Tag Archive for: Ukraine

In A Historic First, Ukraine To Join NATO’s Largest Cyber Security Exercise, Locked Shields 2024

/in




For the very first time, Ukraine will debut in NATO’s flagship cybersecurity exercise, Locked Shields 2024, announced by the National Cyber Security Coordination Center (the first working body of Ukraine’s National Security and Defense Council). 

China Threat Pushes US To Accelerate Next-Gen Interceptor Program; Expert Finds THAAD, Patriot & SM-3 ‘Ineffective’

Locked Shields, organized by the NATO Cooperative Cyber Defense Centre of Excellence (CCDCOE), is the world’s largest cybersecurity exercise. It will take place between April 22 and April 26.

The exercise serves as a crucible for honing cyber defense capabilities, fostering an environment where participants leverage their collective expertise to develop robust defense strategies. 

Since its inception in 2010, the exercise has evolved into the world’s largest and most realistic cyber defense drill, setting the standard for comprehensive cyber readiness.



This annual event convenes experts from diverse backgrounds to tackle cyber threats through realistic scenarios, emphasizing the importance of international cooperation in defending against cyber-attacks.

The National Cyber Security Coordination Center of Ukraine stressed the growing importance of Locked Shields in strengthening international collaboration in cyber defense, which is evident from the increasing number of participating countries each year. 

In its previous iteration in 2023, Locked Shields saw the participation of 33 countries forming 24 different teams. This year’s exercise, hosted in Estonia, is expected to draw around 4,000 experts from over 40 nations tasked with safeguarding a fictional nation’s critical infrastructure from cyber threats.

According to the National Cyber Security Coordination Center, Kyiv is forming a joint team with the Czech Republic for the exercises. The goal is to cultivate skills, share experiences, and foster cooperation in countering modern cyber threats. 

In March 2022, Ukraine became a member of the NATO Cyber Center in response to Russia’s large-scale invasion. 

Serhiy Demedyuk, Deputy Secretary of Ukraine’s National Security and Defense…

Source…

Dangerous New ICS Malware Targets Orgs in Russia and Ukraine

/in


Two dangerous malware tools targeted at industrial control systems (ICS) and operating technology (OT) environments in Europe are the latest manifestations of the cyber fallout from the war in Ukraine.

One of the tools, dubbed “Kapeka,” appears linked to Sandworm, a prolific Russian state-backed threat actor that Google’s Mandiant security group this week described as the country’s primary cyberattack unit in Ukraine. Security researchers from Finland-based WithSecure spotted the backdoor featured in 2023 attacks against an Estonian logistics company and other targets in Eastern Europe and perceive it as an active and ongoing threat.

Destructive Malware

The other malware — somewhat colorfully dubbed Fuxnet — is a tool that Ukraine government-backed threat group Blackjack likely used in a recent, destructive attack against Moskollector, a company that maintains a large network of sensors for monitoring Moscow’s sewage system. The attackers used Fuxnet to successfully brick what they claimed was a total of 1,700 sensor-gateways on Moskollector’s network and in the process disabled some 87,000 sensors connected to these gateways.

“The main functionality of the Fuxnet ICS malware was corrupting and blocking access to sensor gateways, and trying to corrupt the physical sensors as well,” says Sharon Brizinov, director of vulnerability research at ICS security firm Claroty, which recently investigated Blackjack’s attack. As a result of the attack, Moskollector will likely have to physically reach each of the thousands of affected devices and replace them individually, Brizinov says. “To restore [Moskollector’s] ability of monitoring and operating the sewage system all around Moscow, they will need to procure and reset the entire system.”

Kapeka and Fuxnet are examples of the broader cyber fallout from the conflict between Russia and Ukraine. Since the war between the two countries started in February 2022 — and even well before that — hacker groups from both sides developed and used a range of malware tools against each other. Many of the tools, including wipers and ransomware, have been destructive or disruptive in nature and mainly targeted critical infrastructure, ICS, and OT…

Source…

China’s Hikvision, Dahua Security Cameras Heighten Risks Of Russian Attacks On Ukraine

/in


KYIV – As Russia’s full-scale invasion of Ukraine nears the two-year mark, hundreds of thousands of Chinese-made Hikvision and Dahua video-surveillance cameras, used by government-run security systems, residences, and private companies throughout Ukraine, heighten the risks of attacks by the Russian military, Ukrainian digital-security experts and government officials fear.

When Russian missiles struck Kyiv in a January 2 attack that killed at least three people, two ordinary outdoor CCTV cameras – one for a condominium, the other for a parking lot — helped guide their way, the State Security Service of Ukraine (SBU) claims.

A heavily damaged building in Kyiv which was hit by a missile on January 2 that may have been guided by CCTV cameras.

A heavily damaged building in Kyiv which was hit by a missile on January 2 that may have been guided by CCTV cameras.

After hacking the cameras, Russian intelligence used them “to spy on the Defense Forces in the capital” and to record images of “critical infrastructure facilities,” according to the SBU.

One of those cameras was a 2016 Chinese-made Hikvision device, a law enforcement official who requested anonymity because of the sensitivity of the subject told Schemes, the investigative unit of RFE/RL’s Ukrainian Service.

“Such cameras are usually just connected to the Internet and are already relatively outdated — that is, with software that has not been updated for a long time and has many known vulnerabilities,” said Serhiy Denysenko, executive director of the Ukrainian information-security company CyberLab’s Digital Forensics Laboratory.

Information security specialist Serhiy Denysenko (left) with Schemes journalist Kyrylo Ovsyaniy.

Information security specialist Serhiy Denysenko (left) with Schemes journalist Kyrylo Ovsyaniy.

Manufacturers’ “basic” camera software means that “hackers — or, in this case, the Russian special services – who are scanning the Internet can find this camera and gain access to it,” Denysenko said.

To test the SBU’s claims, a Digital Forensics Laboratory specialist hacked into a 2015 Hikvision CCTV camera in about 15 minutes.

From 2014 to 2022, three Ukrainian companies imported over 875,000 CCTV cameras and other devices related to video surveillance made by Hikvision, and a single company imported nearly 1.1 million cameras and other devices related to video…

Source…

How Ukraine built a volunteer IT army from scratch

/in


As Russian bombs began to fall across Ukraine in February 2022, many faced a daunting choice: stay and fight or flee for safety. Among them was Ted, a tech entrepreneur living in Kyiv (who is using a pseudonym for security concerns). Initially taking his family to safety in Lviv, Ted wanted to fight. Lacking military skills, Ted like many other Ukrainians who had a tech background wanted to contribute on other battle fronts.

His wife was a public servant who was well-connected with the Ukrainian government. Through conversations with the Ministry of Digital Transformation, an idea arose to leverage people with tech backgrounds to defend the country on the cyber battlefield. What followed was the historic formation of a volunteer hacker army fighting on Ukraine’s behalf – the world’s first such group in cyber warfare.

The IT Army of Ukraine emerged just two days after Russia’s full-scale invasion of Ukraine in February 2022 as Ukraine’s Minister of Digital Transformation Mykhailo Fedorov issued a rallying cry to all volunteers willing to join the hacker ranks of the IT army to help defend Ukraine. He proclaimed, “We continue to fight on the cyber front.”

At its peak, the volunteer IT army’s Telegram channel reached around 300,000 members in March 2022.

IT army of Ukraine mykhailov Fedorov digital transformation Ukraine cyber troops
Ukraine’s Minister of Digital Transformation Mykhailo Fedorov tells about the achievements of the IT Army of Ukraine during the results of his agency over 2023. Photo: IT Army of Ukraine/FB

Fedorov’s call to action resonates with the historical appeal of the Special Operations Executive (SOE) during World War II – Winston Churchill’s famous directive to the SOE was to “set Europe ablaze,” inspiring a similar spirit of resistance in the digital domain.

“We tried to activate every part of society to resist Russia’s war,” Ted said of the early days of the war. Ukrainian officials and volunteers wanted to see how they could leverage the highly talented population of our society, “keeping in mind our software developers and people in the IT sector,” said Ted.

In the early days, organizers focused on the basics, such as creating a Telegram channel and doing the groundwork to get operations going….

Source…