Hacking Ukraine: Russia’s Cyber War and Malware Without Borders

In parallel to the war on the ground in Ukraine, a Russian cyber war is targeting the country’s IT infrastructure and potentially the entire world. 

During the writing of this blog, Russia’s invasion into Ukraine is still taking place on the ground, causing many casualties. Attacks on land, air, and sea have forced over 2 million Ukrainians to seek refuge out of the country. Russian forces intend to overthrow the Ukrainian government. 

The physical war isn’t the only type of conflict that Russia is utilizing. Russia has also launched another powerful and destructive form of warfare: cyber attacks. On Putin’s command, government-operated cyber teams have unleashed computer viruses and other malware on Ukraine’s utilities and technical infrastructure in an attempt to cause chaos and harm.

The “Wipers”

A wiper is a computer virus that deletes all the data as soon as it enters a computer system or database.  Unless a remote backup exists, losing information is hard to recover from. Imagine your Gmail account or Instagram feed being wiped clean. When wipers hit enterprises and government databases, the damage could be huge. 

Russian wiping attacks have started even before the physical invasion. Russia focused on targeting government websites and banks in Ukraine. Cybersecurity Specialists named the first detected strain the “HermeticWiper” or “FoxBlade”. 

HermeticWiper was found in hundreds of Ukrainian laptops on February 23rd, only hours before Russia’s invasion. This wiper not only deletes local data, but also damages the devices’ data recovery and reboot tools, so that mitigation is slower, if at all possible. 

Experts recently uncovered another wiper, dubbed the “IsaacWiper”. IsaacWiper utilizes similar malware strategies as the HermeticWiper.

Governments using cyber warfare is not new, and in some cases it is used for better causes. For example, Israel allegedly hacked nuclear facilities to set back the progress of Iran in developing nuclear weapons. Iran has reported cyber attacks that caused power outages and destroyed infrastructure ever since 2007.

Malware Without Borders: Facing the Collateral Damage 

Cyber attacks hardly stop at their intended computer target. They spread and are followed by collateral damage. Viruses and other malware are not aware where they operate and tend to spread across computer networks and the internet. One infected computer contaminates another, and with global connectivity, the other computer might be thousands of miles away.

Russia’s wipers disseminate through emails and instant messages. Hackers who program wipers do not direct them to cause harm in Ukraine alone. As wipers travel across the world through emails and instant messages, they might harm many other organizations and governments around the globe. 

Russia is no stranger to this outcome, as the country has previously contributed to one of the world’s largest cyber attacks. NotPetya was Russian malware that wreaked havoc in 2017. Targeting Windows operating system, NotPetya could encrypt a hard drive’s file system and prevent the computer from working. 

The target country most heavily afflicted was – not surprisingly – Ukraine, where the national bank and other institutions were compromised. However, the virus also instigated mass infection in France, Germany, Italy, Poland, and even the United States. 

It is estimated that the NotPetya malware attack has caused damage of over US$10Bn. If precautions aren’t taken in time, HermeticWiper and IsaacWipter might cause a similar aftermath.

How Can We Avoid Others’ Cyber Wars 

As scary as cyber warfare is, preventive cybersecurity measures can be taken to decrease the chances of impact. 

Enterprises and institutions should always strengthen their cyber defense mechanisms. The IT infrastructure needs to be protected by firewalls and security systems. Operating systems and software should be constantly updated with new versions that patch vulnerabilities and increase cyber security. Having skilled teams of Cybersecurity Engineers and SOC Analysts, and DevOps Engineers is vital in ensuring cyber protection and immediate response to data breaches and cyber attacks.

In addition, companies should always have up to date data backups to make sure that even if data is lost, a recent iteration can be recovered to minimize the damage. 

Cybersecurity is also important for everyday people. All of us need to be computer savvy and understand the risks to our computers, smartphones, and IoT devices. At the very least, make sure that your computers are secured by strong passwords, protected by antivirus and firewalls, updated with the most recent software, and backed up on a cloud. Avoid suspicious websites, emails, links, or pop-up messages from unknown sources.

Unfortunately, cyber warfare is here to stay, and even intensify. Countries, private organizations, and hackers are launching attacks daily for a myriad of reasons, and such attacks cause collateral damage around the world. This is why the world needs more cybersecurity talent to combat malicious attempts and protect us all from damage.

Wawiwa offers a variety of Cybersecurity reskilling programs for individuals (B2C) and shorter upskilling courses for enterprises (B2B). Programs provide opportunities for students to learn the industry’s needed cybersecurity skills through hands-on exercises, interactive cyber simulations, and curriculum that incorporates real life scenarios. 

The B2B upskilling courses cover a wide range of specialties that allow current SOC Analysts and IT professionals to update their security skills. Incident response and recovery, forensic cybersecurity, advanced malware analysis, and many more topics are offered as on-demand courses for organizations. 

Partner with Wawiwa to offer tech training programs in less than 6 months!

Wawiwa bridges the tech skills gap by reskilling people for tech professions in high demand. There are millions of tech vacancies and not enough tech professionals with the relevant knowledge and skills to fill them. What the industry needs of employees is not taught in long academic degrees. Wawiwa helps partners around the world to reskill, and upskill people for tech jobs through local tech training centers or programs. The company utilizes a proven training methodology, cutting-edge content, digital platforms for learning and assessment, and strong industry relations, to deliver training programs that result in higher employability and graduate satisfaction. This, in turn, also creates a strong training brand and a sustainable business for Wawiwa’s partners.
cybersecurity, cybersecurity specialist, hermetic wiper, isaac wiper, israel, malware, teamwork, tech jobs, tech training, technology, the startup nation, ukraine, wiping

Share post

Share on facebook
Share on twitter
Share on linkedin

Recent posts

Tokyo by Louie Martinez
Wawiwa News

Wawiwa Signs Partnership with ORLAB to Offer Tech Training Programs in Japan

Wawiwa is excited to announce a new partnership in Japan! ORLAB Co., Ltd. – a leading IT services, consultancy, and training company in Tokyo – will soon offer tech reskilling and upskilling programs to train the next generation of tech professionals in Japan. ORLAB, powered by Wawiwa, will offer a wide array of B2B and B2C programs, starting with the Data Analyst program this summer.

Read More »