WhisperGate: Russia Responsible For Cyber Attacks On Ukraine

Ukraine's State Security Agency (SBU), says that it has found convincing evidence that the recent cyber attacks on Ukrainian government websites are linked to hacking groups associated to Russian intelligence services.

According to the authoritative Zero Day website, dozens of Ukraine government computers across different agencies were wiped using a malware known as WhisperGate, which deletes or overwrites  important system files, rendering systems unable to boot up or otherwise operate. 

This malware works in stages and may lie dormant until triggered. It has the potential to spread and infect  other connected computers, resulting on permanent data destruction.

The extent to which it has spread to other computer networks operated by the Ukraine government is presently unknown.

This follows a week of fruitless meetings between US and Russian diplomats in which the White House had warned that Russia perpetrate 'false flag' operations and attack its own allies in Ukraine as a pretext to invade. 

The cyber attack has been called a preparatory move in advance of  possible military action. The cyber attack affected around 70 government websites in Ukraine overnight on Friday 14th January, making it the largest cyber attack on Ukraine since the widespread blackouts of 2016 affecting the electricity grid. The Ukraine Foreign Ministry website was hacked and temporarily displayed a message prior to the attack a message appeared warning Ukrainians to "prepare for the worst". 

Ukraine has come under intense pressure from its neighbour, with a build-up of some 100,000 Russian troops near its borders. The US and NATO have offered support to Ukraine and while Russia has made no official statement about the attack, Ukraine's Ministry of Information ministry says that Russian media reported the attacks before Ukraine did.

  • NATO said it would soon be signing an agreement with Ukraine on enhanced cyber cooperation, which would give it access to the alliance's malware information sharing platform.
  • The US government says it it will provide Ukraine with whatever support it needs to recover from the attack.

At the start of Friday's attack, a message on the hacked websites was posted in three languages, Ukrainian, Russian and Polish. "Ukrainian! All your personal data has been uploaded onto the public internet," the message read. It continued: "This is for your past, your present and your future." The Polish language message contained grammatical errors and did not appear to have been written by a native speaker, according to a statement issued by Poland's government, which also blamed Russia for the attack.

Ukraine has been repeatedly targeted since 2014, when Moscow invaded and annexed Crimea and started a war in the eastern Donbas region. About 288,000 cyber-attacks took place in the first 10 months of 2021, according to official figures, with 397,000 in 2020. 

Ukraine says that it does does not have offensive cyber weapons to attack back, but the official said it was prepared to defend against more assaults from Russia. In winter 2015 suspected Russian hackers took out parts of the country’s power grid, which led to almost a quarter of a million Ukrainians losing power and heat. A repeat attack happened in 2016.

Zero Day:    CNN:    CBS:     Reuters:      BBC:     Guardian:      Sky:      France24:     NPR:      PBS:   

You Might Also Read: 

The Emerging Domain Of  Cyber War:

 

« 'War Is Coming’ - TikTok Used To Scare Swedish Children
Employee Cyber Security Training Is Vital To Reduce Cyber Attacks »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Global Learning Systems (GLS)

Global Learning Systems (GLS)

Global Learning Systems provides security awareness and compliance training programs for employees that effectively promote behavior change and protect your organization.

EverC

EverC

EverC (formerly EverCompliant) is a leading provider of cyber intelligence that allows acquiring banks and payment service providers (PSP) to manage cyber risk.

SCADAfence

SCADAfence

SCADAfence offers cutting edge cybersecurity solutions designed to ensure the operational continuity of industrial (ICS/SCADA) networks.

Salt Communications

Salt Communications

Salt communications is a global leader in secure communications. Our bespoke platform is the secure communications solution that uniquely gives complete control to our customers.

Defence Intelligence

Defence Intelligence

Defence Intelligence is an information security firm specializing in advanced malware protection.

Corvid

Corvid

Corvid is an experienced team of cyber security experts who are passionate about delivering innovative, robust and extensive defence systems to help protect businesses against cyber threats.

The ai Corporation

The ai Corporation

The ai Enterprise Fraud Solution is an on-prem or cloud-based self-service, machine learning fraud detection and prevention tool set.

Verodin

Verodin

Verodin is a business platform that provides organizations with the evidence needed to measure, manage and improve their cybersecurity effectiveness.

Naoris

Naoris

Naoris is the world’s first holistic blockchain-based cybersecurity ecosystem, bringing a game-changing solution to address 35 years of industry similar practice.

Sonrai Security

Sonrai Security

Sonrai Security delivers an enterprise security platform focused on identity and data protection inside AWS, Azure, and Google Cloud.

BullGuard

BullGuard

BullGuard is an award-winning cybersecurity company focused on providing the consumer and small business markets with the confidence to use the internet in absolute safety.

DataExpert Singapore

DataExpert Singapore

DataExpert Singapore provide solutions and services in the areas of Digital Forensics, Data Recovery, Data Duplication, Data Degaussing & Wiping, Data Destruction, and IT Disposal.

Earlybird Venture Capital

Earlybird Venture Capital

Earlybird is a venture capital investor focused on European technology innovators.

VinCSS

VinCSS

VinCSS Internet Security Services JSC is a leading organization working in the field of researching, developing, producing products as well as providing cyber security services.

Triangle

Triangle

Triangle enable innovative business transformation by ensuring critical hybrid infrastructures are optimised, interoperable and secure.

ISO WISH

ISO WISH

Take your Business to the Next Level with ISO Certification in UAE.