Destructive Malware Targeting Ukrainian Organisations
Considering the political situation in Ukraine, analysts are warning of an increased risk of cyberattacks being made against Ukraine and, potentially, Western nations.
As early as mid-January, the Microsoft Threat Intelligence Center (MSTIC) had unearthed evidence of a destructive malware operation intended to cripple multiple organisations in Ukraine. Since then, the Russian invasion of Ukraine may have increased the likelihood of further cyberattacks against Ukrainian interests, including the Defence Ministry and banks.
‘Ransomware’: But Not As We Know It
According to MSTIC, the malware in the January attacks was designed to resemble ransomware – malicious software designed to immobilise an entire system or encrypt critical data beyond recovery, until a ransom is paid. However, the malware lacked a ransom recovery mechanism which is essential for the release of encrypted data, suggesting that its ultimate purpose was to destroy systems and files, rather than make them temporarily inoperable.
The Ukrainian cyberattacks targeted multiple systems in government, non-profit, and information technology organisations in the country and, with an elevated risk to these types of organisations, MSTIC recommended immediate action to protect against further attacks.
Microsoft also warned that the extent of the cyberattack could be far more widespread than initially realised, with many more affected devices than those reported. Ukraine suggested it had evidence that Russia was responsible for the attack, with the country’s Ministry of Digital Development announcing that, ‘All evidence indicates that Russia is behind the cyberattack. Moscow continues to wage a hybrid war and is actively building up its forces in the information and cyberspaces’.
How Your Business Could Be At-Risk
For UK businesses, Ukraine may seem like a distant problem, but the nature of cybercrime makes businesses vulnerable even when the perpetrator is thousands of miles away. According to the UK’s National Cyber Security Centre (NCSC), ransomware attacks pose the most immediate danger to the country’s businesses, with many of the crimes being launched from Russia and neighbouring states.
In October, Lindy Cameron, the Chief Executive of the NCSC, said that most of the cyberattacks on UK businesses and organisations were perpetrated by criminals based in Russia. She also warned that too few organisations are adequately prepared for the threat or test their cyber-defences to ensure they are robust enough to withstand cyberattacks.
Managed Cybersecurity From TMB Group
At TMB Group, can take care of all your cybersecurity needs, implementing the most stringent and robust measures to protect your business’s critical systems and data.
From ensuring your security systems are always patched to eradicate vulnerabilities, to providing expert training to prevent your staff from accidentally exposing your organisation to criminals, we put your cybersecurity needs first.
To find out more about our cybersecurity services, please contact us on 0333 900 9050.
Image Source: Unsplash