WhisperGate: Russia Responsible For Cyber Attacks On Ukraine

Uploaded on 2022-01-19 in INTELLIGENCE-Hot Spots-Russia, GOVERNMENT-National, FREE TO VIEW, TECHNOLOGY--Hackers

Ukraine's State Security Agency (SBU), says that it has found convincing evidence that the recent cyber attacks on Ukrainian government websites are linked to hacking groups associated to Russian intelligence services.

According to the authoritative Zero Day website, dozens of Ukraine government computers across different agencies were wiped using a malware known as WhisperGate, which deletes or overwrites  important system files, rendering systems unable to boot up or otherwise operate. 

This malware works in stages and may lie dormant until triggered. It has the potential to spread and infect  other connected computers, resulting on permanent data destruction.

The extent to which it has spread to other computer networks operated by the Ukraine government is presently unknown.

This follows a week of fruitless meetings between US and Russian diplomats in which the White House had warned that Russia perpetrate 'false flag' operations and attack its own allies in Ukraine as a pretext to invade. 

The cyber attack has been called a preparatory move in advance of  possible military action. The cyber attack affected around 70 government websites in Ukraine overnight on Friday 14th January, making it the largest cyber attack on Ukraine since the widespread blackouts of 2016 affecting the electricity grid. The Ukraine Foreign Ministry website was hacked and temporarily displayed a message prior to the attack a message appeared warning Ukrainians to "prepare for the worst". 

Ukraine has come under intense pressure from its neighbour, with a build-up of some 100,000 Russian troops near its borders. The US and NATO have offered support to Ukraine and while Russia has made no official statement about the attack, Ukraine's Ministry of Information ministry says that Russian media reported the attacks before Ukraine did.

  • NATO said it would soon be signing an agreement with Ukraine on enhanced cyber cooperation, which would give it access to the alliance's malware information sharing platform.
  • The US government says it it will provide Ukraine with whatever support it needs to recover from the attack.

At the start of Friday's attack, a message on the hacked websites was posted in three languages, Ukrainian, Russian and Polish. "Ukrainian! All your personal data has been uploaded onto the public internet," the message read. It continued: "This is for your past, your present and your future." The Polish language message contained grammatical errors and did not appear to have been written by a native speaker, according to a statement issued by Poland's government, which also blamed Russia for the attack.

Ukraine has been repeatedly targeted since 2014, when Moscow invaded and annexed Crimea and started a war in the eastern Donbas region. About 288,000 cyber-attacks took place in the first 10 months of 2021, according to official figures, with 397,000 in 2020. 

Ukraine says that it does does not have offensive cyber weapons to attack back, but the official said it was prepared to defend against more assaults from Russia. In winter 2015 suspected Russian hackers took out parts of the country’s power grid, which led to almost a quarter of a million Ukrainians losing power and heat. A repeat attack happened in 2016.

Zero Day:    CNN:    CBS:     Reuters:      BBC:     Guardian:      Sky:      France24:     NPR:      PBS:   

You Might Also Read: 

The Emerging Domain Of  Cyber War:

 

« 'War Is Coming’ - TikTok Used To Scare Swedish Children
Employee Cyber Security Training Is Vital To Reduce Cyber Attacks »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

Oxygen Forensics

Oxygen Forensics

Oxygen Forensics offer the most advanced forensic data examination tools for mobile devices and cloud services.

NSFOCUS Information Technology

NSFOCUS Information Technology

NSFOCUS is a global service provider and enterprise DDoS mitigation solution provider.

SSLGURU

SSLGURU

SSLGURU bring all of the major SSL certificate vendors to one market place in order to create the world's largest SSL store with the most competitive prices.

Nordic IT Security

Nordic IT Security

Nordic IT Security is a cyber security business forum in Scandinavia bringing together the converging worlds of IT, Cyber and Information Security.

Cryptus Cyber Security

Cryptus Cyber Security

Cryptus Cyber Security is an Information Security Training company providing advanced training and services to IT Professionals.

Buglab

Buglab

The Buglab contest and Vigilante Protocol help companies all over the world to discover and fix vulnerabilities on their digital solutions or assets.

Fyde

Fyde

Fyde helps companies with an increasingly distributed workforce mitigate breach risk by enabling secure access to critical enterprise resources.

BELAC

BELAC

BELAC is the national accreditation body for Belgium.

Quantum Generation

Quantum Generation

Quantum Cyber Security for a new age of communications. We are developing the largest decentralized orbital, and ground quantum mesh network based on blockchain technology.

Informatics International

Informatics International

Informatics is a leading ICT provider in Sri Lanka, providing cutting-edge software & infrastructure solutions and services including cyber security.

Chainlink

Chainlink

Chainlink expands the capability of smart contracts by enabling access to real-world data and systems without sacrificing the security and reliability guarantees inherent to blockchain technology.

Contextual Security Solutions

Contextual Security Solutions

Contextual Security Solutions is a leading provider of penetration testing services and IT security & compliance audits.

Stronger International

Stronger International

Stronger International provides expert cyber services and training to organizations and individuals to enhance IT and security knowledge.

Salem Cyber

Salem Cyber

Salem Cyber builds Artificial Intelligence (AI) solutions that work collaboratively with people to address scalability challenges in cybersecurity operations.

Gen Digital

Gen Digital

At Gen™, our mission is to create technology solutions for people to take full advantage of the digital world, safely, privately, and confidently – so together, we can build a better tomorrow.

Myrror Security

Myrror Security

Myrror Security is a software supply chain security solution that aids lean security teams in safeguarding their software against breaches.