Communications services in Russian embassies are facing unprecedented cyberattacks from Ukraine, stated Russian Foreign Ministry Spokeswoman Maria Zakharova. Phones are being targeted by botnets and hackers, which blocks the embassies’ operations and causes damage to civilians who seek help and consultations, Zakharova noted.
Ukraine conflict
Ukrainian cyber resistance group plans to target Russian power grid, railways
A Ukrainian cyber warfare group plans to launch digital sabotage against Russian national critical infrastructures such as railways and the electrical grid, one of the group’s coordinators, Yegor Aushev, told Reuters. Aushev stated that he will plan attacks that would disrupt any infrastructure that helps to bring Russian troops, noting that ‘The goal is to make it impossible to bring these weapons to our country.’
Previously, Aushev posted a call for cybersecurity volunteers to defend Ukraine on 25 February, claiming he did so at the request of a senior Defense Ministry official.
A Ukrainian defence attache in Washington declined to comment on Aushev’s group or its relationship with the defence ministry.
Ifax: Russia says Meta, Google should be held accountable for ‘inciting war’
The Russian Foreign Ministry is proposing a method to make Western tech corporations liable for ‘inciting conflict’. Google is responsible for ‘inciting war’, stated an official of Russia’s Foreign Ministry. Furthermore, Google and Meta are two of the few tech companies that could face restrictions in Russia. Previously, the Russian government announced plans to take action against certain tech giants.
RIPE NCC to remain neutral
On 28 February, the RIPE NCC Executive Board approved a resolution on the provision of critical services, noting that ‘means to communicate should not be affected by domestic political disputes, international conflicts or war.’ The Board also committed to ‘taking all lawful steps available to ensure that the RIPE NCC can provide undisrupted services to all members across [its] service region and the global Internet community’. It further noted the importance of the RIPE NCC remaining neutral and guaranteeing equal treatment for all those responsible for providing internet services. The resolution came a day after Ukraine requested that RIPE NCC withdraw the right to use any IPv4 and IPv6 addresses by any Russian members of RIPE.
Instagram makes encrypted direct messaging available in Ukraine and Russia
Meta, Instagram’s parent company, has announced that it is making encrypted one-to-one chats on Instagram available to all adults in both Ukraine and Russia. Instagram users will be alerted that they have the option to switch to an encrypted discussion.
ESET: IsaacWiper and HermeticWizard: New (data) wiper and worm targeting Ukraine
ESET researchers have uncovered a new wiper that attacked Ukrainian organisations. On 22 February a HermeticWiper targeted at least 5 Ukrainian organisations; HermeticWiper makes a system inoperable by corrupting its data. On 24 February, ESET detected another wiper in a Ukrainian governmental network called ‘IsaacWiper’. Researchers are currently assessing links (if any) to HermeticWiper. According to the ESET researchers, IsaacWiper has been seen in an organisation that was not affected by HermeticWiper. Moreover, ESET has not found any connection with a known threat actor.
European telecoms mobilise free services for Ukrainian refugees
European telecoms providers have taken measures to improve the humanitarian situation created by the Ukrainian conflict. Measures include free international calls to Ukraine, the distribution of SIM cards to refugees, and free Wi-Fi in refugee camps.
Operators involved include Deutsche Telekom, Orange, Proximus, Vodafone, Telecom Italia, Telefónica, Proximus and Vivacom.
There have been proposals to reduce and even to eliminate roaming costs in Ukraine as well. However, implementation is more difficult as it requires receiving operator’s agreement.
Google drops Russian state media from its news
Google has announced that it has removed the Russian state media from its services, including Google News.
In a blog post, Google’s President of Global Affairs Kent Walker explained that ‘in this extraordinary crisis we are taking extraordinary measures to stop the spread of misinformation and disrupt disinformation campaigns online’.
Microsoft finds FoxBlade malware hit Ukraine hours before Russian operation
Microsoft disclosed that it detected FoxBlade malware targeting Ukraine’s government ministries and financial institutions on 25 February, hours before Russian operations started. Microsoft notified Ukraine’s top cyber defence authority of the malware. The company also shared the malicious code with European countries upon a request from Anne Neuberger, US Deputy National Security Advisor for Cyber and Emerging Technology.
Facebook will demote and label posts linking to Russian state media
Meta, the parent company of Facebook and Instagram, has stated that it will begin demoting Facebook and Instagram posts linking to Russian state media outlets such as RT and Sputnik in order to reduce the frequency with which they appear in news feeds. To provide context to users who do see the posts in their news feeds, Meta will add labels warning of links to Russian-backed media websites.