Select Page

Russia’s cyber attacks against Ukraine surged by 250% in 2022 when compared to two years ago, Google’s Threat Analysis Group (TAG) and Mandiant disclosed in a new joint report.

The targeting, which coincided and has since persisted following the country’s military invasion of Ukraine in February 2022, focused heavily on the Ukrainian government and military entities, alongside critical infrastructure, utilities, public services, and media sectors.

Mandiant said it observed, “more destructive cyber attacks in Ukraine during the first four months of 2022 than in the previous eight years with attacks peaking around the start of the invasion.”

As many as six unique wiper strains – including WhisperGate, HermeticWiper, IsaacWiper, CaddyWiper, Industroyer2, and SDelete – have been deployed against Ukrainian networks, suggesting a willingness on the part of Russian threat actors to forgo persistent access.

Phishing attacks aimed at NATO countries witnessed a 300% spike over the course of the same period. These efforts were driven by a Belarusian government-backed group dubbed PUSHCHA (aka Ghostwriter or UNC1151) that’s aligned with Russia.

“Russian government-backed attackers have engaged in an aggressive, multi-pronged effort to gain a decisive wartime advantage in cyberspace, often with mixed results,” TAG’s Shane Huntley noted.

images from Hacker News