In line with Kyiv, Russia is planning a “massive cyberattack” on critical infrastructure and energy sectors in Ukraine and its allies.
“The occupiers are preparing for a massive cyber attack on vital infrastructure services of Ukraine and its allies,” it said in a press release issued by Ukraine’s Ministry of Protection on Monday.
“The Kremlin plans to launch a large-scale cyberattack on the critical infrastructure of Ukrainian companies and the critical infrastructure of Ukrainian allies. The strike will primarily target companies within the energy sector. Specialization in cyberattacks on Ukrainian energy technology in 2015 and 2016 Knowledge can be used for action.”
These early attacks were attributed to the GRU cyber thugs in Russia, which have used Black Vitality (2015) and Industrialist (2016) malware to disrupt Ukraine’s energy supply and industrial manufacturing.
Last month, in a shock to Black Hat Ukraine’s top cybersecurity official Victor Zhora, he mentioned that the country’s risk intelligence team had discovered “Industroyer2,” the apparent successor to the malware used in the 2016 cyberattack. .
In addition to cyberattacks on Ukrainian life and property, “the Kremlin intends to expand DDoS attacks on critical infrastructure of Ukraine’s closest allies, mainly Poland and the Baltic states,” the Ministry of Protection warned.
Back in the first quarter of 2022, when these communities were flooded with tourists, physical intrusions were over, and distributed denial-of-service (DDoS) attacks against Ukraine and its partners had been Russia’s preferred tactic.
The latest cyber threat comes from Russian President Vladimir Putin attracting 300,000 reservists, while Ukraine retakes eastern and southern territory in a shocking counteroffensive that began in August.
Putin has also threatened to use nuclear weapons amid a backlash from the Russian military, although in line with Google’s Mandiant Menace Intel staff, a cyberattack is a safer option for the Kremlin.
“Russia is under enormous pressure, and a cyberattack could give them an opportunity to respond without risking severe penalties from the military,” said John Hultquist, Mandiant’s vice-president for intelligence assessments. registry.
“Most of the destructive and harmful cyber-attacks we’ve seen so far have been disrupted, remote or largely confined to Ukraine, where it’s likely to be of high concern,” he defined.
“With a few exceptions, we are now not proficient in the full-scale, critical attack we anticipated before the fight began. Still, there is significant room for Russia to escalate, especially for Ukraine’s allies.”
Hultquist added that so far, Russia’s cyberattacks outside Ukraine have been “very cautious.”
Despite repeated warnings from CISA and cybersecurity firms in different 5 Eyes countries to push critical infrastructure, homeowners and operators must be prepared for attacks by staff who support or sympathize with Moscow amid Western backlash against Russia’s invasion of Ukraine.
Mandiant released an analysis of the hacktivism team’s coordinated actions with GRU-sponsored cyber risk actors on Friday.
Asked if staff at Google’s security agency were aware of the current drills indicating deliberate cyberattacks on Western infrastructure and companies, Hultquist mentioned registry: “We have not independently recognized any specific risks to organisations outside Ukraine, but these players have long been low profile.” ®
Russia plans ‘massive cyberattack’ • The Register