Ukraine Says Russian Hackers Are Preparing A Massive Strike

Hackers from Russia are infecting Ukrainian companies with malicious software to create “back doors” for a large, coordinated attack, Ukraine’s cyber police chief told Reuters on Tuesday 26th June. The hackers are targeting companies, including banks and energy infrastructure firms, in a roll out that suggests they are preparing to activate the malware in one massive strike, cyber police chief Serhiy Demedyuk said. 

Ukrainian police are working with foreign authorities to identify the hackers, Demedyuk added.

Law enforcement and corporate security teams around the world pay close attention to cyber threats in Ukraine, where some of the most destructive hacks in history have originated. A virus dubbed “NotPetya” hit Ukraine in June 2017, taking down government agencies and businesses before spreading to corporate networks around the globe, causing companies billions of dollars in losses.

“The fact that the Ukraine government has decided to go public with this shows that they are scared that this could have a big impact and want people to be aware,” said Jaime Blasco, chief scientist with cybersecurity firm AlienVault.

It is difficult to contain the impact of a cyberattack within one nation, so it is possible this new threat could spread around the globe, he added.

Since the start of the year, Ukraine police have identified viruses in phishing emails sent from legitimate domains of state institutions whose systems were hacked and fake webpages mimicking that of a real state body.

Hackers have sought to evade detection by breaking malware into separate files, which are put onto targeted networks before they activate them, Demedyuk said.

“Analysis of the malicious software that has already been identified and the targeting of attacks on Ukraine suggest that this is all being done for a specific day,” he said.

Relations between Ukraine and Russia plunged following Russia’s annexation of Crimea in 2014, and Kiev has accused Russia of orchestrating large-scale cyberattacks as part of a “hybrid war” against Ukraine, which Moscow repeatedly denies.

Some attacks have coincided with major Ukrainian holidays. Demedyuk said another strike could be launched on Thursday — Constitution Day — or on Independence Day in August.

The United States and Britain joined Ukraine in blaming Russia for the NotPetya campaign in 2017. It took a costly toll on quarterly results of major global corporations including Cadbury chocolate maker Mondelez International Inc and freight logistics company FedEx Corp.

The scale of the current campaign is the same as NotPetya, according to Demedyuk.

“This is support on a government level - very expensive and very synchronized. Without the help of government bodies, it would not be possible. We’re talking now about the Russian Federation,” he said.

“Everything we’re seeing, everything we’ve intercepted in this period: 99 percent of the traces come from Russia.”

Ukraine is better prepared to withstand such attacks thanks to cooperation with foreign allies including the United States, Britain and NATO, Demedyuk said.

Still, there are some Ukrainian companies that have not cleaned their computers after NotPetya struck, which means they are still infected by that virus and vulnerable to being used for another attack.

“We are sounding the alarm to remind people - come to your senses, check your equipment,” he said.

Reuters

You Might Also Read: 

Leaked Emails Expose Russian Exploits In Ukraine:

Ukraine Detects A Cyber Attack On A NATO Member:

« Chinese Hack Breached US Satellites
Former UK Spy Boss Say Russia Is 'live testing' Cyber-Attacks »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

SiteLock

SiteLock

SiteLock is a global leader in website security solutions. We provide affordable, cybersecurity software solutions designed to allow small to midsize businesses to operate without fear of an attack.

Exabeam

Exabeam

Exabeam is a global cybersecurity leader that delivers AI-driven security operations.

OnSystem Logic

OnSystem Logic

OnSystem Logic has developed a unique, patent-pending solution to solve the problem of the exploitation of flaws in application software as a technique for cyber attacks.

macmon secure

macmon secure

macmon secure develops network security software, focussing on Network Access Control.

Herbert Smith Freehills

Herbert Smith Freehills

Herbert Smith Freehills is a leading professional services including data protection and privacy.

DeviceAssure

DeviceAssure

DeviceAssure enables organizations to reliably identify counterfeit and non-standard devices with a real-time check on a device's authenticity.

SubRosa Cyber Solutions

SubRosa Cyber Solutions

SubRosa Cyber Solutions solves its clients’ most tenacious information security, risk and compliance challenges through a multitude of information technology services and expertise.

Risk Strategies

Risk Strategies

Risk Strategies is a leading specialty risk management consultancy and insurance broker offering smarter, practical approaches to risk mitigation including Cyber Liability insurance.

Wickr

Wickr

Wickr's mission is to secure the world's most critical communications. Wickr provides the highest standard of encryption trusted by millions worldwide.

Auvik Networks

Auvik Networks

Auvik is easy-to-use cloud-based networking management and monitoring software - true network visibility and control without the hassle.

Quad9 Foundation

Quad9 Foundation

Quad9 is a free security solution that uses DNS to protect your system against the most common cyber threats. It improves your system's performance, plus, it preserves and protects your privacy.

CatchProbe Intelligence Technologies

CatchProbe Intelligence Technologies

CatchProbe provides actionable web intelligence, OSINT, deception systems, threat intelligence, and digital crime analytics solutions and products through an AI-Driven intelligence platform.

Telindus

Telindus

Telindus is the strategic IT partner for the flexible organization of the future. We build optimal IT infrastructure with four components: networking, cloud, cybersecurity and data & AI.

Sekur Private Data

Sekur Private Data

Sekur Private Data Ltd. is a Cybersecurity and Internet privacy provider of Swiss hosted solutions for secure communications and secure data management.

USX Cyber

USX Cyber

USX Cyber was founded on the idea that small and medium businesses deserve and require the same level and sophistication of cyber protection as large enterprises.

Instil Software

Instil Software

Instil helps technology brands transform, innovate and disrupt their markets with category-defining software products that challenge us to think, feel and act in new ways.