Russia launched disruptive cyber-attacks against the Ukrainian government even before the initial invasion. Threat researchers recently found three separate attack incidents of Distributed Denial of Service (DDoS), malicious tools, and infrastructure disruption targeting Ukraine. Cybercriminals targeted WordPress sites to add a malicious script that uses visitors’ browsers to carry out DDoS attacks on Ukrainian websites. The DDoS attack interfered with ten Ukrainian websites including government agencies, think tanks, financial sites, recruitment sites for the International Legion of Defense of Ukraine, and other pro-Ukrainian sites. Additionally, a cyber-attack on Ukrtelecom, a Ukrainian telecommunications company, disrupted services across the country. Ukraine CERT has also warned that the Belarus-linked GhostWriter APT has targeted state entities using Cobalt Strike Beacon. It is believed Ukraine will continue to be a target of Russian backed cyber-attacks as the conflict continues.
Written by: Nataliia Zdrok, Threat Intelligence Analyst at Binary Defense Russia’s invasion of Ukraine increased