Russia-Ukraine cyber conflict poses critical infrastructure at risk

2 years ago 106
BOOK THIS SPACE FOR AD
ARTICLE AD

While the Russia-Ukraine cyber conflict goes on, nation-state actors, crooks, and hacktivists continue to pose critical infrastructure at risk.

Critical infrastructure is a privileged target for almost any kind of threat actor, the ongoing Russia-Ukraine cyber conflict is posing them at risk.

Ongoing attacks could cause severe damages to multiple sectors, including transportation, communication, financial services, government facilities, nuclear reactors, and critical manufacturing.

“Recently attacks on Information technology (IT) networks connected to Operational Technology (OT) components and the devices responsible for controlling plant operations are being attacked by largescale cyber-attacks amid the Russian-Ukraine crisis.” reported researchers from Cyble. “State-sponsored attackers, Advanced Persistence Threat (APT) groups and numerous hackers’ communities have been actively targeting the critical infrastructure of their enemy country. This sudden surge in attacks is due to the geopolitical events of the current Russian – Ukraine conflict.”

Researchers collected information about the attacks on critical infrastructure amid the Russia-Ukraine cyber conflict from Computer Emergency Response Teams (CERT) all around the globe and public announcements of attacks made by threat actors.

Below is the timeline of recent cyber incidents on critical infrastructure:

critical infrastructure attacks

On February 25, 2022, a group that uses the Twitter handle @LiteMods reported a DDOS attack on Russian energy giant Gazprom.

A telegram channel operated by a threat actor called “Against the West” claimed that they had breached Gazprom and on March 5, 2022, released the data allegedly stolen from Gazprom.

⅓ ❗️We continue to help Ukrainians in their fight against Russian occupation forces. The Railways is under attack. The computer network is in a state of collapse. Manual control mode is enabled, which will slow down the movement of trains but will NOT create emergency situations

— Belarusian Cyber-Partisans (@cpartisans) February 27, 2022

On March 1st, 2022, a hacktivist group using the Twitter handle @GS_M4F14 claimed to have breached the Nuclotron-based Ion Collider facility (NICA). 

The same group also claimed to have stolen “SQLI dump, SMB leaks, FTP server dump, Private GitLab’s of JINR and Department of Russia.”

Real Time – Nuclear Reactor – JINR Russia, Dubna Bypass Module and access monitoring system

http://159.93.95.20/u400/water.html

– investigative process the damage to the platform would make it difficult for the SCADA operator to work correctly the plant located in Dubna. pic.twitter.com/t6fPX5pubu

— kelvinsecurity (@Ksecureteamlab) March 1, 2022

On March 6, the Twitter handle @JoanneHuggins6 reported to have hacked Russia SCADA systems and stopped them, the day after they also claimed to have hacked the water supply systems of Russia.

We hacked Russian SCADA system and shut it down:
Волховский РПУ> Volkhov RPU
Бокситогорский РПУ> Boksitogorsk RPU
Лужский РПУ> Luga RPU
Сланцевский РПУ> Slantsevsky RPU
Тихвинский РПУ> Tikhvinsky RPU
Выборгское РПУ> Vyborg RPU
Waiting for our next good news.#AnonGh0st #OpRussia pic.twitter.com/QuGEUswr1f

— AnonGh0st (@JoanneHuggins6) March 6, 2022

“Cyber-attacks on critical infrastructure can result in loss of life, monetary and economic issues, or reputational damage. Moreover, they can spark significant events within the country that can impact the economy overall.” concludes the report. “Researchers at Cyble believe that the frequency of incidents concerning critical sectors will rise in the coming months. The amount of information available in the public domain concerning the techniques used in exploiting the critical infrastructure at this current time will allow numerous attacks by malicious hackers on countries due to geopolitical issues.”

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, APT31)

Read Entire Article