October 8, 2024 at 02:06AM
Ukraine claims responsibility for a cyber attack on Russia’s state media VGTRK. The attack disrupted operations but caused no significant damage. Russian media reports the hackers wiped everything from servers. The attack is believed to be the work of a pro-Ukrainian hacker group. Cyber attacks have intensified amidst the Russo-Ukrainian war, with a notable increase in incidents targeting security and defense sectors.
From the meeting notes, we can summarize the following key takeaways:
1. Ukraine has claimed responsibility for a cyber attack on Russian state media company VGTRK, leading to operational disruptions. The attack has been attributed to a pro-Ukrainian hacker group called Sudo rm-RF.
2. Russian media outlet Gazeta.ru reported that the hackers wiped “everything” from VGTRK’s servers, including backups, signaling significant damage despite VGTRK’s initial reassurances.
3. The cyber attack is part of a broader trend of increased cyber attacks targeting security, defense, and energy sectors in Russia and Ukraine, particularly against the backdrop of the ongoing Russo-Ukrainian war.
4. The attacks have been attributed to various threat actors, including a China-linked cyber espionage actor (UAC-0027) deploying malware such as DirtyMoe, and a Russian state-sponsored hacking group (UAC-0184) initiating communications through messaging apps like Signal to distribute malware. Additionally, a Russian hacking crew known as Gamaredon has remained focused on Ukraine and employs various techniques to evade network-based detections.
5. The intensity of the conflict has increased since 2022, but Gamaredon’s activity has remained consistent, utilizing malware families such as PteroBleed and demonstrating resourcefulness by leveraging third-party services to evade detection.
These takeaways provide a comprehensive overview of the cyber attack, the ongoing cyber threats in the region, and the specific threat actors involved.