Ukrainian government computer systems infected with malware: Microsoft
By: Mark M.
The computer systems of scores of government agencies and information technology companies in Ukraine have been hit with a destructive malware operation – a cyber attack that comes amid fears that Russia is poised to invade the former Soviet state.
Microsoft in a blog post late Saturday said the malware was disguised to resemble ransomware and was first detected on Thursday as part of a massive cyber incursion in which the attackers defaced government websites to display a message warning users to “be afraid and expect the worst.”
”The malware, which is designed to look like ransomware but lacking a ransom recovery mechanism, is intended to be destructive and designed to render targeted devices inoperable rather than to obtain a ransom,” Microsoft said.
The scale of the damage is unclear, Microsoft said.
“We do not know the current stage of this attacker’s operational cycle or how many other victim organizations may exist in Ukraine or other geographic locations. However, it is unlikely these impacted systems represent the full scope of impact as other organizations are reporting,” it said.
President Vladimir Putin has amassed thousands of troops along Ukraine’s eastern border, and US officials have said an invasion would happen between now and mid-February.
Diplomatic talks between top Russian, US and NATO officials last week in Geneva and Vienna over security guarantees demanded by Putin have fallen apart and appear stalled.
Moscow wants assurances from the West that Ukraine and other former Soviet bloc nations will not be allowed to join NATO, and that the US and Europe will not deploy troops or missiles in Ukraine.
The US has also warned that operatives have been sent inside Ukraine to carry out “sabotage attacks” against Russia proxies and Kremlin-linked “influence actors” are flooding social media in the country with false claims about Ukrainian provocations to justify Moscow intervening.
Serhiy Demedyuk, deputy secretary of Ukraine’s national security and defense council, told Reuters that Kyiv believes a hacker group linked to Belarusian intelligence carried out the cyber attack and that it was cover for more destructive acts.
A cybersecurity executive in Kyiv told the Associated Press that the hackers were able to penetrate the government systems through a shared software supplier similar to the 2020 SolarWinds Russian cyberespionage attack on US government agencies and businesses worldwide.