Loading stock data...

Breaking

Ethereum ETF inflows rise to $2.6 billion in December Bitcoin price move above $100K could drive SOL, SUI, ICP, and ENA higher. Third-party app stores will be allowed on Apple iPad in Europe starting on September 16th. The Possibility of HP Joining Apple’s Strategy and the Role of Rubinstein. LONDON Struggles to Retain ATCHEL as it heads stateside, searching for a broader set of investors.

Algorithmics

Information platform focusing on algorithm theory and practice

Technology

Ukraine warns of Russian hacking attempts on its defense industry contractors

Ukraine President Volodymyr Zelenskyy

Posted: 9:35 AM PST · December 9, 2024

Ukraine’s Computer Emergency Response Team (CERT-UA) Warns of Phishing Attacks on Defense and Military Companies

In a report published over the weekend, Ukraine’s CERT-UA identified a hacking group known as UAC-0185 (also referred to as UNC4221) that has been targeting the country’s defense and military companies with phishing attacks. The group’s activities were first reported earlier this year by a cybersecurity company, which linked them to the Russian government.

Phishing Attacks Designed to Look Like Legitimate Invitations

The hackers have been sending emails pretending to be from the Ukrainian League of Industrialists and Entrepreneurs (ULIE), which claims to be "Ukraine’s largest union of business organizations and economic agents." The emails were designed to look like invitations to a real conference that took place in Kyiv last week, and were sent ahead of the conference. According to CERT-UA, the hackers are targeting employees working for Ukraine’s defense contractors and defense forces.

UAC-0185 (UNC4221): A Russian Government-Led Hacking Group?

While CERT-UA did not explicitly state who was behind the group, earlier this year a cybersecurity company linked them to the Russian government. It is worth noting that attributing cyberattacks to specific nation-states can be challenging and often requires sophisticated intelligence gathering.

Targeting Ukraine’s Defense Contractors

The phishing attacks are a significant concern for Ukraine’s defense contractors, as they could potentially compromise sensitive information or disrupt critical operations. The country’s military companies have been under increasing pressure in recent years due to ongoing conflict with Russia, making them a prime target for cyberattacks.

How the Attacks Worked

According to CERT-UA, the hackers sent emails designed to look like legitimate invitations to the conference. The emails included attachments and links that were intended to trick employees into revealing sensitive information or installing malware on their devices. The group’s tactics are similar to those used in previous phishing attacks carried out by Russian government-backed hacking groups.

Cybersecurity Implications

The targeting of Ukraine’s defense contractors has significant cybersecurity implications, both for the country itself and for global security more broadly. If successful, these attacks could compromise sensitive information, disrupt critical operations, or even enable future cyberattacks on other targets. It highlights the need for increased vigilance and cooperation between governments, companies, and cybersecurity experts to counter such threats.

What Can Be Done?

To combat these types of attacks, Ukraine’s CERT-UA recommends that defense contractors implement robust security measures, including:

  • Email filtering: Implementing email filters can help prevent phishing emails from reaching employees’ inboxes.
  • Training and awareness: Educating employees about the dangers of phishing attacks and how to identify suspicious emails is crucial.
  • Regular updates: Keeping software up-to-date with the latest security patches can help protect against malware and other threats.

Related Stories

  • Nvidia’s Project Digits is a ‘Personal AI Supercomputer’
    • By Kyle Wiggers, 4 hours ago
  • Washington Sues T-Mobile Over 2021 Data Breach That Spilled 79 Million Customer Records
    • By Zack Whittaker, 11 hours ago
  • CISA Says ‘No Indication’ of Wider Government Hack Beyond Treasury
    • By Zack Whittaker, 12 hours ago

Stay Informed on Cybersecurity Threats

To stay up-to-date on the latest cybersecurity news and threats, consider subscribing to TechCrunch’s newsletters:

  • TechCrunch Daily News: Get the best of TechCrunch’s coverage every weekday and Sunday.
  • TechCrunch AI: Stay informed about the latest advancements in artificial intelligence.
  • TechCrunch Space: Get the latest news on aerospace and space exploration.

Contact Us

If you have more information about cyberattacks against Ukraine or other attacks carried out by Russian government hackers, contact Lorenzo Franceschi-Bicchierai securely via Signal at +1 917 257 1382, Telegram and Keybase @lorenzofb, or email.

Related Post

Technology

Third-party app stores will be allowed on Apple iPad in Europe starting on September 16th.

Technology

The Possibility of HP Joining Apple’s Strategy and the Role of Rubinstein.

Technology

LONDON Struggles to Retain ATCHEL as it heads stateside, searching for a broader set of investors.

You Missed

Cryptocurrency

Ethereum ETF inflows rise to $2.6 billion in December

Cryptocurrency

Bitcoin price move above $100K could drive SOL, SUI, ICP, and ENA higher.

Technology

Third-party app stores will be allowed on Apple iPad in Europe starting on September 16th.

Technology

The Possibility of HP Joining Apple’s Strategy and the Role of Rubinstein.