Skip to content

Russia-Ukraine conflict takes the hybrid warfare route, U.S. on high alert

Russia inflicted way more destruction on Ukraine than what made the headlines. As Russia continued to invade Ukraine, it simultaneously launched a series of cyberattacks against the country, and the initial targets were Ukrainian banks and government agencies. The newer sanctions by the U.S. and other NATO nations have not been successful in preventing Putin from continuing his invasion.

A slew of cyber-attacks against Ukraine

Several websites of Ukraine had gone offline on Wednesday due to a DDoS attack. Following this, a new type of wiper malware, capable of destroying infected machines, was also used against Ukrainian organizations. ESET researchers identified the malware as HermeticWiper. It was also reported that the malware was installed on hundreds of machines in Ukraine.

 The malware can also attack various systems recovery tools. It can leave an individual or organization with no evidence of an attack.

Another joint research published by the National Cyber Security Centre in the U.K. and U.S. agencies including the National Security Agency warned that a Russian state-backed hacker group known as Sandworm had developed a new type of malware called Cyclops Blink, which targets firewall devices made by the manufacturer Watchguard to protect computers against hacks. The sophisticated virus can withstand typical remedies, including reboots.

The U.S. is on high alert

The U.S. government is on high alert for the possibility of the conflict spilling over into cyberspace. Russia has shown an ability to cause significant disruption and damage in the past.

Senate Intelligence Committee Chairman Mark Warner (D-Va.) warned that Russia’s actions in Ukraine could lead to a wider cyberwar that draws in NATO nations, including the U.S.

According to an earlier alert released by the U.S. government’s intelligence agencies, state-sponsored Russian hackers targeted several cleared defense contractors and subcontractors of the U.S. Department of Defense. Some of their other targets included contractors supporting the U.S. Army, Air Force, Navy, Space Force, DoD, and Intelligence programs.

 In addition, the hackers were able to access the sensitive information of the contractors, which included export-controlled technology. “The acquired information provides significant insight into U.S. weapons platforms development and deployment timelines, vehicle specifications, and plans for communications infrastructure and information technology,” the alert read. “By acquiring proprietary internal documents and email communications, adversaries may be able to adjust their own military plans and priorities, hasten technological development efforts, inform foreign policymakers of U.S. intentions, and target potential sources for recruitment.”

What should you do? 

If a malware as dangerous as a wiper penetrates the system due to human error or lack of cyber hygiene, it could have dire consequences. It is imperative that companies improve their cybersecurity posture at the earliest.

Experts have also cautioned companies against downloading suspicious files or any software lining up for an update out of its usual schedule. I.T. administrators must step up to monitor such activities and spread better awareness among employees.

The U.S. federal agency for information security, CISA, recently released a guide that contains free resources and services that can be utilized in incident response. Recently, the agency had also warned organizations to strengthen their defenses due to the tensions between Russia and Ukraine.

CISA’s guide features links to various resources and provides advice on how to improve an organization’s security posture. It also aims to help organizations manage their risk exposure, which appears crucial at this point.

If your business needs guidance for best practices in cybersecurity, you can reach out to us for a free consultation.

Alliant Cybersecurity understands that cyber-attacks can have a detrimental impact on your business. We work with leadership and information technology teams to implement security strategies, offer advisory services and comprehensive policies and procedures tailored to the unique needs of your business.