Russian hackers are hitting Ukrainian companies with malicious software in order to create “backdoors”, that will be used later in a large, coordinated operation, says Ukraine’s cyber police chief for Reuters.
The Ukrainian police are working with foreign law enforcement agencies to identify the attackers; it seems that the hackers are attacking companies, banks, and energy infrastructure firms, in a way that suggests they are preparing to activate the planted malware, later, in one massive cyber attack.
Once the news was out the Kremlin firmly denied the allegations. “No, that is not true,” said spokesman Dmitry Peskov to Reuters.
This week all eyes are on Ukraine, law enforcement and corporate cybersecurity teams from all over the world are monitoring all cyber attacks against it. This kind of attention is not unusual because in the past some of the most destructive hacks in history have originated from here.
Let’s not forget the virus named “NotPetya” that emerged from Ukraine cyberspace in June 2017 and made companies lose billions of dollars; this threat did tremendous damage almost instantly by shutting down government agencies or businesses and soon after it infected multiple corporate networks around the globe.
Ukraine wasn’t the only one blaming Russia for the NotPetya campaign in 2017 soon after the attack was detected The United States and Britain accused Kremlin too. Major global corporations including Cadbury chocolate maker Mondelez International Inc (MDLZ.O) and freight logistics company FedEx Corp (FDX.N) were affected by this cyberthreat, too.
In order to stay away from any threats like this, we recommend the install of antivirus for Windows or antivirus for Mac on every device that you own, depending on which OS your device is running.
If you are a company, it is also recommended to hire every year a specialized cybersecurity company that will run annual tests on your company’s network. These tests include penetration testing and ethical hacking tests;
This time things aren’t different because it is difficult to restrict a cyber attack to only one nation; because of this, it may be possible for this new threat to spread around the globe very fast.
Since the beginning of this year, Ukraine police have intercepted multiple malware in phishing emails sent from legitimate domains of state institutions. To make detection almost impossible at first sight, hackers have broken the malware into separate files; which will be later assembled onto targeted networks before activation.
By running multiple malware analysis on the malicious software, the experts deducted that all of them are being used to hit Ukraine on a specific day,
Relations between Ukraine and Russia hit a new low point soon after Russia’s annexation of Crimea in 2014; since then Kiev has accused Kremlin of organizing large-scale cyberattacks as part of a “hybrid war” against Ukraine.
Some of the cyber attacks have hit Ukraine during major holidays. The next cyber-strike could be launched on Thursday during Constitution Day or on Independence Day in August.
Interesting is the fact that the U.S. Federal Bureau of Investigation didn’t comment the new Ukrainian warns, but a statement is awaited to come soon because the scale of the current campaign is the same as NotPetya.
It is clear that this new threat has the support of a government because it is very expensive and very synchronized and without the help of government, it would not be possible to execute it.
This time Ukraine is better prepared to deflect such cyber attacks, thanks to cooperation with foreign allies including the United States, Britain, and NATO; but there are some Ukrainian companies that have not been clean after NotPetya hit, which means they are still infected by that virus and vulnerable to being used for another attack.
We are sounding the alarm to remind people to come to their senses and check all the pieces of equipment and systems.
Users and businesses must protect themselves, here are some simple steps to do this:
• Always have redundancy for critical services in case of a cyber attack
• Implement a multi-factor authentication system
• Use decryption inside the network to intercept and catch malicious traffic hiding in encrypted traffic
• Conduct regular cybersecurity audits, test products before use, and ensure robust employee education programmes are in place
We would continue to monitor this cyberwar. Meanwhile, users should keep a keen eye out for any cyber attacks. Remember to use an antivirus for Windows or antivirus for Mac in every device that you own, depending on which OS your machine is running, If you are a company we recommend to hire every year a specialized cybersecurity company that will run annual tests on your company’s network, tests like this include: penetration testing and ethical hacking.