first design
site theme
Register or log in to register for discussions!
Cyberspace is feeling the strain of Russia’s fatal invasion of Ukraine: several sites connected to the Kremlin and its allies in Belarus have not been available for all or at least most of the Internet in recent days.
The disruptions began last week with the degradation of Russian internet sites and gained momentum over the weekend, following a call by Ukraine’s deputy prime minister for the formation of a “computer army” to attack Russian interests.
“There will be for everyone,” wrote Deputy Prime Minister Mykhailo Fedorov. We continue to fight on the cyber front. The first task is in the channel of cyberspecialists.
The task list includes 31 Kremlin-affiliated organizations, Russian and Belarusian banks and companies. Targets also include Russian government agencies, government IP addresses, garage devices and government mail servers, as well as critical infrastructure. For a while, the popular Russian search engine and messaging portal, Yandex, was also unavailable.
The Internet sites of many indexed organizations, adding banks (Gazprombank), corporations (Sberbank), corporations (Russian Copper Company and Lukoil) and government Internet sites (Moscow State Services and the Ministry of Defense), were not available at that time. of publication of this message. Live.
Meanwhile, Ukraine’s cyber police reported on Sunday that IT departments operating on behalf of the country had controlled to save web users from a multitude of leading Russian sites.
“Cyber specialists are conducting major cyber attacks on the Internet resources of Russia and Belarus,” the message read. to the Russian Federation and Belarus have come down lately. “
The message stated that the deleted sites included the following, all of which were inaccessible at the time this message was posted:
On Monday, web traffic from outside Russia absolutely blocked access to the online page of Russia’s e-government portal. As Noted by Doug Madory, director of Internet analytics for network research firm Kentik, Russia’s largest web provider, Rostelecom, stopped pronouncing BGP. routes for the portal to contain an uninterrupted barrage of unwanted traffic flooding it.
As a result, the site was not available to all those who used ASSIGNED IP addresses outside of Russia. Exceptions come with Microsoft Azure presence issues.
“This site is probably the most widely used nationally, so it probably doesn’t matter that foreigners can’t access it,” Madory said in a chat. “However, there is evidence that the UK is taking defensive measures against attacks on government sites. “
According to a Facebook post through russian electric utility Rosseti, electric vehicle charging stations in Russia stopped working when the Ukrainian company that provided parts for the stations hacked them through a backdoor into charging systems. Instead of charging the vehicles, the stations displayed a message that read: read, among other things: “GLORIA TOUKRAINE / GLORY TO THE HEROES / PUTIN IS A STORY HEAD / DEATH TO THE ENEMY. “
While much of the attention has focused on Ukraine’s use of DDoS attacks to disrupt or block Russian sites altogether, the small country has also fallen victim to malicious hacking. seen knowledge erasure malware installed on many computers in Ukraine.
Symantec researchers temporarily showed the findings. They had also discovered malware targeting banks and organizations in Ukraine’s defense, aviation, and IT sectors.
A technical study by Juan Andres Guerrero-Saade, principal risk researcher at SentinelOne, said HermeticWiper, as the new malware has been called, follows a “proven technique” of abusing a benign partition control driving force to permanently destroy data stored on hard drives. . .
Two previous wipers, Destover from the North Korean organization Lazarus and Shamoon from an organization known as APT33, abused eldos Rawdisk’s driving force to directly access the record formula without calling Windows APIs. Guerrero-Saade said HermeticWiper uses a similar strategy through abusing another pilot, empntdrv. sys.
Hackers running on behalf of the Russian government have conducted highly destructive attacks in the past, the most productive known being that of the NotPetya wiper attacks that caused $10 billion in losses to corporations around the world. Russian hackers also shut down Ukraine’s force network not once but twice.
Join ars Orbital Transmission mail for weekly updates in your inbox.