1. Business
  2. Politics and policy
December 5, 2018updated 03 Jan 2019 2:49pm

Ukraine blocks “massive” cyberattack attributed to Russia

By Ellen Daniel

Ukrainian authorities have said that they have stopped a large-scale cyberattack attributed to Russia.

Although details of the attack have been vague, The Security Service of Ukraine described the event as a “cyberattack on the information and telecommunication systems”.

It reportedly occurred after an email containing counterfeit accounting documents infected with a virus led to interference with judicial information systems and the theft of official information. The country’s security agency has also said that the attack was connected to Russian IP addresses.

Ongoing tensions that have existed between Russia and Ukraine since Russia annexed Crimea in 2014 escalated at the end of last month when Russia seized three Ukrainian vessels and 24 sailors after they allegedly violated Russia’s maritime border in the Black Sea.

These tensions have often manifested in cyberattacks and hacking attempts. In 2017, Ukraine was the target of a powerful cyberattack in which Petya malware infected many organisations in the country. Russia is thought to be behind the attack.

In 2015, the country experienced what is thought to be the first known successful cyberattack on a power grid after hackers were able to compromise the information systems of three energy distribution companies in Ukraine.

In 2014, pro-Russian hackers launched a series of cyberattacks over several days to disrupt the May 2014 Ukrainian presidential elections.

Ukraine cyberattack highlights risk of phishing

These attacks not only show that cyber warfare continues to be a significant threat in the ongoing conflict between the two countries, but also have implications for the wider world of cybersecurity, showing that that phishing is still a popular technique being used by cyber criminals.

According to Retruster, phishing accounts for 90% of data breaches, with 15% of people successfully phished will be targeted at least one more time within the year.

Moreno Carullo, co-founder and CTO of Nozomi Networks believes that the attacks highlight the ongoing threat of phishing attacks and the importance of educating those within organisations how to recognise fraudulent emails:

“The attacks on Ukraine’s telecommunications systems highlight that attackers are once again relying on phishing as a means to target critical infrastructure. It is therefore extremely important that staff within critical infrastructure organisations are taught to recognise phishing emails and not to click on links or open attachments from unknown sources.

He believes that becoming more aware of phishing is necessary not just in this situation, but can be applied to all businesses:

“Today’s determined attackers are showing no signs of slowing down, so teaching staff to ‘think before they click’ is key to defending against these types of attacks.”

Sam Curry, chief security officer at Cybereason believes that countries around the globe should play close attention to cyberattacks of this nature:

“The Ukraine is just far enough out of reach for Western powers, with a carefully nurtured Russian minority and from the former buffer states that the playbook is obvious. Ukraine and any other adjacent nation in a similar position needs to be leery of attacks that soften, test, probe and seek to destabilise, because destabilisation is a heartbeat away from so-called police actions, nation building and adventurism. The world needs to pay attention to the Ukraine; it’s not a side show, but is main stage in Eastern Europe for the balance of world powers. “