Tag Archives: Ukraine
TORONTO/KIEV (Reuters) – Hackers have infected at least 500,000 routers and storage devices in dozens of countries, some of the world’s biggest cyber security firms warned on Wednesday, in a campaign that Ukraine said was preparation for a future Russian cyber attack.
The U.S. Department of Homeland Security said it was investigating the malware, which targets devices from Linksys, MikroTik, Netgear Inc (NTGR.O), TP-Link and QNAP, advising users to install security updates.
Ukraine’s SBU state security service said the activity showed Russia was readying a large-scale cyber attack ahead of the Champions League soccer final, due to be held in Kiev on Saturday.
“Security Service experts believe the infection of hardware on the territory of Ukraine is preparation for another act of cyber-aggression by the Russian Federation aimed at destabilising the situation during the Champions League final,” it said in a statement.
Cisco Systems Inc (CSCO.O), which has been investigating the threat for several months, has high confidence that the Russian government is behind the campaign, according to Cisco researcher Craig Williams. He cited the overlap of hacking code with malware used in previous cyber attacks that the U.S. government have attributed to Moscow.
Cisco, which uncovered the campaign several months ago, alerted authorities in Ukraine and the United States before going public with its findings about the malware it dubbed VPNFilter.
It also shared technical details with rivals who sell security software, hardware and services so they could issue alerts to their customers and protect against the threat.
Cisco described the mechanisms that the malware uses to hide communications with hackers and a module that targets industrial networks like ones that operate electric grids, said Michael Daniel, chief executive officer of Cyber Threat Alliance, a nonprofit group.
“We should be taking this pretty seriously,” said Daniel, whose group’s 17 members include Cisco, Check Point Software Technologies Ltd (CHKP.O), Palo Alto Networks Inc (PANW.N) and Symantec Corp (SYMC.O).
Cyber security firms, governments and corporate security teams closely monitor events in Ukraine, where some of the world’s most costly and destructive cyber attacks have been launched.
They include the first documented cases where hacks have caused power outages and the June 2017 NotPetya cyber attack that quickly spread around the world, causing network outages that lasted weeks at some companies. Victims included Beiersdorf AG (BEIG.DE), FedEx Corp (FDX.N), Merck & Co Inc (MRK.N), Mondelez International Inc (MDLZ.O) and Reckitt Benckiser Group Plc (RB.L).
Cisco said it does not know what the hackers have planned. The malware could be used for espionage, to interfere with internet communications or launch a destructive attack like NotPetya, according to Williams.
The Kremlin did not immediately respond to a request for comment. Russia has denied assertions by nations including Ukraine and Western cyber-security firms that it is behind a massive global hacking program that has included attempts to harm Ukraine’s economy and interfering in the 2016 U.S. presidential election.
VPNFilter has infected devices in at least 54 countries, but by far the largest number is in Ukraine, according to Cisco.
Netgear representative Nathan Papadopulos said the company was looking into the matter. He advised customers to make sure their routers are patched with the latest version of its firmware, disable remote management and make sure they have changed default passwords shipped with the device.
A Linksys spokeswoman had no immediate comment. MikroTik, TP-Link and QNAP could not be reached.
Reporting by Jim Finkle in Toron to and Pavel Polityuk in Live; Writing by Jim Finkle and Jack Stubbs; Editing by Mark Heinrich and Jeffrey Benkoe
President Trump has approved a plan to send Javelin anti-tank missile systems to Ukraine to help the U.S.-backed government there fight Russian-allied forces. Russian military and allied forces have been active in Ukraine since the 2014 ouster of pro-Russian president Viktor Yanukovych.
The sale, reported by the Wall Street Journal, would put a uniquely effective weapon into play in the conflict. The Javelin, developed by Raytheon and Lockheed-Martin and first put in service in 1996, is a shoulder-fired missile designed to track targets by infrared. But rather than hitting a tank in the front or sides, where its armor is thickest, the Javelin projectile flies along a long arc to hit a tank’s roof, where the armor on most models is thinnest.
The Javelin is both more powerful, more expensive, and more tightly controlled than other anti-tank weapons, such as the older BGM-71 TOW system. According to an in-depth overview by The National Interest, the Javelin had a major showing in the 2003 invasion of Iraq. In one battle, it enabled a small group of U.S. special operations troops with four Javelin launchers to destroy a substantially larger Iraqi tank unit.
Get Data Sheet, Fortune’s technology newsletter.
The Javelin is said to be effective against most tanks in the Russian arsenal, though it has not been battle-tested against the most modern tanks. The State Department also recently approved the sale of Javelins to Georgia, which has had its own recent clashes with Russia, and has also sent units to Lithuania and Estonia.
Russian tanks have been instrumental in some victories by pro-Russian forces in the Ukrainian conflict. However, commentators have also described tank battles as relatively rare. That has led some to speculate that the decision is primarily political rather than tactical, intended to signal deeper American support for anti-Russian forces. Ukraine expert Michael Kofman told the Washington Post that Russia would “see this as a premise of the U.S. wanting to kill Russians,” pointing to a possible escalation of both the conflict, and broader U.S.-Russia tensions.