Six Russian Hacker Groups Carried Out 240 Cyber Operations in Ukraine

At least six different Russian hacker groups have conducted around 240 cyber operations against Ukrainian companies and organizations. According to Microsoft experts, the suspected Russian hackers have been “working to breach organizations across regions throughout Ukraine” and may have been gathering intelligence on Ukrainian military partnerships for many months before the military conflict began.

32% of Destructive Attacks Targeted Ukrainian Government Organizations

More than 40% of destructive attacks were aimed at organizations in critical infrastructure sectors, which could have had negative consequences for the Ukrainian government, military, economy, and civilian population.

Multifaceted Cyberattack Disrupted Satellite Internet Services

At the start of the military conflict, a large-scale cyberattack disabled internet service for tens of thousands of satellite modems in Ukraine and other European countries. Hackers shut down modems connected to the KA-SAT satellite operated by Viasat, which provides internet access to some customers in Europe, including Ukraine.

Attack on Ukrainian Power Substation

Earlier this month, a hacker group linked to the Russian military attacked a Ukrainian power substation. If successful, the attack could have caused a power outage for 2 million people. The attackers intended to disable substations using the Industroyer2 malware. According to CERT-UA and cybersecurity company ESET, the malicious actions were scheduled for April 8, 2022, but based on the file compilation dates, the attack had been in preparation for at least two weeks prior.

Methods Used by Hackers

The hackers involved in these attacks use various methods to gain initial access to their targets, including phishing, unpatched vulnerabilities, and compromising upstream IT service providers.