Security News

Russia's invasion of Ukraine has cleared the way for a new battlefront with the West in cyberspace, with experts warning of an escalation in cyberwarfare. "We expect to see that probably beyond just Ukraine, disinformation to target Western audiences, cyberespionage against key NATO members, as Russia tries to understand the next moves when it comes to sanctions or other steps that Western governments will play," Luke McNamara, principal analyst at cybersecurity consulting firm Mandiant, told The Register.

The new data wiper malware deployed on Ukrainian networks in destructive attacks on Wednesday right before Russia invaded Ukraine earlier today was, in some cases, accompanied by a GoLang-based ransomware decoy. "In several attacks Symantec has investigated to date, ransomware was also deployed against affected organizations at the same time as the wiper. As with the wiper, scheduled tasks were used to deploy the ransomware," Symantec revealed today.

Cybersecurity firms ESET and Broadcom's Symantec said they discovered a new data wiper malware used in fresh attacks against hundreds of machines in Ukraine, as Russian forces formally launched a full-scale military operation against the country. The Slovak company dubbed the wiper "HermeticWiper", with one of the malware samples compiled on December 28, 2021, implying that preparations for the attacks may have been underway for nearly two months.

Renewed DDoS attacks have been launched against websites Ukrainian government agencies and banks. New data wiper malware has been discovered on Ukrainian computers, as well as machines in Latvia and Lithuania.

Hundreds of computers in Ukraine have been infected with data-wiping Windows malware, say researchers at ESET. In a series of tweets on Wednesday, the infosec biz said it picked up its first sample of the software nasty at about 1500 UTC, and believes the code has been in the works for the past two months. The malware uses drivers from a partitioning program to corrupt storage devices and destroy files on infected systems, according to ESET. It's not entirely clear right now how the malware is dropped onto victims' machines and run, though in one case, said ESET, an organization's Active Directory server was probably compromised to distribute the wiper through the network via a group policy object.

Cybersecurity firms have found a new data wiper used in destructive attacks today against Ukrainian networks just as Russia moves troops into regions of Ukraine. A data wiper is malware that intentionally destroys data on a device to make the data unrecoverable and for the operating system to no longer work correctly.

IBM's infosec division says the UK was one of the most targeted countries in Europe for cyberattacks last year. The 12-strong Lithuanian-led team - including members from Estonia, the Netherlands, Lithuania, Croatia, Romania and Poland - is visiting the Ukraine to help it defend against Russian cyberattacks both remotely and on-site in the country, an EU spokesman told the BBC. Separately, this afternoon another series of outages appeared to hit various Ukrainian government websites.

Today, the White House has linked the recent DDoS attacks that knocked down the sites of Ukrainian banks and defense agencies to Russia's Main Directorate of the General Staff of the Armed Forces. Neuberger also added that, although "Of limited impact" these incidents could be part of a more significant Russian effort to prepare for other, "Laying groundwork" for more disruptive attacks that would come together with a potential invasion of Ukraine's territory.

The websites of the Ukrainian military and at least two of the nation's biggest banks were knocked offline in a cyberattack today. On social media, it reported "Technical works on restoration of regular functioning" are underway after it was "Probably attacked by DDoS: an excessive number of requests per second was recorded." Other military sites are also apparently suffering outages.

A distributed denial-of-service cyber-attack today took down Ukrainian defense military websites - and at least two of the nation's biggest banks were knocked offline, too. Ukraine's Ministry of Defense website is still unavailable at time of publication.