Cyberattacks on Ukrainian websites come into clearer focus as Russia tensions escalate

Written by
Jan 18, 2022 | CYBERSCOOP

Cybersecurity researchers shed additional light over the weekend on the cyberattacks that disabled Ukrainian government websites, as Kyiv pointed to Russia as the culprit.

Microsoft and ESET both shared details on the nature of the malware that took the Ukrainian sites down.

Microsoft “assesses that the malware, which is designed to look like ransomware but lacking a ransom recovery mechanism, is intended to be destructive and designed to render targeted devices inoperable rather than to obtain a ransom,” the company wrote in a blog post Saturday.

However, Microsoft said it couldn’t yet attribute who was behind the malware, labeled WhisperGate. The Department of Homeland Security’s Cybersecurity and Infrastructure Agency recommended that network defenders review the Microsoft blog post, suggesting the possibility that the attacks could spread to include other targets.

ESET on Sunday elaborated further, saying that the malware the attackers contained code “commonly used by commodity e-crime malware.”

“It is likely that attackers were trying to avoid existing detections at the last moment before the attack, that’s why they used third party criminal services,” ESET said in a tweet thread.

Ukraine was more definitive in placing blame than Microsoft.

Read More: