A host of websites belonging to Ukrainian government institutions have suffered a cyberattack in what appears to be a cyber onslaught orchestrated by Russian threat actors.
Reportedly, the online platforms belonging to the government agencies had their data erased through a coordinated attack that happened alongside another breach that targeted the government websites recently.
The cyberattack that hit the websites of Ukrainian government agencies and other establishments was accompanied by the threat message: “Be afraid and expect the worst.” This threat has been taken seriously considering that the government agencies affected by the cyber event play important roles in emergency response and other critical functions.
So far, there’s no clear indication about the real identity of the cybercriminals behind the cyberattack that has taken the cybersecurity industry by surprise although the Ukrainian government has come out to blame Russia for the cyberattack.
This also follows reports that the malware has, luckily, not infected the country’s energy grids, military operations or any other critical state infrastructure.
Still, this does not eliminate the hazardous nature of the cyberattack in the face of a political crisis between Ukraine and its neighbor – especially considering the amount of damage that hackers have done to other government entities in the recent past.
Microsoft Detects Anti-Ukraine Malware
Point to note, the cyberattack comes hot in the heels of recent political heat in which Ukraine has been bracing for an expected invasion by Russia whose government has lined up about 100,000 soldiers at the border with Ukraine.
Quite interestingly, Microsoft made a recent discovery about the presence of destructive malware found in computer systems belonging to a host of Ukrainian government agencies made the report in a January 15 security blog post – it reads:
“Microsoft Threat Intelligence Center (MSTIC) has identified evidence of a destructive malware operation targeting multiple organizations in Ukraine. This malware first appeared on victim systems in Ukraine on January 13, 2022. Microsoft is aware of the ongoing geopolitical events in Ukraine and surrounding region and encourages organizations to use the information in this post to proactively protect from any malicious activity.
While our investigation is continuing, MSTIC has not found any notable associations between this observed activity, tracked as DEV-0586, and other known activity groups. MSTIC assesses that the malware, which is designed to look like ransomware but lacking a ransom recovery mechanism, is intended to be destructive and designed to render targeted devices inoperable rather than to obtain a ransom.”