Cyber-attacks on Ukraine’s government, military sector increase by nearly three times
The conflict between Russia and Ukraine spilled over to the cyberverse long before the two countries’ armed forces were brought into the fray. According to a report by security firm Checkpoint Research, cyber-attacks on the government and military sector in Ukraine grew by almost three times in the first three days of combat. The firm said that such attacks grew by 196% in that time period.
On the other hand, cyber-attacks on Russian organizations increased by only 4%, according to the report. The firm also witnesses a seven-fold increase in malicious phishing emails in East Slavic languages, which are languages spoken in Russia, Ukraine and Belarus. A third of these phishing emails were directed at Russian recipients and came from Ukrainian email addresses, which may be real or spoofed. Ukraine experienced an increase of 0.2% in cyber-attacks per organization, the report said.
“Cyber activity is surging around the ongoing Russia/Ukraine conflict. We’re seeing cyber-attack increases on both sides, with the Ukrainian government and military sector seeing the heaviest increase. It’s important to understand that the current war also has a cyber dimension to it, where people online are choosing sides, from the dark web to social media,” said Lotem Finkelstein, head of Threat Intelligence at Check Point.
Further, the report pointed out that a common goal of phishing emails is to trick the recipient into downloading and running attached malware on their computer. For this to work, an email needs to carry a file that is capable of running executable code. As a result, phishing emails may have unusual or suspicious attachments, like a supposed invoice may be a ZIP file or an attached Microsoft Office document.
Checkpoint isn’t the first to point out the cyber dimension in the war between Russia and Ukraine either. On January 15, the Microsoft Threat Intelligence Center (MSTIC) disclosed a malware called WhisperGate, which was being used to target organizations in Ukraine, to render their computers inoperable. Another malware called HermeticWiper was also disclosed by several security firms on February 23, which targets devices running the Windows operating system and keeps them from booting.
In Checkpoint’s report, the firm also noted that scammers and hackers are trying to take advantage of people who are looking for ways to donate to Ukraine for relief purposes. “Always check the email address of the email sender. Watch for any misspellings in emails. And verify if the email sender is authentic,” Finkelstein said.