In its special advisory, Radware shares insights based on public information regarding threats and attacks surrounding the Kremlin’s special military action against Ukraine.
Currently, attacks were limited to targets directly relating to the conflict and our Cloud Security Services have no significant indicators of a shift in attack patterns that might be attributed to this event. The most significant threat for organizations is becoming collateral in a proxy war fought by patriotic hactivists. The threats and potential attacks that might follow as conflicts could escalate between nations or between online communities are not different from threats organizations have faced from hactivists and ransomware operators in the recent months. Organizations across the globe should continue bolstering their cyber security resilience, now more than ever.
Highlights of the report:
- Russian troops invaded Ukraine on February 24th, in an attempt to overthrow the Ukrainian government, after US and NATO rejected Russia’s demand to bar Ukraine from NATO
- NATO fully supports Ukraine’s sovereignty, territorial integrity, and Ukraine’s right of self-defense and condemned the invasion
- NATO alliance members cannot and will not go to war with Russia unless one of its members is attacked, this applies both to online and offline conflicts.
- Just before the invasion started, Ukraine targets were assaulted by a wiper malware
- DDoS attacks on Ukraine were reported and attributed to Russia by the US Government and the NCSC (UK)
- Anonymous declared war to Russia and claimed responsibility for the DDoS attacks on Russian financial and government targets
- Ransomware operators Conti and CoomingProject posted messages announcing their Russian government support
- Lockbit published an “Official Statement on the Cyber Threat to Russia” saying it is not engaging in international conflicts and is “only interested in money for their harmless and useful work”
- A Telegram channel is regrouping over 180,000 pro-Ukrainian members who are willing to spread content and hack back at those attacking Ukraine, supported by the Vice Prime Minister of Ukraine
- Geoblocking reportedly deployed by Russia in an attempt to mitigate potential attacks
- Advise for organizations across the globe
Please read the full advisory [Cyberattacks and Threats Amidst Russian Invasion of Ukraine] with more detailed and factual information on the most recent developments online, influenced by, and in support of the offline conflict.