networks.

totemo

totemo

Totemo offers solutions for the secure exchange of business information.

Sweepatic

Sweepatic

The Sweepatic reconnaissance platform discovers and analyses all internet facing assets and their exposure to risk.

ePLDT

ePLDT

ePLDT delivers best-in-class digital business solutions that include Cloud, Cyber Security, purpose-built Data Center facilities and Managed IT Services.

BigPanda

BigPanda

BigPanda is the first provider of Autonomous Operations solutions that empower IT Operations at large, complex enterprises.

ANSEC IA

ANSEC IA

ANSEC is a consultancy practice providing independent Information Assurance and IT Security focussed services to customers throughout the UK, Ireland and internationally.

Deft

Deft

Deft (formerly ServerCentral Turing Group) is a trusted provider of colocation, cloud, and disaster recovery services.

FoxTech

FoxTech

FoxTech is an independent, friendly and deeply specialised cyber security company in the UK, with expertise spanning decades of Public Sector and Government services.

DynTek

DynTek

DynTek delivers exceptional, cost-effective professional IT consulting services, end-to-end IT solutions and managed IT services.

Forward Networks

Forward Networks

Forward Networks - transforming networks to be more reliable, agile, and secure.

PDI Technologies

PDI Technologies

PDI Technologies helps convenience retail and petroleum wholesale businesses around the globe increase efficiency and profitability by securely connecting their data and operations.