© Reuters. FILE PHOTO: A laptop screen displays a warning message in Ukrainian, Russian and Polish, that appeared on the official website of the Ukrainian Foreign Ministry after a massive cyberattack, in this illustration taken January 14, 2022. REUTERS/Valentyn
By Pavel Polityuk
KYIV (Reuters) -Kyiv believes a hacker group linked to Belarusian intelligence carried out a cyberattack https://www.reuters.com/world/europe/expect-worst-ukraine-hit-by-cyberattack-russia-moves-more-troops-2022-01-14 that hit Ukrainian government websites this week and used malware similar to that used by a group tied to Russian intelligence, a senior Ukrainian security official said.
Serhiy Demedyuk, deputy secretary of the national security and defence council, told Reuters that Ukraine blamed Friday’s attack – which defaced government websites with threatening messages – on a group known as UNC1151 and that it was cover for more destructive actions behind the scenes.
“We believe preliminarily that the group UNC1151 may be involved in this attack,” he said.
His comments offer the first detailed analysis by Kyiv on the suspected culprits behind the cyberattack on dozens of websites. Officials on Friday said Russia was probably involved but gave no details. Belarus is a close ally of Russia.
The cyberattack splashed websites with a warning to “be afraid and expect the worst” at a time when Russia has massed troops https://www.reuters.com/world/europe/ukraine-crisis-what-next-after-week-talks-tension-2022-01-14 near Ukraine’s borders, and Kyiv and Washington fear Moscow is planning a new military assault on Ukraine.
Russia has dismissed such fears as “unfounded”.
The office of Belarusian President Alexander Lukashenko did not immediately respond to a request for comment about Demedyuk’s remarks.
Russia’s foreign ministry also did not immediately respond to a request for comment on his remarks. It has previously denied involvement in cyberattacks, including against Ukraine.
“The defacement of the sites was just a cover for more destructive actions that were taking place behind the scenes and the consequences of which we will feel in the near future,” Demedyuk said in written comments.
In a reference to UNC1151, he said: “This is a cyber-espionage group affiliated with the special services of the Republic of Belarus.”
‘TRACK RECORD’
Demedyuk, who used to be the head of Ukraine’s cyber police, said the group had a track record of targeting Lithuania, Latvia, Poland and Ukraine and had spread narratives decrying the NATO alliance’s presence in Europe.
“The malicious software used to encrypt some government servers is very similar in its characteristics to that used by the ATP-29 group,” he said, referring to a group suspected of involvement in hacking the Democratic National Committee before the 2016 U.S. presidential election.
“The group specializes in cyber espionage, which is associated with the Russian special services (Foreign Intelligence Service of the Russian Federation) and which, for its attacks, resorts to recruiting or undercover work of its insiders in the right company,” Demedyuk said.
The messages left on the Ukrainian websites on Friday were in three languages: Ukrainian, Russian and Polish. They referred to Volhynia and Eastern Galicia, where mass killings were carried out in Nazi German-occupied Poland by the Ukrainian Insurgent Army (UPA). The episode remains a point of contention between Poland and Ukraine.
Demedyuk suggested the hackers had used Google (NASDAQ:) Translate for the Polish translation.
“It is obvious that they did not succeed in misleading anyone with this primitive method, but still this is evidence that the attackers ‘played’ on the Polish-Ukrainian relations (which are only getting stronger every day),” he said.
Disclaimer: Fusion Media would like to remind you that the data contained in this website is not necessarily real-time nor accurate. All CFDs (stocks, indexes, futures) and Forex prices are not provided by exchanges but rather by market makers, and so prices may not be accurate and may differ from the actual market price, meaning prices are indicative and not appropriate for trading purposes. Therefore Fusion Media doesn`t bear any responsibility for any trading losses you might incur as a result of using this data.
Fusion Media or anyone involved with Fusion Media will not accept any liability for loss or damage as a result of reliance on the information including data, quotes, charts and buy/sell signals contained within this website. Please be fully informed regarding the risks and costs associated with trading the financial markets, it is one of the riskiest investment forms possible.
Stay connected with us on social media platform for instant update click here to join our Twitter, & Facebook
We are now on Telegram. Click here to join our channel (@TechiUpdate) and stay updated with the latest Technology headlines.
For all the latest Business News Click Here
For the latest news and updates, follow us on Google News.
Denial of responsibility! NewsAzi is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.
