Cyberattacks against the Ukraine continue amid concerns that Russia may invade the country, according to multiple reports. Russia has denied involved in the cyberattacks. Here's a timeline tracking statements from Kyiv, Microsoft, the White House and more.
January 16, 2022: The CISA recommends network defenders review a Microsoft blog for tactics, techniques, and procedures, as well as indicators of compromise related to this activity. CISA additionally recommends network defenders review recent Cybersecurity Advisories and the CISA Insights, Preparing For and Mitigating Potential Cyber Threats. Source: CISA.
January 15, 2022: Multiple updates...
- The malware is designed to look like ransomware but lacking a ransom recovery mechanism; it is intended to be destructive and designed to render targeted devices inoperable rather than to obtain a ransom. Source: Microsoft.
- Kyiv believes a hacker group linked to Belarusian intelligence carried out a cyberattack that hit Ukrainian government websites and used malware similar to that used by a group tied to Russian intelligence. Ukraine blamed the attack -- which defaced government websites with threatening messages -- on a group known as UNC1151 and that it was cover for more destructive actions behind the scenes. Source: Reuters.
January 14, 2022: Kyiv says around 70 government sites were hit by cyberattack. The White House is concerned Russia laying ground for invasion. TheUkraine says some signs cyberattack linked to Russian hackers. Source: Reuters.
January 13, 2022: Malware first appeared on victim systems in the Ukraine and cyberattacks began. Source: Microsoft.
Stay tuned for continued updates.