[ad_1]
Table of Contents
According to Microsoft, a hacking group named Cadet Blizzard, which has been linked to Russia’s Main Intelligence Directorate (GRU), is responsible for a series of cyberattacks against Ukraine and its Western allies in 2022 and this year.
A hacker – artistic interpretation. Image credit: Sebastiaan Stam via Unsplash, free license
Microsoft’s threat intelligence teams have identified Cadet Blizzard as the group behind these cyberattacks. The company revealed in a blog post that this criminal organization specifically targets Ukraine and NATO member-states that provide military assistance to the country, which is currently dealing with conflict.
Microsoft stated that Cadet Blizzard was responsible for the destructive WhisperGate wiper attacks against Ukraine in January 2022, which occurred prior to Russia’s invasion of the country. The group was also involved in attacks on Ukrainian websites in early 2022.
In addition to Ukraine, Microsoft believes that hackers from Cadet Blizzard has targeted various organizations in Europe and Latin America. The hacking group has been active since 2020, according to Microsoft’s findings.
Microsoft has cautioned that the Russian hacking group, Cadet Blizzard, remains consistently active in cyberspace and strategically conducts its operations during the off-business hours of its primary targets to minimize the likelihood of detection.
According to Microsoft, Cadet Blizzard utilizes stolen passwords and credentials to breach internet servers that have weaker protection measures. The group also employs web shells to maintain access and employs “living off the land” techniques, utilizing legitimate commands to traverse the networks of their targets.
By utilizing this technique, Cadet Blizzard is able to camouflage its activities within legitimate network traffic, making it more challenging to detect their malicious actions.
Security cameras – illustrative photo. Image credit: Scott Webb via Unsplash, free license
However, despite its association with Russia, Cadet Blizzard has displayed lower effectiveness compared to other hacking groups affiliated with the country.
Microsoft highlighted that the WhisperGate attack conducted by Cadet Blizzard in January 2022 impacted significantly fewer systems and had a comparatively modest impact, despite their training aimed at network destruction in Ukraine.
Cadet Blizzard’s activity surged between January and June 2022, then dissipated before resurfacing in early 2023. However, the more recent cyber operations conducted by Cadet Blizzard, although sporadically successful, have failed to achieve the same impact as those carried out by their counterparts within the GRU, as stated by Microsoft.
Last month, Ukraine’s cybersecurity chief disclosed that Russia has been conducting cyberattacks against Ukraine since the onset of the war over a year ago.
Yurii Shchyhol, the chief of the State Service of Special Communications and Information Protection of Ukraine (SSSCIP), highlighted in an interview with The Record that Russian hackers have altered their tactics and targets in response to the noticeable decrease in cyberattacks on Ukrainian commerce, finance, and defense sectors this year.
Shchyhol disclosed that Russian cyberattacks now concentrate on critical targets, particularly Ukraine’s energy sectors. Additionally, there has been a notable increase in supply chain attacks against software manufacturers.
“These attacks are highly intricate and require advanced training, knowledge, skills, and capabilities to execute successfully,” stated Shchyhol.
To counter Russian cyberattacks, the Ukrainian cybersecurity chief acknowledged receiving assistance from prominent technology companies like Microsoft, ESET, and Cisco.
Furthermore, Shchyhol revealed that they are collaborating with Palantir, a U.S.-based data analytics company, whose capabilities have proven immensely beneficial in providing essential information for their operations.
In response to Russia’s ongoing military assault, SSSCIP has developed a secure, closed-source messenger for Ukraine’s state and military communication system. This initiative aims to bolster the security of communications amid the challenging circumstances posed by the Russian aggression.
Written by Vytautas Valinskas
[ad_2]
Source link
