According to the Russian government, unknown attackers hacked the stats widget used by various government institutions to count the number of visits on Tuesday, March 9th, 2022, compromising the websites of some of Russia’s federal agencies. The attackers uploaded their own content and barred access to the websites, which was detected Tuesday evening.
What is supply chain attack
A supply chain attack is a form of cyberattack that tries to cause harm to a company by exploiting weaknesses in its supply chain. In order to implant rootkits or tie in hardware-based espionage features, cybercriminals frequently modify hardware or software during the manufacturing stage. Attackers can then employ these implants to assault the target organization.
Counter attacks
Meanwhile, attackers used the ‘RURansom’ malware in an attack against Russian sites. RURansom, despite its name, is more of a data wiper than ransomware in the purest sense because it discards the independent and individual encryption keys required to encrypt each file as it spreads, according to a Trend Micro write-up on the threat. “This is a wiper,” Trend Micro explained to The Daily Swig. “Encrypted files are deleted, and recovery is only possible from a backup, if [they] exist.” Several versions of the virus check to see if the target machine is in Russia before starting the infection and file destruction procedure, showing that it is targeted. The software is explicitly designed to harm Russia, according to a letter left on infected PCs.
It’s unclear how many computers have been infected by the Windows-specific RURansom malware. “We have not seen any targets in our user base based on our telemetry,” Trend Micro informed The Daily Swig.
What happened?
Several Russian government websites were breached via a supply chain assault. The cyberattack impacted the websites of the Energy Ministry, the Federal Governmental Statistics Service, the Federal Penitentiary Service, the Federal Bailiff Service, the Federal Antimonopoly Service, the Culture Ministry, and other Russian state agencies.
The Russian Ministry of Economic Development’s press office told Interfax that hacking these websites directly is hard, so hackers utilize other services to gain access to the resources and present erroneous information. After getting access to the widget, hackers were able to post bogus information on websites. The problem’s source was promptly determined.
State agency websites are heavily guarded and monitored by cybersecurity professionals 24 hours a day, seven days a week. Because it is impossible to directly penetrate these websites, hackers use external services to attack resources and gain access to show false information.
Ukraine and Russia are aiming their missiles against one other’s networks.
This follows the Russian government’s release of a list of over 17,000 IP addresses suspected of being used in DDoS assaults against Russian networks. Russian organizations were advised by the Federal Security Service’s National Coordination Center for Computer Incidents (NKTsKI) to take precautions against threats to their information security and gave guidelines on how to protect against such assaults.
These warnings came after Ukraine’s Vice Prime Minister, Mykhailo Fedorov, declared the formation of a “IT army” to aid the country’s “cyber-front combat.” The Ukrainian IT Army was formed after the Ukrainian Défense Ministry began recruiting members of Ukraine’s underground hacker community to launch cyberattacks against Russia in response to a “massive wave of hybrid warfare.”
On Monday, Russia’s Digital Development Ministry dismissed allegations that the country was planning to disconnect from the internet. “Cyberattacks on Russian websites are ongoing from all over the world. We are preparing for a variety of scenarios in order to ensure that Russian [online] resources are accessible. Inside [the country], there are no intentions to turn down the internet .
Russian Government’s response.
The Russian government has released a list of 17,576 IP addresses that are suspected of being used to perform distributed denial-of-service (DDoS) attacks against Russian organizations and networks. The list was shared by Russia’s Federal Security Service (FSBNational )’s Coordination Centre for Computer Incidents (NKTsKI), along with advice on how to protect against the assaults and a second list with attackers’ referral domain information.
Source:
According to the Russian Ministry of Digital Development, the compromised websites of state agencies were restored within an hour of the attack, according to BleepingComputer.
More than 17,000 IP addresses suspected of being used in DDoS attacks on Russian networks were recently published by Russian authorities.
As a result, the NKTsKI, a federal security agency section entrusted with coordinating computer incident response, issued a public warning to Russian firms about the threat of data breaches.
Earlier this week, Russia’s Digital Development Ministry denied allegations that the country was planning to cut itself off from the Internet.
https://heimdalsecurity.com/blog/ddos-attack-distributed-denial-of-service/
https://www.ft.com/content/a8e7c9a2-5819-424f-b087-c6f2e8f0c7a1
Amazing post! I’ve being seeing a lot about cyber attacks between the two countries since the beginning of the war, it’s really interesting to see that Ukraine actually made their own “IT army”. This war is on a totally different front that I didn’t think of before, in a way I guess it attests to how advanced we have all become. Russia may believe they can physically win, which is looking questionable, but the cyber war they are fighting isn’t just against Ukrainian its form individuals around they world. In my opinion this definitely turned out to be a much bigger battle than Russia ever intended on fighting on all fronts.
Great post! It’s really great seeing hacking communities worldwide getting involved fighting back against Russia, and would be an interesting case study on the ethics and morality of hacking. Another great example is how Anonymous has been targeting news sites and public displays to show pro-Ukrainian messages, or just the real truth of what’s happening, without the mask of Russian propaganda.
Nice post! It was super interesting to hear that the Ukraine government created/deployed a IT army, the name makes it sound a little silly but in actuality, these would probably become the most dangerous types of armies as we rely more and more heavily on technology.
One thing that the news doesn’t cover is the enormous amount of cyber warfare happening right now in the Russo-Ukraine conflict. With current events the way they are, we are witnessing one of the first’s in which various volunteers from across the globe are engaging this kind of behaviour, with successful attempts leading to devastating effects.
There are many grass root volunteers acting on the behalf of Ukrainian interests against a state actor notorious for their prowess in cyber warfare, regardless if they’re located in Ukraine or not.
Certainly. Aerial combat was introduced into the fray during World War I. Tanks became commonplace during World War II. Cyberwarfare is become the new standard for combat. People’s lives depend on equipment in hospitals and conflict zones, and if the integrity of these machines is compromised, many lives are put in jeopardy. Cyber attacks can affect national economies, military equipment, supply chains, and other systems, making cyberwarfare critical to winning a war.
Great post! I didn’t know that supply chain attacks were a thing until now. I find it interesting that Ukraine has put together an IT army for this conflict, it’s also really interesting to see so much happening between Russia and Ukraine in terms of cyberattacks. It seems like “war” is being done in terms of technology, and as technology continues to evolve we are relying more on it.
It’s certainly interesting how cyberattacks can be weaponized in such a specific fashion. I found it especially interesting how much effort was spent ensuring the attacks were on Russian machines specifically, which does certainly speak to a certain “moral guide” behind the efforts. Regardless of personal opinions, this does in some ways appear to be a case of “ethical hacking,” at least in that it is not without purpose and tries to minimize unnecessary infection and damage. It would be an interesting case to study from this perspective, and I’m not convinced this attack is without collateral damage for regular Russian citizens (not to mention the general consequences of inhibiting government function), but in the current geopolitical context and the evident intent behind the attack one could certainly argue for the morality of the attack.
Hi,
Ever since the Russia have invaded Ukraine, cyberattacks have been expanding very fast. I really enjoyed reading about Ukraine launching cyber attacks to Russia with their IT army as a method of defending their countries! It also amazed me how technologies could do so much these days. I’ve also seen a news about anonymous threatening Russia to stop the war or they will hack their systems. This article really amazes me but scared me at the same time.
This is a great post!
The massive quantity of cyber warfare now taking place in the Russian-Ukraine conflict is having disastrous consequences. This turned out to be a much larger fight than Russia ever wanted to engage in. It’s amazing to see groups across the world joining together and astounding to see how far technology has progressed and is a bigger weapon than physical ones.
Interesting post! Canada is examining its cyber defenses to ensure that it is protected from assaults from an increasingly assertive Russia. While hackers are already wreaking havoc on Ukraine, they might also have a significant impact on the average Canadian. They may target your wallet, wiping crucial information or emotional images from your equipment forever. They have the potential to disrupt key infrastructure that we rely on in extreme cases.
Hey Great Post! I didn’t know that Ukraine had their own IT army. I wouldn’t be surprised if we start seeing military recruiters for the IT army in the CPSC department XD. Nonetheless, I have never heard of a supply chain attack. I keep coming across posts that all detail unique ways in how hackers are initiating their attack. This post is another addition to the creativity shown by hackers. Clearly, the war in Ukraine is being fought on several fronts, in-person and online. With this I had a question for you, do you think that Russian capability far exceeds the West in terms of cyberwarfare and who do you think has the upper hand when in comes to cyberwarfare?
Awesome post! Amazing post! I think cyber attacks in this generation are bound to happen between two countries (in case if any war starts happening). I am amazed though that back in the day war used to just happen through destruction of both parties physically, now there are IT wars as well. These cyber attacks can put Russia in a rough spot even more if a lot of countries other than Ukraine start doing the same thing. This post made me become aware that wars in this day and age can happen both physically and also through technology.
Awesome post! Amazing post! I think cyber attacks in this generation are bound to happen between two countries (in case if any war starts happening). I am amazed though that back in the day war used to just happen through destruction of both parties physically, now there are IT wars as well. These cyber attacks can put Russia in a rough spot even more if a lot of countries other than Ukraine start doing the same thing. This post made me become aware that wars in this day and age can happen both physically and also through technology.
Awesome post! Amazing post! I think cyber attacks in this generation are bound to happen between two countries (in case if any war starts happening). I am amazed though that back in the day war used to just happen through destruction of both parties physically, now there are IT wars as well. These cyber attacks can put Russia in a rough spot even more if a lot of countries other than Ukraine start doing the same thing. This post made me become aware that wars in this day and age can happen both physically and also through technology.
Interesting post! It is crazy how cyberattacks are now used as war weapon in this modern time. It is interesting to see how Ukraine have brought together an ‘IT army’. This battle have become much bigger than what Russia would have imagined.
Interesting post! It is crazy how cyberattacks are now used as war weapon in this modern time. It is interesting to see how Ukraine have brought together an ‘IT army’. This battle have become much bigger than what Russia would have imagined.
Very interesting post. Facts prove that cyber attacks bring greater losses and harm than real military wars. One side can gain an advantage through cyber attacks without even entering enemy territory. With the development of technology, the conflict gradually evolved into a confrontation between networks. This “IT” army may be more threatening than the real one.
Awesome Post!
I feel like these cyber attacks are getting a lot more advanced. I wonder if they found out which organization is behind the supply chain attack on Russia, and what would be the punishment for this crime? Because major websites were impacted from this attack, such as government websites.