UJ.com

Top 2 

                        FRIDAY, MARCH 29, 2024
Make Homepage /  Add Bookmark
Front Page
Nation
Business
Search
Subscription
Advertising
About us
Copyright
Contact
 

   Username:
   Password:


Registration

 
GISMETEO.RU
UJ Week
Top 1   

    
Business    

Russian hackers attack Ukraine, Poland
Journal Staff Report

KYIV, Oct. 17 - Hackers with alleged ties to Russia have infected three companies in Eastern Europe with sophisticated malware attacks, a cybersecurity firm revealed on Wednesday, The Hill reported.

Researchers at ESET say they have uncovered a new cyber espionage group named GreyEnergy, which allegedly infected three unidentified energy and transport companies in Ukraine and Poland. The firm warns that this activity could be an early indicator that the hacking group is preparing to launch more damaging attacks in the future.

GreyEnergy, according to ESET, is the successor to another advanced persistent threat (APT) group known as BlackEnergy, which it says caused serious damage to Ukraine's critical infrastructure in 2015.

Although ESET, a Slovakia-based firm, does not attribute GreyEnergy's activities to any nation-state, the United Kingdom and other cyber firms like FireEye and iSight have tied the attacks on Ukraine's power grid to Russian hacking groups.

Britain's National Cyber Security Centre (NCSC) earlier this month released a dozen different aliases for a Russian intelligence hacking group it linked to aggressive cyber operations against Ukraine. Those names include Fancy Bear, Sandworm and BlackEnergy. Russia has denied any involvement in the attacks against its Western neighbor.

The NCSC attribution comes as the U.K. ramps up pressure against Russia for carrying out a nerve agent attack against Sergei Skripal and his daughter in Salisbury.

“The GRU’s actions are reckless and indiscriminate: they try to undermine and interfere in elections in other countries; they are even prepared to damage Russian companies and Russian citizens," U.K. foreign secretary Jeremy Hunt said in a statement earlier this month.

“Our message is clear: together with our allies, we will expose and respond to the GRU’s attempts to undermine international stability.”

ESET first detected GreyEnergy activity in 2015 when BlackEnergy caused the first-ever cyberattack blackout in Ukraine by targeting its energy grid, noting that it has exhibited a "more modern toolkit with an even greater focus on stealth" than BlackEnergy.

"[T]he threat actors behind GreyEnergy have tried to stay under the radar, focusing on espionage and reconnaissance, quite possibly in preparation of future cybersabotage attacks or laying the groundwork for an operation run by some other APT group," the blog reads.

"To cover their tracks, typically, GreyEnergy’s operators securely wipe the malware components from the victims’ hard drives."

GreyEnergy infests computer systems by spear-phishing attacks — sending emails containing malicious links or attachments — or by compromising public-facing servers on the internet. Once they gain access to the target's network, the hackers begin gathering sensitive information like passwords, login credentials or file extractions, according to ESET. (hi/ez)




Log in

Print article E-mail article


Currencies (in hryvnias)
  28.03.2024 prev
USD 39.23 39.14
RUR 0.425 0.422
EUR 42.44 42.44

Stock Market
  27.03.2024 prev
PFTS 507.0 507.0
source: PFTS

OTHER NEWS

Ukrainian Journal   
Front PageNationBusinessEditorialFeatureAdvertisingSubscriptionAdvertisingSearchAbout usCopyrightContact
Copyright 2005 Ukrainian Journal. All rights reserved
Programmed by TAC webstudio