More cyberattacks and harmful viruses have hit Ukraine.

In the midst of Russia's tensions, Ukraine has been targeted by additional cyberattacks and deadly viruses.

Ukraine's parliament, as well as other government and banking websites, were targeted by a new wave of distributed-denial-of-service attacks on Wednesday, according to cybersecurity experts. Unidentified attackers also infected hundreds of computers with destructive malware, according to researchers.

Officials have long predicted that cyberattacks would precede and follow any Russian military entry, and analysts said the intrusions followed a nearly two-decade-old Russian playbook of combining cyber operations with real-world action.

ESET Research Labs claimed it discovered a new data-wiping piece of malware on hundreds of workstations in Ukraine on Wednesday. However, it was unclear how many networks were affected.

In answer to an inquiry from The Associated Press about whether the virus was successful in its wiping capacity, ESET research leader Jean-Ian Boutin said, "We think that this was the situation and impacted devices were erased."

To protect the victims, Boutin would not name the targets, but they were significant companies, he said, adding that while ESET is unable to say who was involved, the attack looks to be linked to Ukraine's ongoing turmoil.

Symantec Threat Intelligence technical director Vikram Thakur said his company discovered three firms affected by the wiper malware: Ukrainian government contractors in Latvia and Lithuania, as well as a banking institution in Ukraine.

According to Thakur, all three had intimate ties to the Ukrainian government, indicating that the attacks were not random. He estimated that the malware-infected about 50 systems at the banking institution, with some data being erased.

When contacted about the ESET findings, senior Ukrainian cyber defense official Victor Zhora stated, "No comment."

The malware's timing shows it was produced in late December, according to Boutin, who added that it has only been found in Ukraine.

According to Chester Wisniewski, a principal research scientist at cybersecurity firm Sophos, Russia has likely been planning this for months, so it's difficult to determine how many organizations or agencies have been backdoored in preparation for these attacks. He believes the malware was designed to deliver the message that the Kremlin has infiltrated a considerable portion of Ukrainian infrastructure and that these are only little samples to demonstrate how widespread their penetration is.

Wiper malware was discovered after a mid-January attack blamed on Russia, in which the defacement of 70 government websites was used to hide incursions into government networks, in which at least two servers were destroyed by a wiper virus posing as ransomware.

Thakur said it was too early to determine whether the malware discovered Wednesday was as bad as the one that caused server disruption in January.

Since before 2014, when the Kremlin invaded Crimea and attempted to obstruct elections, cyberattacks have been a crucial tactic of Russian aggression in Ukraine. In 2007, they were again deployed against Estonia, and in 2008, they were employed against Georgia.

Because they don't involve network infiltration, distributed denial-of-service assaults are among the least damaging. Such attacks flood websites with spam traffic, rendering them unavailable.

The defense and foreign ministries, the Council of Ministers, and Privatbank, the country's largest commercial bank, were among the DDoS targets on Wednesday. Many of the same sites were taken down by DDoS attacks on February 13-14 in the United States and the United Kingdom. The GRU military intelligence agency of Russia was promptly blamed by nations.

The DDoS attacks on Wednesday appeared to be less damaging than the prior onslaught, with targeted sites quickly becoming accessible again after emergency responders were able to mitigate them. Responders shifted to a different DDoS protection service provider, according to Zhora's office, Ukraine's information protection organization.

Two attack waves, each lasting more than an hour, were recorded by Doug Madory, director of internet monitoring at network management firm Kentik Inc.

DDoS attacks in Ukraine have been sporadic and on the rise in the past month, according to a spokesman for California-based Cloudflare, which provides services to some of the targeted sites. "DDoS attacks in Ukraine have been sporadic and on the rise in the past month, but relatively modest compared to large DDoS attacks we've handled in the past," he said.

The West holds Russia's GRU responsible for some of the most devastating cyberattacks in history, including a pair in 2015 and 2016 that knocked out parts of Ukraine's power grid for a brief period, and the NotPetya wiper virus in 2017, which caused more than $10 billion in global damage by infecting companies doing business in Ukraine with malware seeded through a tax preparation software update.

The wiper malware detected in Ukraine this year has so far been manually activated, as opposed to a worm-like NotPetya, which can spread out of control across borders.

"It's not how many you've learned that matters, but how well you've applied and mastered what you've learned." - cybersoc

LearnIT, HackIT, SecureIT @ Life After Coffee

Thank You For Your Support