© Reuters. FILE PHOTO: A laptop computer display shows a warning message in Ukrainian, Russian and Polish, that appeared on the official web site of the Ukrainian International Ministry after a large cyberattack, on this illustration taken January 14, 2022. REUTERS/Valentyn
By Pavel Polityuk
KYIV (Reuters) -Kyiv believes a hacker group linked to Belarusian intelligence carried out a cyberattack https://www.reuters.com/world/europe/expect-worst-ukraine-hit-by-cyberattack-russia-moves-more-troops-2022-01-14 that hit Ukrainian authorities web sites this week and used malware just like that utilized by a bunch tied to Russian intelligence, a senior Ukrainian safety official mentioned.
Serhiy Demedyuk, deputy secretary of the nationwide safety and defence council, advised Reuters that Ukraine blamed Friday’s assault – which defaced authorities web sites with threatening messages – on a bunch generally known as UNC1151 and that it was cowl for extra harmful actions behind the scenes.
“We imagine preliminarily that the group UNC1151 could also be concerned on this assault,” he mentioned.
His feedback supply the primary detailed evaluation by Kyiv on the suspected culprits behind the cyberattack on dozens of internet sites. Officers on Friday mentioned Russia was most likely concerned however gave no particulars. Belarus is a detailed ally of Russia.
The cyberattack splashed web sites with a warning to “be afraid and anticipate the worst” at a time when Russia has massed troops https://www.reuters.com/world/europe/ukraine-crisis-what-next-after-week-talks-tension-2022-01-14 close to Ukraine’s borders, and Kyiv and Washington worry Moscow is planning a brand new navy assault on Ukraine.
Russia has dismissed such fears as “unfounded”.
The workplace of Belarusian President Alexander Lukashenko didn’t instantly reply to a request for remark about Demedyuk’s remarks.
Russia’s overseas ministry additionally didn’t instantly reply to a request for touch upon his remarks. It has beforehand denied involvement in cyberattacks, together with towards Ukraine.
“The defacement of the websites was only a cowl for extra harmful actions that had been happening behind the scenes and the implications of which we’ll really feel within the close to future,” Demedyuk mentioned in written feedback.
In a reference to UNC1151, he mentioned: “It is a cyber-espionage group affiliated with the particular providers of the Republic of Belarus.”
Demedyuk, who was the pinnacle of Ukraine’s cyber police, mentioned the group had a monitor document of focusing on Lithuania, Latvia, Poland and Ukraine and had unfold narratives decrying the NATO alliance’s presence in Europe.
“The malicious software program used to encrypt some authorities servers could be very comparable in its traits to that utilized by the ATP-29 group,” he mentioned, referring to a bunch suspected of involvement in hacking the Democratic Nationwide Committee earlier than the 2016 U.S. presidential election.
“The group makes a speciality of cyber espionage, which is related to the Russian particular providers (International Intelligence Service of the Russian Federation) and which, for its assaults, resorts to recruiting or undercover work of its insiders in the proper firm,” Demedyuk mentioned.
The messages left on the Ukrainian web sites on Friday had been in three languages: Ukrainian, Russian and Polish. They referred to Volhynia and Japanese Galicia, the place mass killings had been carried out in Nazi German-occupied Poland by the Ukrainian Rebel Military (UPA). The episode stays a degree of competition between Poland and Ukraine.
Demedyuk instructed the hackers had used Google (NASDAQ:) Translate for the Polish translation.
“It’s apparent that they didn’t reach deceptive anybody with this primitive technique, however nonetheless that is proof that the attackers ‘performed’ on the Polish-Ukrainian relations (that are solely getting stronger every single day),” he mentioned.
Fusion Media or anybody concerned with Fusion Media is not going to settle for any legal responsibility for loss or harm because of reliance on the data together with information, quotes, charts and purchase/promote indicators contained inside this web site. Please be absolutely knowledgeable relating to the dangers and prices related to buying and selling the monetary markets, it is likely one of the riskiest funding varieties attainable.