Russian hacking groups are expected to have a long and productive winter, Microsoft said, hunting down Ukrainian targets and those belonging to its Western allies with new and updated malware attacks.
In another blog post (Opens in a new tab)The software giant said Russia will try to use disinformation and cyberattacks to undermine the support Ukraine gets from its Western allies — both humanitarian and military. Furthermore, it said it detected “targeted attacks” against Ukrainian infrastructure, followed by missile strikes.
The threat actor that is used to this end is called Sandworm.
Elite threat actor
“We believe these recent trends indicate that the world should be prepared for several potential Russian lines of attack in the digital realm during the winter,” Microsoft said.
“Russia will seek to exploit gaps in popular support for Ukraine to undermine alliances essential to Ukraine’s resilience, in hopes of impeding the flow of humanitarian and military aid to the region. We should also be prepared for cyber-enabled influence operations targeting Europe to be conducted in parallel to cyber threat activity.”
Sandworm is an elite threat actor that has been in business for nearly 20 years. It has engaged in cyberwarfare against Ukraine in the past, most notably blackouts in 2015 and 2016. Furthermore, the group was behind the KillDisk wiper that targeted banks in the country, as well as the dreaded NotPetya ransomware. (Opens in a new tab).
This isn’t the first time Microsoft has warned of increased cyber activity from Russian state-sponsored actors. And in June, she said the country’s intelligence services had stepped up attacks on Ukraine’s allies. These were mostly cyberespionage campaigns, with the goal of obtaining as much sensitive intelligence as possible.
Moreover, Sandworm has also been blamed for recent ransomware attacks against Ukrainian targets, which took place last month.
In April of this year, the FBI reported the removal of a large botnet belonging to Sandworm.
Across: Computer (Opens in a new tab)