Ukraine’s national news agency Ukrinform was targeted using five different data-wiping malware strains according to the Ukrainian Computer Emergency Response Team (CERT-UA). CERT-UA stated that the intention of the malware was “aimed at violating the integrity and availability of information (writing files/disks with zero bytes/arbitrary data and their subsequent deletion).” The five strains included CaddyWiper (Windows), ZeroWipe (Windows), SDelete (Windows), AwfulShred (Linux), and BidSwipe (FreeBSD). CERT-UA was able to determine that the Russian backed Sandworm threat group was responsible for the attack and the group was able to gain access to the Ukrinform servers on December 7th, 2022. Sandworm was also believed to be responsible for another attack that targeted a Ukrainian energy provider in April.
12 Essentials for a Successful SOC Partnership
As cyber threats continue to impact businesses of all sizes, the need for round-the-clock security