Ukraine: We Blocked Major Russian Attack on Judiciary

The Ukrainian authorities claim to have blocked a major cyber-attack by Russia targeting the country’s judiciary.

A brief statement from the country’s security service (SBU) said the attack on the “information and telecommunications system” of the judiciary began with a phishing email.

Fake accounting documents were stuffed with malware and used as a lure for recipients to open and infect their machines, the statement continued.

“According to experts, the intention of the Russian Federation special services was to block the sustainable functioning of the judicial information system of Ukraine,” it claimed. The malware itself was designed to carry out “unauthorized interference” and information theft.

The SBU added that at least some of the malware’s command and control servers were located in Russia.

The Eastern European nation will be on high alert this year given the escalating tensions with Russia. In December 2015 and 2016, energy providers were targeted in attacks that left hundreds of thousands without power.

Russia has continued to target the country since it annexed Crimea and occupied parts of eastern Ukraine in 2014. Most famously, the destructive NotPetya and BadRabbit attacks were primarily aimed first at Ukraine, although they ended up spreading beyond its borders.

Sam Curry, chief security officer at Cybereason, argued that the “world needs to pay attention to the Ukraine” and how it is being targeted by Russia.

“The Ukraine is just far enough out of reach for Western powers, with a carefully nurtured Russian minority and from the former buffer states that the playbook is obvious,” he added. “Ukraine and any other adjacent nation in a similar position needs to be leery of attacks that soften, test, probe and seek to destabilize, because destabilization is a heartbeat away from so-called police actions, nation building and adventurism.”

What’s Hot on Infosecurity Magazine?