Hacking Ukraine: Russia’s Cyber War and Malware Without Borders

In parallel to the war on the ground in Ukraine, a Russian cyber war is targeting the country’s IT infrastructure and potentially the entire world. 

During the writing of this blog, Russia’s invasion into Ukraine is still taking place on the ground, causing many casualties. Attacks on land, air, and sea have forced over 2 million Ukrainians to seek refuge out of the country. Russian forces intend to overthrow the Ukrainian government. 

The physical war isn’t the only type of conflict that Russia is utilizing. Russia has also launched another powerful and destructive form of warfare: cyber attacks. On Putin’s command, government-operated cyber teams have unleashed computer viruses and other malware on Ukraine’s utilities and technical infrastructure in an attempt to cause chaos and harm.

The “Wipers”

A wiper is a computer virus that deletes all the data as soon as it enters a computer system or database.  Unless a remote backup exists, losing information is hard to recover from. Imagine your Gmail account or Instagram feed being wiped clean. When wipers hit enterprises and government databases, the damage could be huge. 

Russian wiping attacks have started even before the physical invasion. Russia focused on targeting government websites and banks in Ukraine. Cybersecurity Specialists named the first detected strain the “HermeticWiper” or “FoxBlade”. 

HermeticWiper was found in hundreds of Ukrainian laptops on February 23rd, only hours before Russia’s invasion. This wiper not only deletes local data, but also damages the devices’ data recovery and reboot tools, so that mitigation is slower, if at all possible. 

Experts recently uncovered another wiper, dubbed the “IsaacWiper”. IsaacWiper utilizes similar malware strategies as the HermeticWiper.

Governments using cyber warfare is not new, and in some cases it is used for better causes. For example, Israel allegedly hacked nuclear facilities to set back the progress of Iran in developing nuclear weapons. Iran has reported cyber attacks that caused power outages and destroyed infrastructure ever since 2007.

Malware Without Borders: Facing the Collateral Damage 

Cyber attacks hardly stop at their intended computer target. They spread and are followed by collateral damage. Viruses and other malware are not aware where they operate and tend to spread across computer networks and the internet. One infected computer contaminates another, and with global connectivity, the other computer might be thousands of miles away.

Russia’s wipers disseminate through emails and instant messages. Hackers who program wipers do not direct them to cause harm in Ukraine alone. As wipers travel across the world through emails and instant messages, they might harm many other organizations and governments around the globe. 

Russia is no stranger to this outcome, as the country has previously contributed to one of the world’s largest cyber attacks. NotPetya was Russian malware that wreaked havoc in 2017. Targeting Windows operating system, NotPetya could encrypt a hard drive’s file system and prevent the computer from working. 

The target country most heavily afflicted was – not surprisingly – Ukraine, where the national bank and other institutions were compromised. However, the virus also instigated mass infection in France, Germany, Italy, Poland, and even the United States. 

It is estimated that the NotPetya malware attack has caused damage of over US$10Bn. If precautions aren’t taken in time, HermeticWiper and IsaacWipter might cause a similar aftermath.

How Can We Avoid Others’ Cyber Wars 

As scary as cyber warfare is, preventive cybersecurity measures can be taken to decrease the chances of impact. 

Enterprises and institutions should always strengthen their cyber defense mechanisms. The IT infrastructure needs to be protected by firewalls and security systems. Operating systems and software should be constantly updated with new versions that patch vulnerabilities and increase cyber security. Having skilled teams of Cybersecurity Engineers and SOC Analysts, and DevOps Engineers is vital in ensuring cyber protection and immediate response to data breaches and cyber attacks.

In addition, companies should always have up to date data backups to make sure that even if data is lost, a recent iteration can be recovered to minimize the damage. 

Cybersecurity is also important for everyday people. All of us need to be computer savvy and understand the risks to our computers, smartphones, and IoT devices. At the very least, make sure that your computers are secured by strong passwords, protected by antivirus and firewalls, updated with the most recent software, and backed up on a cloud. Avoid suspicious websites, emails, links, or pop-up messages from unknown sources.

Unfortunately, cyber warfare is here to stay, and even intensify. Countries, private organizations, and hackers are launching attacks daily for a myriad of reasons, and such attacks cause collateral damage around the world. This is why the world needs more cybersecurity talent to combat malicious attempts and protect us all from damage.

Wawiwa offers a variety of Cybersecurity reskilling programs for individuals (B2C) and shorter upskilling courses for enterprises (B2B). Programs provide opportunities for students to learn the industry’s needed cybersecurity skills through hands-on exercises, interactive cyber simulations, and curriculum that incorporates real life scenarios. 

The B2B upskilling courses cover a wide range of specialties that allow current SOC Analysts and IT professionals to update their security skills. Incident response and recovery, forensic cybersecurity, advanced malware analysis, and many more topics are offered as on-demand courses for organizations. 

Partner with Wawiwa to offer tech training programs in less than 6 months!

Wawiwa bridges the tech skills gap by reskilling people for tech professions in high demand. There are millions of tech vacancies and not enough tech professionals with the relevant knowledge and skills to fill them. What the industry needs of employees is not taught in long academic degrees. Wawiwa helps partners around the world to reskill, and upskill people for tech jobs through local tech training centers or programs. The company utilizes a proven training methodology, cutting-edge content, digital platforms for learning and assessment, and strong industry relations, to deliver training programs that result in higher employability and graduate satisfaction. This, in turn, also creates a strong training brand and a sustainable business for Wawiwa’s partners.
cybersecurity, cybersecurity specialist, hermetic wiper, isaac wiper, israel, malware, teamwork, tech jobs, tech training, technology, the startup nation, ukraine, wiping

Share post

Recent posts

Learning

Can Vibe Coding and Security Coexist?

Vibe coding is a fresh way of thinking about programming – less about strict rules, more about flow, intuition, and creating code that “feels right.” But as exciting as it sounds, vibe coding also raises some important questions. Can something that is built on instinct and speed also be secure? What happens to privacy and data protection when Software Developers lean too much on “vibe” over structure? Vibe coding is sparking curiosity, debate, and a bit of controversy in the tech world. It’s fun, fast, and empowering, but also a challenge when it comes to responsibility and trust.

Read More »
Learning

What is Vibe Coding?

Vibe coding. Sounds mysterious, right? Behind the catchy name lies a fascinating shift in how people approach programming. You know the stereotype of coding as a cold, mechanical process? Well, vibe coding flips that idea on its head. It’s about creativity, intuition, and flow. It’s the moment when code stops being just lines on a screen and starts feeling like an extension of your thoughts. This blog discusses what vibe coding is, why it’s catching attention, and how it might transform the way you think about programming.

Read More »
Learning

Why Your Next AI Leader Might Be a Junior Hire

AI is changing everything fast. But while many companies talk about AI, few truly embrace it to innovate. The real game-changers in the workforce using AI? Motivated junior professionals. They get AI, stay curious, and bring fresh ideas to the table. They may not have decades of experience, but they have the mindset to explore, experiment, and lead organizations into the future. This blog discusses why hiring and empowering AI-savvy juniors is a smart move forward for organizations still stuck on the sidelines of the AI revolution.

Read More »