Russia Is Preparing a Huge Cyberattack, Ukraine Warns
Ukrainian cyber police have alerted the world to what they believe is an imminent Russian hacking attack.
The head of the countryâs cyber police, Serhiy Demedyuk, told Reuters Tuesday that Russian agents had been detected laying the groundwork for a huge coordinated strike targeting a wide range of companies, including banks and energy infrastructure targets.
Ukraine has become one of the main battlegrounds in the emerging cyberwarfare arena, with Russian hackers regularly attacking Ukrainian military, commercial and civil targets. The most significant event was the 2017 âNotPetyaâ virus, which crippled government agencies and a range of companies before spreading around the globe, causing billions of dollars in losses.
A laptop displays part of a code , which is the component of the Petya malware computer virus, according to the Ukrainian cybersecurity firm ISSP, at the firm's office in Kiev, Ukraine, on July 4, 2017. Ukraine has become a battlefront in the emerging cyberwarfare arenaRecommended Slideshows76In Pictures: The 75 Most Powerful Military Forces in the World61Every World Press Photo Winner Ever: 60 Images That Define Our World51The World's Most Expensive Cities for a Cup of Coffee
Given the interconnected nature of global networks, any attack that starts in Ukraine could find its way around the world. Last month, for ex ample, hundreds of thousands of routers and network-attached storage devices worldwide were infected by the âVPNFilterâ malware. The software can spy on traffic and, if its controller decides, destroy the infected devices. Russia is widely believed to have been behind the malware.
Demedyuk said phishing emails containing viruses were being sent from the website domains of legitimate state bodies that were hacked and hijacked. Agents were also sending emails from fake domains set up to mimic the real agencies.
The malware is broken up into separate smaller files to make it harder to detect. The smaller files can then all be activated together once successfully hidden in the target network.
Keep up with this story and more by subscribing now
âAnalysis of the malicious software that has already been identified and the targeting of attacks on Ukraine suggest that this is all being done for a specific day,â Demedyuk believes, though he did not specify when this may be.
âOn the face of it, there is nothing happening here that does not happen all the time anyway,â explained Keir Giles, an expert in Russian cyber and information security at the Chatham House international affairs think tank. That said, Demedyukâs assertion that the infiltration is in preparation for one single attack is unusual, Giles told Newsweek.
An armed man patrols at the Simferopol airport in the Crimea region February 28, 2014. Ukraine has been a choice target of Russian cyber warfare since the seizure of Crimea sparked an ongoing war between the two nations in eastern Ukraine.
Demedyuk suggested that Ukraineâs Constitution Day, which will be celebrated this Thursday, could be the timing for the attack, as could Independence Day on August 24. Previous Russian cyber operations have coincided with na tional holidays, he explained.
If he is correct, Demedyuk believes this could be preparation for another NotPetya-scale assault. âThis is support on a government levelâ"very expensive and very synchronized. Without the help of government bodies, it would not be possible. Weâre talking now about the Russian Federation,â he said, noting that â99 percent of the traces come from Russia.â
Though cooperation with NATO nations such as the U.S. and U.K. has given Ukraine some level of defence, Demedyuk warned the country is still vulnerableâ"not least because some companies have still not removed traces of NotPetya from their systems, meaning it could be reused by an attacker. He urged Ukranians to âcome to your senses, check your equipment.â
Giles told Newsweek that basic software maintenance and good cyber security habits go âa long wayâ towards defending against attacks. However, he emphasized this âwill not deal with the more sophisticate d levels of attack, particularly if it involves the advanced âspear phishingâ we are seeing very commonly from Russia.â Spear phishing is like regular phishing, with the difference that the virus-laden email comes from a trustedâ"or seemingly trustedâ"source.
The attacks on Ukraine are a window into Russiaâs expanding cyber clout, which the Kremlin has been cultivating since long before the seizure of Ukraine. Russia considers itself âin a state of war in the information domainâ"which includes cyber,â Giles said. Russia has been âextremely busily stockpiling and building up all of these latent capabilities for causing damageâ at a time of its choosing, he added.
When considering Russiaâs cyber reach, it is vital to consider not just the countryâs level of technology but also its willingness to use it. âIf you factor the two together, Russia becomes very much more dangerousâ than its level of capability might initially suggest, Giles said.So urce: Google News Ukraine | Netizen 24 Ukraine