Sandworm, a hacker group affiliated with Russia’s Main Directorate of the General Staff of the Armed Forces (GRU), has attempted to target a dozen critical infrastructure enterprises across Ukraine to disrupt the energy, water and heating supply.
According to the Computer Emergency Response Team of Ukraine (CERT-UA), the hacks were ultimately aimed at disabling the information and communication systems (ICS) of a dozen enterprises in 10 Ukrainian regions by first targeting companies within the supply chains and obtaining primary access to the system.
JOIN US ON TELEGRAM
Follow our coverage of the war on the @Kyivpost_official.
“The final plan of the enemy was to disable the ICS equipment, which should cause even more damage to Ukraine against the background of spring missile attacks on critical infrastructure,” reads the agency’s report.
The agency called for Ukrainians to “take measures to protect themselves and their data” and gave a list of recommendations to safeguard their cybersecurity, such as using multi-factor authentication and implementing a “zero trust” approach that requires strict verification while granting any user access for enterprises.
It’s believed the Sandworm group was also behind the infamous NotPetya attack, a malware disguised as ransomware that demands payment from victims, but in reality, has no functioning recovery feature and would simply erase user data regardless of payment.
Russian Army Faces Sharp Decline in Recruitment for War Effort
Cyberattacks have been commonplace throughout the war in Ukraine, with hacker groups affiliated with either government launching cyberattacks on private enterprises and critical infrastructure.
In December, another Russian hacker group launched one of the largest cyberattacks on Ukraine to date against Ukraine’s telecom giant Kyivstar. The attack destroyed part of Kyivstar’s infrastructure and left thousands without internet access for days. The hack also reportedly disrupted the air siren warning system in some regions, where sirens were not activated prior to Russian airstrikes.
You can also highlight the text and press Ctrl + Enter