SBU receives next evidence of Russian special services organization of cyber attacks against critical infrastructure facilities of Ukraine
The SBU received next evidence of Russian special services aggressive actions against Ukraine in the cyberspace. Russia used controlled hacker group responsible for conducting cyberattacks known as “BlackEnergy” and “NotPetya” against critical infrastructure facilities of Ukraine in 2015-2017.
The SBU officers detected a new targeted attack on information and telecommunication systems of Ukrainian state authorities. Hackers used new samples of malware, the functionality of which involves remote administration of operating system processes and file copying, users tracking and password interception.
Due to the results of an investigation conducted by the SBU specialists jointly with the well known antivirus company, it has been established that these computer viruses are updated versions of the backdoors "Industoyer". They have a number of similar characteristic features, in particular, use of similar code snippets, deployment procedures, computing capabilities of infected systems, etc.
In addition, during the investigation of previous cyber attacks, the use of separate tools belonging to this hacker group was detected.
The SBU Cybersecurity Situation Center found the objects of the specified cyber attack, provided assistance in localizing its consequences and minimizing cyber threats to IT public authorities infrastructure.
SBU Press Centre
For the Attention of the SBU Head