A few days ago there was a massive cyber attack targeting a number of Ukrainian government websites. This massive cyber attack left many Ukrainian government websites inactive and destroyed many databases. No group of cyber criminals has claimed responsibility for this cyber attack. However, it is suspected that the attack was aimed at Russia.
Ukraine accuses Russia of not only targeting Ukraine, but also launching a massive offensive against Russia, which is preparing to target Europe. Ukraine has also accused the Russian government and the Kremlin of involvement in the attack. However, due to this cyber attack, several other countries are taking steps to strengthen their cyber security arrangements, according to foreign media.
This is the worst attack on Ukraine in 54 years and has so far affected about 70 government agencies. The attack was able to completely paralyze many of the activities carried out through those websites.
The previous largest cyber attack on Ukraine at this level was in 2015. It had a severe impact on Ukraine for two years. Russia has been accused of being behind the attack. However, the Microsoft Threat Intelligence Center has issued a special statement saying that this time the attack is similar to the 2015 attack. The attack targets computers and servers running Microsoft’s Windows operating systems.
Environmental evidence alone heightens suspicions that a Russian government arm and agenda are behind this massive cyber attack. At the moment we do not see any official statement from the Kremlin.
Extortion message
This virus, which looks like a ransomware or malware, is activated the moment the computer is deactivated. This ransomware modifies a very important part of the code that helps to read the data on the hard disk. Then when you are ready to use it, the following ransom request message will appear on your screen.
This message and the manner in which it was used in the attack are somewhat different from the usual ransom record and process. In a typical ransomware attack, such notes may vary from person to person. According to foreign media reports, data on computer hard disks has been deleted in such a way that it does not happen in a normal ransom request.
In a normal ransom request, the data is often not erased and the decryption key is given after the payment is made. Otherwise the relevant computers will be abandoned. It’s very rare that such a destructive process can be expected from ordinary hackers. Therefore, many people say that this was done for a political purpose beyond the ordinary purpose.
fake ransomware messages
During the cyber attack on Ukrainian organizations in 2015-17, fake ransomware messages were found on computers infected with the virus. The purpose is to mislead anyone into believing this. According to the book “Sandworm”, this is the end of the release of Not Petya, the most destructive computer worm in the world in 2017. The loss was estimated at US $ 10 billion.
Chicago-based Mondelez International Inc. is one of the worst-hit companies in the attack. Can be introduced. They are confectioners like Oreo and Triscuits. The attack severely damaged 1,700 of their server computers and 24,000 laptops. They demanded $ 100 million from Zurich Insurance Group AG, which was in charge of their insurance at the time, but it was turned down. The reason given was that Zurich Insurance Group AG stated that their company was not responsible for any damage caused during the war. They were in the middle of a shadow war with Russia.
The US Cybersecurity and Infrastructure Security Agency has already publicly advised US organizations to use the Destructive malware targeting Ukrainian organizations article published by Microsoft. Poland on Tuesday stepped up its cyber security threats following a cyber attack on the Ukrainian government.
- Cover photo- fairobserver.com
- Sources:
- washingtonpost.com
- bloomberg.com
- theguardian.com
- youtube.com
- microsoft.com
- thehill.com