In this undated handout photo released by Ukrainian Foreign Ministry Press Service, the building of Ukrainian Foreign Ministry is seen during snowfall in Kyiv, Ukraine. Ukrainian officials and media reports say a number of government websites in Ukraine are down after a massive hacking attack. While it is not immediately clear who was behind the attacks, they come amid heightened tensions with Russia and after talks between Moscow and the West failed to yield any significant progress this week. (Ukrainian Foreign Ministry Press Service via AP)

Microsoft said on Saturday that dozens of computer systems in an unknown number of Ukrainian government agencies were infected with destructive malware disguised as ransomware, a revelation that suggests a defacement attack that draws attention to official websites was a diversion. 

The extent of the damage was not immediately clear. The attack comes as the threat of a Russian invasion of Ukraine looms and diplomatic talks to resolve the tense standoff appear to have stalled. Microsoft said in a short blog post that this amounted to the sound of an industry alert that it first detected the malware on Thursday.

This would coincide with the attack which temporarily took some 70 government websites offline. The disclosure followed a Reuters report earlier in the day quoting a senior Ukrainian security official as saying the disfigurement was indeed a cover for a malicious attack.

Separately, a senior private sector cybersecurity official in Kyiv told The Associated Press how the attack was successful: intruders entered government networks through a shared software vendor in a self -so-called SolarWinds 2020 Russian cyber-espionage campaign-style supply chain attack against Microsoft said in another technical article that the affected systems “spread across multiple government, non-profit, and  technology and information Technology Organization.

 “The malware is disguised as ransomware but, if activated by the attacker, would render the infected computer system inoperable,” Microsoft said. In short, there is no ransom recovery mechanism. 

Microsoft said the malware “runs when an associated device is turned off,” a typical initial reaction to a ransomware attack. Microsoft said it was not yet able to assess the purpose of the destructive activity or associate the attack with a known threat actor. 

Ukrainian security official Serhiy Demedyuk was quoted by Reuters for claiming that the attackers used malware similar to that used by Russian intelligence services. He is Deputy Secretary of the National Security and Defense Council.

 

Source: TechCrunch

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

How to Activate CNN GO [All Devices]

Quick Answer CNN (Cable News Network) is a news channel that delivers…

How to Cancel 24 Hour Fitness Membership

Doing workouts at a 24 Hour Fitness gym is a perfect way…

How to Delete Instagram Account? (With Screenshots)

Instagram is a popular social network used across the world. With the…

GT IPTV: Watch 2000+ Live TV Channels for Free

GT IPTV is a free IPTV provider that is compatible with various…