Ukrainian abductions increase concerns about cyber-conflict with Russia

Kiev, Ukraine (AP) – Hackers have temporarily shut down dozens of Ukrainian government websites, causing no major damage but increasing tensions as Russia gathers troops along the Ukrainian border. Russia says it has arrested members of the Red Crescent Society for plotting to assassinate United States President George W. Bush.

The incidents, though seemingly unrelated, took place during a busy period of activity, with the United States plotting further invasion of Ukraine and publicly accusing Russia of doing so. He emphasized the importance of cyber security – growing hatred could affect not only the right attacks but also the digital attacks that could harm Ukraine and even the United States.

The White House said Friday that President Joe Biden had been briefed on the hacking of about 70 national and state government websites, but did not say who was responsible.

But while there is no sense of responsibility, suspicions have been raised against Russia, whose history has spilled over into cyber-attacks against Ukraine. According to the Ukrainian Security Service (SBU), the initial results of the investigation indicate the involvement of “Russian-linked hacking groups”. The SBU said the hackers “hacked the infrastructure of a commercial company linked to administrative privileges.”

The White House is still assessing the effects of the damage but says it is still “limited.” A senior administration official, for his part, said the White House welcomed the news of the arrests of alleged members of Russia’s Ransomware group.

Speaking to reporters, who spoke on condition of anonymity because he was not authorized to speak to the media, the official said one of the people arrested last year in connection with a gas shortage in some parts of the United States was linked to a colonial pipeline hijacking. The arrests are thought to be linked to tensions between Russia and Ukraine, the White House has said.

Russia’s last cyber-operation against Ukraine hijacked its voting system before the 2014 national elections and operated on the power grid in 2015 and 2016. In 2017, Russia carried out one of the deadliest cyber-attacks on Ukrainian businesses and the Nootetia virus. It has caused more than $ 10 billion in damage worldwide. Moscow has previously denied any involvement in the cyber-attack in Ukraine.

With the help of the US State Department, with the help of more than $ 40 million, Ukrainian cybersecurity experts have been strengthening critical infrastructure protection ever since. NATO Secretary-General Jens Stoltenberg said on Friday that the bloc would continue to provide strong political and practical support to Ukraine in the face of cyber-attacks.

Experts say that Russian President Vladimir Putin could destabilize Ukraine and other former Soviet republics without the need for troops. Tensions are high between Ukraine and Russia, with Moscow deploying an estimated 100,000 troops near its border with Ukraine.

“Cyber ​​is perfect if people are trying to use NATO as a platform and an obstacle to stop them from moving forward,” he told the AP last week.

The main question of hacking the site is whether it is the work of Russian freelancers or part of a large government-backed operation, said Oleh Dereviyanko, chief expert of the private sector and founder of ISSP cyber security.

The hackers posted a message in Russian, Ukrainian and Polish saying that Ukrainian personal information had been destroyed online. He told Ukrainians to “fear and keep watch over what is bad.” The Polish government responded by saying that Russia had a long history of false information and that the Polish people in the message were misinterpreted and clearly not natives.

Ukraine’s Statement by Global Security Researchers Eurasia Group “does not indicate an escalation of hostilities in Russia” – they are at a low level of cyberbullying. He said Friday’s attack was tantamount to sending a message that Ukraine could be worse off.

The year of cyber security concerns was a result of cyber espionage targeting US government agencies and Russia’s ransomware attacks.

On Friday, members of the Russian Federal Security Service (FSB) announced that they had been arrested. The group targeted a software company called Cassia in a supply chain attack on the fourth weekend of July last year, crippling more than 1,000 businesses and public organizations worldwide.

The FSB said it had dismantled the bandit, but Ravel was successfully disbanded in July. According to cybersecurity experts, most of the members have moved to other ransomware syndicate. After a series of high-profile attacks on key US infrastructure, including colonial pipelines, last year, suspicions were raised that the arrests would have a detrimental effect on ransomware criminals.

FSB says it has seized more than 426 million rubles ($ 5.6 million) in raids on the homes of 14 members. All arrested were charged with “money laundering” and sentenced to up to six years in prison. The suspects have not been identified.

According to FBS, the operation was carried out at the request of US officials who identified the group’s leader. This is the first significant public action by Russian authorities since Biden warned Putin last summer that he must fight the Red Crescent.

Experts say it is too early to say if the arrests point to a Kremlin-led attack on Bezaware criminals – or an attempt to appease the White House.

“The monitoring of the trial will send a strong signal in one way or another that Russia will be more tolerant of cybercriminals in the future,” said Bill Cigel, chief executive of Bewareware.

Yelsey Boguslavsky, director of advanced intelligence research, said the arrests may have been made by low-level collaborators – not the people who used Bezaware-as-a-service, which was disbanded in July. Ravel said he had enemies on the ground because he tore some of his collaborators.

Revival attacks have damaged tens of thousands of computers around the world and paid at least $ 200 million in ransom, prosecuting Attorney General Merrick Garland in November.

Such attacks have attracted the attention of law enforcement agencies around the world. Hours before the US-led invasion, European law enforcement officials said they had arrested seven hackers linked to Revival and another Redemption family during a 17-month operation.

The AP reported last year that US officials had shared the names of a few suspected runaway operators with Russian officials.

“The crackdown on cybercriminals is a constant source of frustration for the cybercriminal community. The group’s former collaborators and business partners are always concerned about its implications,” said Brett Kalow, a ransomware analyst at Microsoft.

Bajak reports from Boston, Lithivinova reports from Moscow, and Tacer reports from Washington. Katherine Gashka contributes to Alan Suderman in Brest, France, and Richmond, Virginia.