Tag: war’ | Page 10

Last November, several Ukrainian organizations were targeted by a new type of ransomware called RansomBoggs. Its operators sent infected computers a ransom note written on behalf of James P. Sullivan — the main protagonist of the animated film Monsters, Inc.

In the note Sullivan, whose job in the movie was to scare kids, asked for financial help in exchange for decrypting the organizations’ documents.

The hackers behind the attack are believed to be linked to Sandworm, a Russian nation-state threat actor working on behalf of the military intelligence agency GRU. But despite the attack wearing all the trappings of ransomware, Sandworm wasn’t out to make money — its primary goal was either to destroy Ukrainian networks or steal valuable data, according to researchers from the Slovak cybersecurity company ESET, which first spotted the RansomBoggs attack.

While Sandworm is not the Kremlin’s most important hacking group, it has perhaps become the most visible one, with an emphasis on disruptive cyberattacks. And its track record of successful attacks with a global impact – most notably the NotPetya malware and several attacks on Ukraine’s power supply – make it a grave concern to researchers.

In 2017, the group used NotPetya wiper malware disguised as ransomware to take down hundreds of networks across Ukrainian government agencies, banks, hospitals, and airports, causing an estimated $10 billion in global damage. By presenting destructive attacks as ransomware, Sandworm hackers may be trying to cover their tracks and make it more difficult for security researchers to attribute the attacks to a state-sponsored group.

In the case of the RansomBoggs attacks, the group was likely testing new techniques or training new workers on how to use their software, ESET senior malware researcher Anton Cherepanov told The Record.

Since the start of the war, Sandworm has been relentlessly targeting Ukraine with various malware strains. Some were highly sophisticated, while others contained bugs that made them easier to detect and prevent from spreading.

Researchers believe that Sandworm chose to experiment with malware in order to find strains that can bypass Ukraine’s improved…

Source…

On the one-year anniversary of Russia’s invasion, Ukraine is commemorating horrific losses — and remarkable defiance.

The country’s fierce resistance on the battlefield has been echoed on the digital front — where Kyiv has unique experience. The conflict with Russia has become the world’s first full-scale cyberwar, but Ukraine was a test bed for digital weapons long before the invasion of 24 February, 2022. Since Putin’s troops began flooding across the border, the cyber tactics have shifted dramatically.

These developments have made Ukraine a bellwether for digital warfare. And to the surprise of analysts, cyber attacks have had a limited impact over the past year.

“We’re going to see cyber activity as a pre-emptive tactic to physical war.

In the lead-up to the invasion, cyber assaults were prominent. On 15 February, Russian hackers launched the most powerful DDoS attack in the history of Ukraine. A day before the full-scale invasion, several government and banking websites were struck once again.

Yet in the months that followed, reports of major cyberattacks declined. Zachary Warren, Chief Security Advisor EMEA at Tanium and a regular advisor to NATO, regards this as a portent for digital warfare.

“Moving forward, we’re going to see cyber activity as a pre-emptive tactic to physical war… it’s a tool to weaken a target before moving in,” he said.

Ukraine’s government, meanwhile, asserts that Russia’s targets have changed. In a January report, security officials said the cyberattacks initially centred on Ukraine’s communication department, which aimed to disrupt military and government operations. But after Russia’s first defeat at the front, the focus shifted to maximising damage to civilians.

Notably, the officials found that all the assaults had harnessed previously known techniques.

“The attacks used by Russia have long been categorised and have straightforward solutions for counteraction,” said the report’s authors.

Infographic detailing a cyber-overview of the conflict in 2022

Level of Damage Depends on Context

If you are sitting in an office in Silicon Valley and your network suffers a major incident, it’s a big deal. In some studies, the average cost of a data breach is $4.35 million. But when missiles, tanks and lost lives enter the picture, the entire perspective of cyber warfare changes. There’s no doubt cyberattacks have had an impact on Ukrainians. However, these attacks did not plunge the country into permanent darkness. They did not cut off communications and the internet completely. So at the level of a full-blown war, the impact of Russia’s cyber assault is debatable.

The Carnegie Endowment for International Peace stated that during the early stages of Russia’s invasion of Ukraine, cyberattacks may have had a limited impact. Traditional jamming techniques and the disruption of Viasat modems may have degraded Ukrainian communications. Data deletion attacks contributed to the chaos in Ukraine, but the organizations targeted reportedly experienced only minor disruptions.

More recently, the frequency, impact and novelty of Russian cyberattacks have significantly decreased. And the overall benefit to Moscow’s military ambitions may have been limited. On the other hand, maybe…

Tag Archive for: war’

A year of wipers: How the Kremlin-backed Sandworm has attacked Ukraine during the war

Ukraine’s year of war exposes changing roles for cyber weapons

Level of Damage Depends on Context