WhisperGate: Russia Responsible For Cyber Attacks On Ukraine

Uploaded on 2022-01-19 in INTELLIGENCE-Hot Spots-Russia, GOVERNMENT-National, FREE TO VIEW, TECHNOLOGY--Hackers

Ukraine's State Security Agency (SBU), says that it has found convincing evidence that the recent cyber attacks on Ukrainian government websites are linked to hacking groups associated to Russian intelligence services.

According to the authoritative Zero Day website, dozens of Ukraine government computers across different agencies were wiped using a malware known as WhisperGate, which deletes or overwrites  important system files, rendering systems unable to boot up or otherwise operate. 

This malware works in stages and may lie dormant until triggered. It has the potential to spread and infect  other connected computers, resulting on permanent data destruction.

The extent to which it has spread to other computer networks operated by the Ukraine government is presently unknown.

This follows a week of fruitless meetings between US and Russian diplomats in which the White House had warned that Russia perpetrate 'false flag' operations and attack its own allies in Ukraine as a pretext to invade. 

The cyber attack has been called a preparatory move in advance of  possible military action. The cyber attack affected around 70 government websites in Ukraine overnight on Friday 14th January, making it the largest cyber attack on Ukraine since the widespread blackouts of 2016 affecting the electricity grid. The Ukraine Foreign Ministry website was hacked and temporarily displayed a message prior to the attack a message appeared warning Ukrainians to "prepare for the worst". 

Ukraine has come under intense pressure from its neighbour, with a build-up of some 100,000 Russian troops near its borders. The US and NATO have offered support to Ukraine and while Russia has made no official statement about the attack, Ukraine's Ministry of Information ministry says that Russian media reported the attacks before Ukraine did.

  • NATO said it would soon be signing an agreement with Ukraine on enhanced cyber cooperation, which would give it access to the alliance's malware information sharing platform.
  • The US government says it it will provide Ukraine with whatever support it needs to recover from the attack.

At the start of Friday's attack, a message on the hacked websites was posted in three languages, Ukrainian, Russian and Polish. "Ukrainian! All your personal data has been uploaded onto the public internet," the message read. It continued: "This is for your past, your present and your future." The Polish language message contained grammatical errors and did not appear to have been written by a native speaker, according to a statement issued by Poland's government, which also blamed Russia for the attack.

Ukraine has been repeatedly targeted since 2014, when Moscow invaded and annexed Crimea and started a war in the eastern Donbas region. About 288,000 cyber-attacks took place in the first 10 months of 2021, according to official figures, with 397,000 in 2020. 

Ukraine says that it does does not have offensive cyber weapons to attack back, but the official said it was prepared to defend against more assaults from Russia. In winter 2015 suspected Russian hackers took out parts of the country’s power grid, which led to almost a quarter of a million Ukrainians losing power and heat. A repeat attack happened in 2016.

Zero Day:    CNN:    CBS:     Reuters:      BBC:     Guardian:      Sky:      France24:     NPR:      PBS:   

You Might Also Read: 

The Emerging Domain Of  Cyber War:

 

« 'War Is Coming’ - TikTok Used To Scare Swedish Children
Employee Cyber Security Training Is Vital To Reduce Cyber Attacks »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ANS Group

ANS Group

ANS are a strong team of straight-talking tech and business experts. Our mission is to make digital transformation accessible to all.

HackRead

HackRead

HackRead is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends.

Veridify Security

Veridify Security

Veridify Security (formerly SecureRF), develops and licenses quantum-resistant, public-key security tools for the low-resource processors powering the Internet of Things.

OIC-CERT

OIC-CERT

OIC-CERT is the Computer Emergency Response Team for Organisation of Islamic Cooperation (OIC) member countries.

Ravelin Technology

Ravelin Technology

Ravelin prevents chargebacks, fraud, and account takeover. Machine learning and human insight combine for highly accurate fraud detection and prevention.

Elemendar

Elemendar

Elemendar Artificial Intelligence reads cyber threat reports written by humans and translates them into industry-standard, machine-readable and machine-actionable data.

Cequence Security

Cequence Security

Cequence, a pioneer in API security and bot management, is the only solution that delivers Unified API Protection (UAP), uniting discovery, compliance, and protection.

Vulcan Cyber

Vulcan Cyber

At Vulcan, we’re modernizing the way enterprises reduce their cyber risk. From detection to resolution, we automate and orchestrate the vulnerability remediation process dynamically and at scale.

Maritime Transportation System Information Sharing and Analysis Center (MTS-ISAC)

Maritime Transportation System Information Sharing and Analysis Center (MTS-ISAC)

MTS-ISAC promotes and facilitates maritime cybersecurity information sharing, awareness, training, and collaboration efforts between private and public sector stakeholders.

TekSynap

TekSynap

TekSynap is a full spectrum Information Technology services provider to federal government agencies.

GLIMPS

GLIMPS

GLIMPS-Malware automatically detects malware affecting standard computer systems, manufacturing systems, IOT or automotive domains.

RiskSmart

RiskSmart

RiskSmart empower risk, compliance, and legal teams with a tech-led and data-driven platform designed to save time, reduce costs and add real value to businesses.

CDS

CDS

CDS is a strategic change agency enabling organisations and businesses to create and build better services to meet the evolving needs of customers, employees and citizens.

MajorKey Technologies

MajorKey Technologies

MajorKey improves security performance by reducing user friction and business risk, empowering your people, and protecting your IP.

ShieldIO

ShieldIO

ShieldIO Real-Time Homomorphic Encryption™ enables your organization to reach regulatory compliance without compromising data availability.

CESAR

CESAR

CESAR is one of the premier R+D and innovation centers in Brazil and a designated Cybersecurity Competence Center.