Tag Archive for: Ukraine

Ukraine faces second day of huge phone and internet outage after suspected Russian cyberattack

/in


Ukraine on Wednesday entered the second day of limited communications after its largest mobile phone and internet provider was hit by a huge cyberattack, Ukrainian officials and the internet provider said Wednesday.

The company, Kyivstar, shut down all mobile and internet service Tuesday after experiencing what its CEO said was a Russian cyberattack.

The Kyivstar hack is one of the biggest cyberattacks on the civilian telecommunications industry in history, and one of the most influential of the Russia-Ukraine war. Kyivstar’s website is still inaccessible, but an archived version of it from November said it has more than 25 million customers nationwide, more than half the country’s population.

Kyivstar announced Wednesday it had begun to restore service, but Kentik, a company that tracks global internet connectivity, said Kyivstar was operating at a fraction of its normal traffic levels.

In addition to cutting off communications for millions of Ukrainians, the Kyivstar attack resulted in other critical services shutting down.

The head of Kyiv’s Regional Military Administration, Ruslan Kravchenko, said on Telegram that the outage disrupted air alert systems in multiple cities, forcing authorities to use backup alarms. Russia launched a missile attack Wednesday morning, Kyiv’s mayor said on his Telegram channel, resulting in 53 people being injured and 20 being hospitalized.

Ukraine’s largest bank, PrivatBank, announced that a lack of functioning internet connection had resulted in some ATMs and point-of-sale terminals not working.

In the city of Liviv, which uses internet-connected smart streetlights, the Kyivstar outage meant that the lights had to be disconnected manually, the City Council said on its website.

Ukrainian authorities, including communications officials and representatives from the Security Service of Ukraine, indicated in emailed statements Wednesday that the culprit was a unit within Russian military intelligence, the GRU, that Western governments and cybersecurity researchers have said is responsible for previous destructive attacks on Ukrainian infrastructure. Russia’s Ministry of Foreign Affairs didn’t respond to a request for comment.

Both the Security…

Source…

Police Bust Ransomware Gang in Ukraine for Attacking 1,800 Victims

/in


European police say they’ve dismantled a ransomware group in Ukraine that was behind a series of high-profile attacks on corporations across the globe.

Law enforcement arrested the suspected 32-year-old ringleader to the group, along with four of his most active accomplices, Europol said on Tuesday. Law enforcement agencies including officials from the US, also helped investigate 30 properties across Ukraine, including in the capital of Kyiv, tied to the gang. 

Europol didn’t say whether the gang developed the ransomware code. But the group used several ransomware strains, including “LockerGoga, MegaCortex, HIVE and Dharma” to attack companies. This suggests they operated as an “affiliate,” buying access to the attacks from ransomware code developers.

Police investigating the hacker's phones.

(Credit: Cyber Police of Ukraine)

Europol adds: “The suspects had different roles in this criminal organization. Some of them are thought to be involved in compromising the IT networks of their targets, while others are suspected of being in charge of laundering cryptocurrency payments made by victims to decrypt their files.”

To spread ransomware to the corporations, the group resorted to sending phishing emails to employees or guessing their login passwords. Once inside a company network, the gang would use other tools, including the Trickbot malware, to gain wider access. The ensuing ransomware attack would then encrypt servers across the network, forcing the victim companies to pay up in cryptocurrency or risk losing their data forever. 

“These attacks are believed to have affected over 1,800 victims in 71 countries,” added the European Union Agency for Criminal Justice Cooperation. “The perpetrators targeted large corporations, effectively bringing their business to a standstill and causing losses of at least several hundred millions of euros.” 

The Cyber Police of Ukraine also assisted in taking down the gang, which allegedly began targeting companies starting in 2018. In one example, the group demanded a company in the Netherlands pay 450 Bitcoin ($16.8 million in today’s value) to restore their servers. 

Recommended by Our Editors

“It has been established that over several years of criminal…

Source…

Ukraine says it has evidence of 109,000 Russian war crimes

/in


As Ukraine struggles to make progress in its fight against Russia, Kyiv has been compiling evidence of war crimes since the full-scale invasion last year to present to the International Criminal Court in the Hague.

The vast majority of the charges being prosecuted were considered crimes against humanity, such as the mass executions of Ukrainians in Bucha in 2022.

Kostin’s figures also include 265 investigations into crimes against the environment, such as the Russian attack on the Ukrainian Nova Kakhovka Dam earlier this year that led to the evacuation of thousands of Ukrainians.

Four cases so far have also been opened into cyber war crime charges.

Kostin said the inclusion of cyber crimes and crimes against the environment for the ICC evidence is a new initiative by Ukraine during this war, stressing that “every crime has victims.”

He also acknowledged the challenge of convicting Russian citizens who may not be in Ukraine or have evaded capture, though he noted that some have been brought to trial.

“The bigger part is Russian war criminals who we charge and who we try in absentia. This is a quite longer process because it requires more procedural actions,” Kostin said. “While all of them receive defense, it’s our position to ensure a fair trial for everyone, including Russian war criminals.”

Source…

Ukraine Tracks a Record Number of Cyber Incidents During War

/in


Cyberwarfare / Nation-State Attacks
,
Fraud Management & Cybercrime

Hackers Steal CCTV Footage to Study Efficacy of Missile Strikes and Drone Attacks

Mathew J. Schwartz (euroinfosec) •
November 16, 2023    

Ukraine Tracks a Record Number of Cyber Incidents During War
The aftermath of a Russian drone attack on a Kyiv energy facility on Oct. 27, 2022 (Image: State Emergency Service of Ukraine)

The tempo of cyberattacks against Ukrainian critical infrastructure has intensified this year – the second year in which Kyiv is fending off a Russian war of conquest.

See Also: OnDemand | Ransomware in the Cloud: Challenges and Security Best Practices

In the first 10 month of this year, Ukraine’s national computer emergency response team, CERT-UA, logged 2,054 cyber incidents, compared to 2,194 for the entirety of 2022, said Viktor Zhora, deputy chairman of Ukraine’s State Service of Special Communications and Information Protection. Three-quarters of the incidents involved civilian infrastructure, Zhora told a cybersecurity conference in Dublin on Thursday.


Hackers’ top goals are to steal information on the disposition of forces, infiltrate organizations that provide critical infrastructure services and steal people’s personal information from organizations across a number of sectors, including insurance and healthcare, said Zhora, who addressed the IRISSCON conference, held by IRISSCERT – short for the Irish Reporting and Information Security Service – via video link.


Since Russia launched an all-out invasion on Feb. 24, 2022, the most dangerous hacking incidents have typically traced to Russia’s GRU military intelligence group, he said. The greatest number of attacks this year appear to have been launched by the Federal Security…

Source…