The Russian invasion of Ukraine was not the starting signal for increased cyber attacks. ESET has been observing attacks and espionage actions on authorities, companies and institutions in the Eastern European country since 2014. A constantly updated overview of ESET.
There are repeated cyber attacks on critical infrastructures in Ukraine. For example, at the end of 2015, the power grid in a Ukrainian region was shut down, leaving around 1,5 million people without electricity for hours. The experts of the European IT security manufacturer have created a separate category on WeLiveSecurity that clearly presents all analyzes and reports on Ukraine.
A long list of cyber attacks
“Ukraine has been a hotspot for APT groups for many years. We repeatedly observe targeted attacks on critical infrastructures as well as espionage attacks on government organizations or companies," says Thomas Uhlemann, ESET Security Specialist. “Since 2014, these activities have increased. The targeted attack on the power supply or 'Operation Groundbait', a cyber espionage campaign, should be mentioned here. There will most likely be further attacks by hacker groups in the coming days and months.”
attacks since 2014
BlackEnergy, GreyEnergy, TeleBots, as well as the operations "Groundbait" or "Potao Express": APT (Advanced Persistent Threat) groups have been active in Ukraine for many years. It is difficult to trace back which actors are behind these campaigns. The victims include high-level targets such as the government, critical infrastructure, companies, military facilities or politicians. A variety of attack vectors were used. A spear phishing email with a manipulated document attachment was used in BlackEnery, the attack on a Ukrainian energy supplier. As a result, a Trojan, more precisely a backdoor, got into the network. The aim was to delete data and cause a power failure. A spear phishing email with a document attachment was also sent during operation “Groubdbait”. Here, too, the malware reached the target system in this way. Here, however, the secret collection and smuggling of data had top priority. The TeleBots attacks aimed to encrypt data and demand a ransom from the victims.
ESET has an overview of regularly updated articles on the cyber attacks on Ukraine on its website in the WeLiveSecurity section.
More at ESET.com
About ESET ESET is a European company with headquarters in Bratislava (Slovakia). ESET has been developing award-winning security software since 1987 that has already helped over 100 million users enjoy secure technology. The broad portfolio of security products covers all common platforms and offers companies and consumers worldwide the perfect balance between performance and proactive protection. The company has a global sales network in over 180 countries and branches in Jena, San Diego, Singapore and Buenos Aires. For more information, visit www.eset.de or follow us on LinkedIn, Facebook and Twitter.