Threat Management, Critical Infrastructure Security, Threat Intelligence, Malware

Report: Russia may be readying cyberattack against Ukraine

One year after the global NotPetya wiper malware incident that the U.S. and UK attributed to Russia, Moscow-sponsored hackers may be on the verge of launching another large-scale damaging cyberattack against Ukraine, according to a Tuesday Reuters report citing a Ukrainian law enforcement official.

In an interview with Reuters, cyber police chief Serhiy Demedyuk accused Russia of installing malicious backdoors on the systems of companies based in Ukraine, in preparation for a potential cyber offensive. Targets reportedly include banks and energy infrastructure firms. “Analysis of the malicious software that has already been identified and the targeting of attacks on Ukraine suggest that this is all being done for a specific day,” said Demedyuk, reportedly.

Just last May, researchers at Cisco Systems' Talos threat intelligence unit blamed Russian actors for infecting millions of routers and Network Attached Storage devices with VPNFilter, a malware that can spy on network traffic, exfiltrate data, and potentially brick systems and cut victims off from the internet. The surreptitious campaign especially focused on Ukrainian targets.

Kremlin spokesperson Dmitry Peskov denied Demedyuk's accusations in a Wednesday response, the report states.

On June 27, 2017, the NotPetya worm, which at first appeared to be a variant of Petya ransomware but was actually destructive wiper malware, infected Ukrainian government agencies and businesses via a malicious software update. However, it also ended up infecting companies around the globe, including FedEx, Maersk, Merck and others.

Reuters further reports that since the start of 2018, Ukrainian "have identified viruses in phishing emails sent from legitimate domains of state institutions whose systems were hacked and fake webpages mimicking that of a real state body."

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.