BRANDEFENSE BRANDEFENSE
  • Home
  • Product
    How it works?
    Platform Overview
    Cyber Intelligence
    Brand & Reputation Protection
    Exposure Management
    Solutions
    Threat Intelligence Service
    Brand Protection
    Vulnerability Management
    Attack Surface Management
    Fraud Protection
    VIP Security
    Vulnerability Intelligence
    By Use Case
    Preventing Data Leakage
    Phishing Monitoring
    Account Takeover Detection
    Stolen Credit Cards
    Dark Web Monitoring
    Remediation and Takedown
    brandefense background
    Eliminate risks
    Explore the Brandefense
  • Blog
  • Resources
    Security News
    Threat Intelligence Researches
    Digital Risk Protection – FAQ
    We in the Press
  • Partners
    Channel Partners
    Deal Registration
  • Company
    About Us
    Career
    Privacy Policy
    Terms of Use
    Contact Us
Free Trial

BRANDEFENSE

  • Home
  • Product
    How it works?
    Platform Overview
    Cyber Intelligence
    Brand & Reputation Protection
    Exposure Management
    Solutions
    Threat Intelligence Service
    Brand Protection
    Vulnerability Management
    Attack Surface Management
    Fraud Protection
    VIP Security
    Vulnerability Intelligence
    By Use Case
    Preventing Data Leakage
    Phishing Monitoring
    Account Takeover Detection
    Stolen Credit Cards
    Dark Web Monitoring
    Remediation and Takedown
    brandefense background
    Eliminate risks
    Explore the Brandefense
  • Blog
  • Resources
    Security News
    Threat Intelligence Researches
    Digital Risk Protection – FAQ
    We in the Press
  • Partners
    Channel Partners
    Deal Registration
  • Company
    About Us
    Career
    Privacy Policy
    Terms of Use
    Contact Us
APT Groups Actively Involved During the Russia-Ukraine Cyber War

APT Groups Actively Involved During the Russia-Ukraine Cyber War

BRANDEFENSE
APT Groups
01/09/2022

Last updated on December 12th, 2022 at 01:45 pm

Table of Contents

  • Introduction
      • The Reason for The War and Reflection on The Internet
      • What is the Cyber War between Russia and Ukraine?
  • What are APT Groups?
      • What are the Roles of APT Groups in This War?
      • What are the Effects of These Attacks on Ukraine?
      • How Can Be Protected by APT Groups?

Introduction

The Russia-Ukraine war, which started last February, caused both worldwide fears and serious imbalances in the global economy. With this war, the whole world indisputably has seen Russia’s army power on the land and its cyber power in virtual reality.

Russia, which carried out many attacks on Ukraine from the land and caused thousands of people to lose their lives, also continued to work to prevent all communication channels in Ukraine by supporting cyber-attacks from virtual environments. This cyber war was carried out by APT (Advanced Persistent Threat) groups which were supported by the government.

The war, which was carried out intensively on land with the instructions given by Russia, was also carried out in virtual environments by the hackers we mentioned as APT groups. That’s why the war between Russia and Ukraine has escalated and caused many frightening events for the entire world order.

The Reason for The War and Reflection on The Internet

Crimean problems, which have continued between Russia and Ukraine since 2014, turned into a war with an attack launched by Russia in February 2022.

This war, which was carried out on the land and caused many destructions for Ukraine, was also strengthened with cyber-attacks supported by Russia; With these cyber-attacks, it was aimed to make the Ukrainian people vulnerable by blocking all communication channels.

Some of the Ukrainian people, who were exposed to many attacks from both land and virtual environments, tried to protect themselves and their families by fleeing their country, while the other part tried to protect themselves for days by finding shelters and warehouses.

The world press was able to follow this destruction thanks to reporters and journalists who went to Ukraine from different countries.

Another place where we followed the latest news about the war was social media accounts; Whenever they could access the internet, local people asked for help from the whole world through live broadcasts on their social media accounts or by sharing posts such as photos and videos.

What is the Cyber War between Russia and Ukraine?

Cyberwar is a type of attack carried out by a country to access another country’s internet databases and collapse the country’s internet infrastructure. When the purposes of cyber-attacks are examined in general, the main examples which can be given are the disruption of security in the country by hacking government websites or causing serious damage to economic conditions by accessing bank databases.

The main purpose of the cyber-attacks, which first started in January and continued during the war between Russia and Ukraine, was to both destroy the social and economic security in Ukraine and prevent people from getting help by blocking their communication channels.

What are APT Groups?

These cyber wars between countries are carried out by some state-sponsored groups called APT (Advanced Persistent Threat). These groups, which can access computer networks without authorization by using some kinds of hacking techniques, carry out activities that cause serious dangers to the country, and since their detection is a difficult and very long process, the targeted country can experience serious problems during this period.

It is claimed that hacker groups named Armageddon, UNC1151, Fancy Bear, AgentTesla, Pandora hVNC are among some APT groups that launched a state-sponsored cyber-attack on Ukraine during this war between Russia and Ukraine.

  • Armageddon is a spear-phishing campaign and its target is local state organizations.
  • UNC1151 is a suspected state-sponsored cyber espionage group and its target is military personnel.
  • Fancy Bear is a hacker group and its target is various organizations around the world.
  • AgentTesla is a very popular APT group and it steals information as a Trojan.
  • Pandora hVNC is another APT hacker group and is used by most advanced users.

What are the Roles of APT Groups in This War?

Russian-sponsored cyberattacks by APT groups posed threats to Ukraine both in terms of security and economy for months and were condemned by many countries of the world.

APT groups hacked the defense ministry’s websites, causing a security breach, and accessed the databases of Ukraine’s two largest banks, preventing people from using them. These attacks over the country from all areas caused both the government and the people to become much more vulnerable to attack, causing Ukraine to spend months full of fear.

What are the Effects of These Attacks on Ukraine?

Before Russia’s attacks on Ukraine began, it was claimed that Ukraine was experiencing problems with its internet connection, and that it was under a number of cyber-attacks. February 24, which was the day the attacks began, these allegations began to be strongly proven.

These attacks which were conducted by APT groups caused some of the following destructive problems for Ukraine:

  1. The systems of the institutions and state were degraded, and this situation made Ukraine vulnerable to possible dangers.
  2. By blocking the Internet access of the Ukrainians, Russians prevented them from accessing reliable information and communicating in case of emergency.
  3. The economic destruction of the whole country by hacking and having access to Ukrainian bank accounts.

How Can Be Protected by APT Groups?

Cyber-attacks, especially those carried out with the support of the government, have been created and planned for many years, so the traditional methods such as firewalls and antivirus programs used against these cyber-attacks are insufficient.

It is almost impossible to prevent a cyber-attack or it takes a long time and requires a lot of effort; therefore it can be said that it is not possible to prevent a cyber-attack in times of emergency such as during the war between Russia and Ukraine.

 

Share on Facebook Share on Twitter
Search
Categories
APT GroupsBlogDark WebDRPSFraudRansomwareSector AnalysisSecurity NewsVIP SecurityWe in the PressWeekly Newsletter
Recent Posts
  • Perspective of the Month | APT Groups
    Perspective of the Month | APT Groups
  • BellaCiao: The New Malware From Iran’s Charming Kitten
    BellaCiao: The New Malware From Iran’s Charming Kitten
  • Security News Digest | Security Newsletter | April 27, 2023
    Security News Digest | Security Newsletter | April 27, 2023
  • Cyber Security Trends in 2023: What You Need to Know
    Cyber Security Trends in 2023: What You Need to Know
2023 Ransomware Trends Report
Let’s Dive in Ransomware Attack Trends
Report

Let’s Dive in Ransomware Attack Trends

Download Report
Follow us!

Continue Reading

Previous post

Security News – Week 35

security newsletter
lockbit threat actors report analysis
Next post

LockBit 3.0 Technical Analysis Report

particle element
We know what hackers know about you
Our cyber threat intelligence and security research team is ready to help you.
Request a demo
Free Trial
Contact
Login

Follow us on

brandefense logo brandefense

Brandefense is solving SOC’s complex challenges. We are here to help Brandefense customers to protect their brands and reputations against cyber threats.

United States:

300 Delaware Ave. Ste 210 #328 Wilmington, DE 19801 / USA

Turkey:

Üniversiteler Mahallesi, 1605.Cadde, Kapı No:3/1, No: 204, 06800 Çankaya/Ankara 06800

© 2022 Brandefense. All rights reserved.

Solutions
Threat IntelligenceBrand ProtectionVulnerability ManagementFraud ProtectionVIP SecurityAttack Surface ManagementVulnerability Intelligence
Use Case
Data LeakagePhishing MonitoringAccount Takeover DetectionStolen Credit CardsDark Web MonitoringRemediation / Takedown
Partners
Channel PartnersDeal Registration
Company
AboutCareerPrivacy PolicyTerms Of UseContact
Manage Cookie Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage vendors Read more about these purposes
View preferences
{title} {title} {title}
Close
Search

Hit enter to search or ESC to close