Ukraine Hacks Add to Worries of Cyber Conflict With Russia

Spread the love

Hackers on Friday briefly shut down dozens of Ukrainian authorities web sites, inflicting no main harm however including to simmering tensions whereas Russia amasses troops on the Ukrainian border. Separately, in a uncommon gesture to the US at a time of chilly relations, Russia mentioned it had arrested members of a significant ransomware gang that focused US entities.

The occasions, although seemingly unrelated, got here throughout a frenetic interval of exercise because the US publicly accused Moscow of making ready an extra invasion of Ukraine and of making a pretext to take action. They underscored how cybersecurity stays a pivotal concern — that the escalating animosity dangers not solely precise violence but additionally damaging digital assaults that would have an effect on Ukraine and even the U.S.

The White House mentioned Friday that President Joe Biden had been briefed on the disruptions, which focused about 70 web sites of nationwide and regional authorities our bodies, but it surely didn’t point out who could be accountable.

But even with none attribution of accountability, suspicions have been solid on Russia, with its historical past of peppering Ukraine with damaging cyberattacks. Ukraine’s Security Service, the SBU, mentioned preliminary outcomes of an investigation indicated the involvement of “hacker teams linked to Russia’s intelligence companies.” It said most of the websites had resumed operations, and that content was not altered and personal data not leaked. The SBU said the culprits “hacked the infrastructure of a commercial company that had access, with administrator privileges, to websites affected by the attack.”

The White House said it was still assessing the impact of the defacements but described it as “limited” so far. A senior administration official, meanwhile, said the White House welcomed news of the arrests in Russia of alleged ransomware gang members, an operation Moscow said was done at the request of US authorities.

The official, who briefed reporters on condition of anonymity, said one of those arrested was linked to the hack of Colonial Pipeline that resulted in days of gas shortages in parts of the US last year. The arrests are thought by the White House to be unrelated to the Russia-Ukraine tension, according to the official.

Russia’s past cyber operations against Ukraine include a hack of its voting system before 2014 national elections and of its power grid in 2015 and 2016. In 2017, Russia unleashed one of the most damaging cyberattacks on record with the NotPetya virus, which targeted Ukrainian businesses and caused more than $10 billion (roughly Rs.74387 crore) in damage globally. Moscow has previously denied involvement in cyberattacks against Ukraine.

Ukrainian cybersecurity professionals, aided by more than $40 million (roughly Rs. 296.625) in the US State Department assistance, have been fortifying the defenses of critical infrastructure ever since. NATO Secretary-General Jens Stoltenberg said Friday the alliance will continue to provide “strong political and practical support” to Ukraine in light of the cyberattacks.

Experts say Russian President Vladimir Putin could use cyberattacks to destabilise Ukraine and other ex-Soviet countries that wish to join NATO without having to commit troops. Tensions between Ukraine and Russia are high, with Moscow amassing an estimated 100,000 troops near its extensive border with Ukraine.

“If you’re trying to use it as a stage and a deterrent to stop people from moving forward with NATO consideration or other things, cyber is perfect,” Tim Conway, a cybersecurity instructor at the SANS Institute, told the AP last week.

The main question for the website defacements is whether they’re the work of Russian freelancers or part of a larger state-backed operation, said Oleh Derevianko, a leading private sector expert and founder of the ISSP cybersecurity firm.

A message posted by the hackers in Russian, Ukrainian and Polish claimed Ukrainians’ personal data had been placed online and destroyed. It told Ukrainians to “be afraid and expect the worst.” In response, Poland’s government noted Russia has a long history of disinformation campaigns and that the Polish in the message was error-ridden and clearly not from a native speaker.

Researchers from the global risk think tank Eurasia Group said the Ukraine defacements don’t “necessarily point to an imminent escalation of hostilities by Russia” — they rank low on its ladder of cyber options. They said Friday’s attack amounts “to trolling, sending a message that Ukraine could see worse to come.”

The defacements followed a year in which cybersecurity became a top concern because of a Russian-government cyberespionage campaign targeting US government agencies and ransomware attacks launched by Russia-based criminal gangs.

On Friday, Russia’s Federal Security Service, or FSB, announced the detention of members of the REvil ransomware gang. The group was behind last year’s Fourth of July weekend supply-chain attack targeting the software firm Kaseya, which crippled more than 1,000 businesses and public organisations globally.

The FSB claimed to have dismantled the gang, but REvil effectively disbanded in July. Cybersecurity experts say its members largely moved to other ransomware syndicates. They cast doubt Friday on whether the arrests would significantly affect ransomware gangs, whose activities have only moderately eased after high-profile attacks on critical US infrastructure last year, including the Colonial Pipeline.

The FSB said it raided the homes of 14 group members and seized over RUB 426 million (roughly Rs. 41.66 crore), including in cryptocurrency, as well as computers, crypto wallets and 20 elite cars “bought with money obtained by criminal means.” All those detained have been charged with “illegal circulation of means of payment,” a criminal offense punishable by up to six years in prison. The suspects weren’t named.

According to the FSB, the operation was conducted at the request of the US authorities, who had identified the group’s leader. It’s the first significant public action by Russian authorities since Biden warned Putin last summer that he needed to crack down on ransomware gangs.

Experts said it was too early to know if the arrests signal a major Kremlin crackdown on ransomware criminals — or if they may just have been a piecemeal effort to appease the White House.

“The follow-through on sentencing will ship the strongest sign a method or one other as to IF there has really been a change in how tolerant Russia might be sooner or later to cyber criminals,” Bill Siegel, CEO of the ransomware response agency Coveware, mentioned in an electronic mail.

Yelisey Boguslavskiy, analysis director at Advanced Intelligence, mentioned these arrested are possible low-level associates — not the individuals who ran the ransomware-as-a-service, which disbanded in July. REvil additionally apparently ripped off some associates so it had enemies within the underground, he mentioned.

REvil’s assaults crippled tens of 1000’s of computer systems worldwide and yielded a minimum of $200 million (roughly Rs. 1487.73 crore) in ransom funds, Attorney General Merrick Garland mentioned in November when asserting fees towards two hackers affiliated with the gang.

Such assaults drew vital consideration from legislation enforcement officers world wide. Hours earlier than the US introduced its arrests, European legislation enforcement officers revealed the outcomes of a months-long, 17-nation operation that yielded the arrests of seven hackers linked to REvil and one other ransomware household.

The AP reported final yr that US officers, in the meantime, shared a small variety of names of suspected ransomware operators with Russian officers.

Brett Callow, a ransomware analyst with the cybersecurity agency Emsisoft, mentioned no matter Russia’s motivations could also be, the arrests would “certainly send shockwaves through the cybercrime community. The gang’s former affiliates and business associates will invariably be concerned about the implications.”

Catch the latest from the Consumer Electronics Show on Gadgets 360, at our CES 2022 hub.

Source link

Spread the love

Leave a Reply

Your email address will not be published. Required fields are marked *

Enable Notifications OK No thanks