Advertisement Banner
  • Home
  • News
  • Cyber News
  • Contact
No Result
View All Result
  • Home
  • News
  • Cyber News
  • Contact
No Result
View All Result
Wellnessnewshubb
No Result
View All Result
Home News

Notorious Russian military hacking crew behind October ransomware attacks on Ukraine, Poland

admin by admin
November 11, 2022
in News


Written by AJ Vicens

Nov 10, 2022 | CYBERSCOOP

Researchers at Microsoft said Thursday that an attack on transportation and logistics companies in Ukraine and Poland last month was the work of a notorious Russian military intelligence unit.

The Oct. 11 attack — dubbed “Prestige” — attempted to cripple access to computers across the organizations it targeted. When successful, the attack effectively made it impossible for companies to access their computer systems.

By targeting logistics and transportation companies, the Russian military intelligence hackers responsible for the attack may have been attempting to stymie the flow of goods and materiel into Ukraine, where Russian forces have in recent months suffered a series of military setbacks.

The flow of goods into Ukraine from partner countries have been a key way for Ukraine to get the supplies it needs, and attacking computer infrastructure in Poland — a NATO ally — represents one of the few ways Russia can retaliate against Ukraine’s logistics partners.

The group behind the attacks — tracked by Microsoft’s Threat Intelligence Center (MSTIC) as “Iridium” but known widely as “Sandworm” — is the same group that attempted to take out multiple electricity substations and other parts of a grid serving 2 million people on April 8 in Ukraine.

Microsoft, which worked in collaboration with Ukraine’s Computer Emergency Response Team in investigating the attack, revealed the Prestige ransomware attacks on Oct. 14, noting at the time that the attacks had similar victims to “recent Russian state-aligned activity, specifically on affected geographies and countries,” and have overlapped with previous victims of wiper malware dubbed Hermetic Wiper, which was one of several destructive malware attacks launched on Ukrainian targets in the days immediately following the Russian invasion.

“The Prestige campaign may highlight a measured shift in IRIDIUM’s destructive attack calculus, signaling increased risk to organizations directly supplying or transporting humanitarian or military assistance to Ukraine,” the researchers said Thursday in an update to their blog post from Oct. 14. “More broadly, it may represent an increased risk to organizations in Eastern Europe that may be considered by the Russian state to be providing support relating to the war.”

Jean-Ian Boutin, the director of threat research for Slovakian cybersecurity company ESET, said the attribution to the Russian unit was expected.

“Sandworm has been conducting destructive attacks for years now so the idea of them being behind Prestige ransomware is not surprising,” Boutin said. “In 2018, we reported some of their actions leveraging malware such as GreyEnergy against Polish organizations so this is also in line with their past actions.”



Source link

Previous Post

Southeast Asian Leaders Struggle With Question of Myanmar Violence – The Diplomat

Next Post

New NSM Aims to Prepare Food Sector for Threats Including CBRN, Pathogens, and Cyber Attacks

Next Post

New NSM Aims to Prepare Food Sector for Threats Including CBRN, Pathogens, and Cyber Attacks

Recommended

Boney Kapoor remembers Sridevi with a touching note –

4 weeks ago

Putin to Visit Kyrgyzstan for EAEU Summit – The Diplomat

4 months ago

© 2022 Law Enforcement News Hubb All rights reserved.

Use of these names, logos, and brands does not imply endorsement unless specified. By using this site, you agree to the Privacy Policy and Terms & Conditions.

Navigate Site

  • Home
  • News
  • Cyber News
  • Contact

Newsletter Sign Up.

No Result
View All Result
  • Home
  • News
  • Cyber News
  • Contact

© 2022 Law Enforcement News Hubb All rights reserved.