Russian state hackers continue to bombard Ukraine with cyber attacks. Indeed, they plan to launch an offensive on the energy sector, financial institutions, media and aid organizations next spring. In addition, we can expect multiple influence campaigns in the coming months.
So writes Microsoft in the report "A Year of Russian Hybrid Warfare in Ukraine" (pdf) (1).
Thursday, Feb. 24, 2022, will go down in the history books as the beginning of war in Ukraine. Russian tanks overran the Eastern European country and fighter jets bombed both military and non-military targets. This "special military operation," according to President Putin, was necessary to ensure Russia's security.
The war is being waged not only on the ground, but also in cyberspace. Russian and Ukrainian hackers are carrying out cyber attacks back and forth. Both camps fiercely lash out at each other: Russia warns the West to stop the "cyber aggression" (2) against the country. Brussels, in turn, is worried about the "malicious cyber activities" (3).
It is almost impossible to make a good estimate of the total number of cyber attacks. In June 2022, Microsoft made an attempt (4): according to the U.S. hardware and software company, 237 cyber attacks had already been carried out in just two months. The tech company suspects that in four months at least 128 organizations in 42 countries were attacked (5) by Russian hackers.
The tools Russian state hackers use to carry out cyber attacks are becoming increasingly sophisticated, ESET Netherlands (6) warned last December. Late last year, hackers used wiper software like NikoWiper to take down Ukraine's energy sector. Also, they relied on ransomware such as Prestige and RansomBoggs.
"Russia has been deploying a kind of improved digital arsenal in recent months. In doing so, they seem to have found a certain rhythm, and gotten better at developing those weapons," warned Dave Maasland, director of ESET Netherlands.
It doesn't look like cyber attacks from Russia will stop anytime soon. Microsoft security researchers say they have indications that Russian hackers are preparing a spring offensive. The researchers saw multiple spearphishing campaigns against Ukrainian defense companies and energy sector in January. Their goal is to steal login credentials to infiltrate and take down the systems of Ukrainian companies and organizations.
According to Microsoft, Russian hackers carried out numerous dyber attacks in recent months to gain access to the ICT systems of IT companies, financial institutions, media agencies and aid organizations, among others. Not only Ukraine was targeted, but also countries such as Romania, Lithuania and Poland. These are neighboring countries that provided a lot of emergency aid to Ukrainian refugees last year.
Security researchers suspect the Russian hacker group IRIDIUM, also known as Sandworm, is behind the attacks. Experts say this group has close ties to Russian military intelligence GROe.
Microsoft predicts that Russian hackers will pay more attention to influence campaigns across Europe in the coming months. By spreading fake news or political messages, they hope to erode European citizens' support for the war. Countries such as Poland, Latvia and Finland are said to be favored targets of Russian hackers as elections are taking place in these countries this year.
https://www.microsoft.com/en-us/security/business/security-insider/wp-content/uploads/2023/03/A-year-of-Russian-hybrid-warfare-in-Ukraine_MS-Threat-Intelligence-1.pdf
https://www.vpngids.nl/nieuws/rusland-zint-op-wraak-voor-cyberagressie/
https://www.vpngids.nl/nieuws/eu-veroordeelt-russische-cyberaanvallen-op-oekraine/
https://www.vpngids.nl/nieuws/rusland-voerde-al-honderden-cyberaanvallen-uit-op-oekraine/
https://www.vpngids.nl/nieuws/russische-hackers-richten-zich-vaker-op-navo-landen/
https://www.vpngids.nl/nieuws/russische-hackers-voeren-cyberaanvallen-op-oekraine-op/
