Microsoft announced that it has evidence of a hacker attack on Ukrainian state and non-profit organizations that took place on the night of January 14. This is stated in a statement published today, January 16, on the company’s blog. “Microsoft has discovered evidence of a destructive malware operation targeting several organizations in Ukraine,” the statement said.https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html#goog_1900186736
The report notes that the malware is similar to ransomware, but lacks a recovery mechanism designed to extract the ransom. It is also emphasized that the malware is used to destroy and disable the target devices, not to collect the ransom.
If you are not aware, on January 14, the Security Service of Ukraine (SBU) announced an investigation into a large-scale hacker attack on a number of government websites, including the Ministry of Foreign Affairs and the Ministry of Education. The application of state services “Diya” was also temporarily unavailable. The SBU claims that hackers posted provocative messages on the main page of the hacked sites, while the content of the sites was not changed, and according to preliminary information, there were no leaks of personal data. The Secretary of the National Security and Defense Council of Ukraine, Oleksiy Danilov, announced the “Russian trail”. At the same time, the press secretary of the President of the Russian Federation, Dmytro Peskov, in an interview with the American TV channel CNN, noted that Russia has nothing to do with hacker attacks on Ukrainian government websites.
According to the head of the office of the President of Ukraine Andriy Yermak, 90% of the Ukrainian websites affected by the attack have already been restored. He added that Ukraine “closely cooperates with the USA and Great Britain” on this issue, and called what happened an attempt to destabilize the situation in the country.
So far, experts have not been able to find common features between the group of hackers behind the attack on Ukraine and other groups of cybercriminals tracked by the company. Microsoft believes that the actions of hackers pose an increased risk, so they call on all organizations to immediately conduct a thorough investigation and take enhanced security measures. The company reported the findings to affected organizations and government agencies in the US and other countries. She especially emphasized that she is familiar with the geopolitical situation in Ukraine and the region, so she calls for the use of the recommendations published by her for active protection.