Security News > 2022 > January > Ukraine: Recent Cyber Attacks Part of Wider Plot to Sabotage Critical Infrastructure
The coordinated cyberattacks targeting Ukrainian government websites and the deployment of a data-wiper malware called WhisperGate on select government systems are part of a broader wave of malicious activities aimed at sabotaging critical infrastructure in the country.
"The attack used vulnerabilities in the site's content management systems and Log4j, as well as compromised accounts of employees of the development company," the SSU said, corroborating prior disclosure from the Ukraine CERT team.
"The attackers corrupted MBR records on individual servers and user computers. Moreover, this applies to both operating systems running Windows and Linux."
The Ukrainian Cyber Police, for its part, noted that it's investigating a combination of three intrusion vectors that were likely used to pull off the attacks - supply chain attack targeting an IT firm which manages websites for the Ukrainian government, exploitation of the flaw in October CMS, and Log4j vulnerabilities.
"The current situation is not just about hacking websites, it is an attack aimed at sowing panic and fear, destabilizing the country from within," the company said.
While neither the Cyber Police nor the SSU attributed the defacements and the destructive malware attacks to any threat group or state-sponsored actor, the Ukrainian Ministry of Digital Transformation pointed fingers at Russia, accusing the country of trying to "Wage a hybrid war."
News URL
https://thehackernews.com/2022/01/ukraine-recent-cyber-attacks-part-of.html
Related news
- Russian military hackers linked to critical infrastructure attacks (source)
- Critical Security Flaw in WhatsUp Gold Under Active Attack - Patch Now (source)
- CISA warns critical SolarWinds RCE bug is exploited in attacks (source)
- SOCI Act 2024: Thales Report Reveals Critical Infrastructure Breaches in Australia (source)
- CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks (source)
- Food security: Accelerating national protections around critical infrastructure (source)
- Critical Flaws in Traccar GPS System Expose Users to Remote Attacks (source)
- SANS Institute Unveils Critical Infrastructure Strategy Guide for 2024: A Call to Action for Securing ICS/OT Environments (source)
- Ransomware attacks escalate as critical sectors struggle to keep up (source)
- Cisco Fixes Two Critical Flaws in Smart Licensing Utility to Prevent Remote Attacks (source)