On January 16, 2022 amidst significant geopolitical tension between Russia (RU) and Ukraine (UA), Microsoft announced that they had “detected a highly destructive form of malware in dozens of government and private computer networks in Ukraine that appeared to be waiting to be triggered by an unknown actor.”[1] Around the same time, Ukrainian government websites were defaced.
While this malware (which Microsoft is calling “WhisperGate”) has not yet been formally attributed to Russia, it is suspected that Russia is responsible for the cyber attack given the targeting of Ukrainian organizations.
Within the Bitsight platform, this event is considered as a single Security Incident with the Ukrainian government as the direct party to the incident. Individual companies affected by this incident are classified as indirect parties affected by a multiparty event. As of the morning of January 21st, our team had recorded thirteen affected companies.
Visit the Microsoft and Russian-Ukrainian Tension “WhisperGate” Resource Center.
References:
- New York Times, “Microsoft Warns of Destructive Cyberattack on Ukrainian Computer Networks”
- Washington Post, “Data of several Ukrainian government agencies is wiped in cyberattack”
- Wall Street Journal, “Ukraine Hacks Signal Broad Risks of Cyberwar Even as Limited Scope Confounds Experts”
- Good Harbor, “Warning Notice: Ukraine and Your Cyber Security”
- Mandiant, “Proactive Preparation and Hardening to Protect Against Destructive Attacks”
- Microsoft, “Destructive malware targeting Ukrainian organization”