Tensions between the Ukrainian and Russian governments were running high at the beginning of 2022. And now, in a span of two months, Russia has launched devastating and catastrophic attacks on Ukraine. Cities are being bombed, people are losing their homes, and a mass exodus of refugees is expected. While the war on land continues, cyberspace is being used to weaken Ukraine’s defenses.
Right now, we can’t deny the fact that the Russian security services are very capable in the cyber arena. Global IT sectors all around the world have welcomed Russian companies as full partners. On top of the list is Kaspersky, Zer0Data, ANY.RUN, Site Secure, are the other known cybersecurity companies in Russia.
According to resources, Kaspersky is the fourth largest anti-malware provider for Windows computers in terms of market share. If Russia decided to strike Asia and the Middle-East, it already had a ready-made channel: anti-malware software built to defend against that threat.
We at Rewterz are committed to providing actionable Threat Intelligence (TI) for humanitarian support, to secure and protect our customers globally.
Russian developers have developed a large portion of the code that organizations integrate into their projects. If Russia suddenly takes an antagonistic stance with NATO allies or nations backing Ukraine, Russian developers working with your firms may become enemy combatants.
Russian intelligence agencies are capable of enlisting the help of domestic criminals to achieve their goals. Cyber actors that reside in Russia often target entities within NATO nations and anytime Russia could task them to conduct destructive or disruptive operations against financial entities, relying heavily on ransomware or wipers as the method of disruption to other nations.
According to a report, Russia’s IT outsourcing industry reached $6.75 billion in 2020.
This figure itself is quite alarming! It’s because outsourcing also assigns control of IT operations to the vendor organization. If Russia becomes a hostile player, the control granted by the organizations to Russian outsourcing operations could result in handing over all of their passwords and authentication credentials.
The Russian-Ukrainian war will perhaps have the acute cyber risks on the business and financial sector. Economic sanctions and measures taken against Russia will ultimately warrant an asymmetric response from the immensely capable country.
Organizations and countries that are opposing Russian aggression and are taking actions to limit Russian involvement in their commerce, contests, and events, can face an elevated risk of retaliation in the future.
It may be improbable that Russian vendors will give up their market edge to support a conflict. But, No one knows what the future holds. The Russian-Ukrainian conflict will likely pour over from the European borders to Asian and Middle Eastern countries. Cyber Vigilance has become a necessity, and if organizations believe that they will not become a target, then they have already lost.
Second-order or third-order impacts are already seen in our cybersecurity environments as Chinese adversaries like Mustang Panda have also been taking advantage of the Russian-Ukrainian cyber warfare and used the situation to deploy malware using maldocs impersonating Ukraine.
While the Russian-Ukrainian cyber warfare creates an atmosphere of uncertainty in Europe and globally, a need for improved cybersecurity has arised. Some of the main cyberthreats that we believe will increase are DDoS attacks, APT attacks, Ransomware attacks, Phishing and Malware attacks, Zero-Day Vulnerabilities, Financial Frauds, and other emerging threats.
Rewterz has been actively monitoring the Russian-Ukrainian conflict and providing our customers with enriched information that will help improve your organization’s cyber posture. Given the rapid pace of events surrounding the conflict, here is the chronological timeline of developments related to the ongoing cyberwar:
We are reaching out to let you know our entire organization is on high alert and that we are assisting our customers and the community in any way possible.
Therefore, through our Threat Intelligence, Threat Hunting, and SOC services, we are making numerous complementary tools accessible to aid the larger global community.
Gerden, E. (2022). Russian IT market growing steadily after the pandemic. Retrieved 27 October 2021, from https://www.computerweekly.com/news/252508694/Russian-IT-market-growing-steadily-after-pandemic
Gewirtz, D. (2022). How to avoid being unwillingly drafted as a cyber combatant in the Russia-Ukraine war | ZDNet. Retrieved 25 February 2022, from https://www.zdnet.com/article/how-to-avoid-being-unwillingly-drafted-as-a-cyber-combatant-in-the-russia-ukraine-war/
R. Kolbe, P., Zabierek, L., & Morrow, M. (2022). The Cybersecurity Risks of an Escalating Russia-Ukraine Conflict. Retrieved 18 February 2022, from https://hbr.org/2022/02/the-cybersecurity-risks-of-an-escalating-russia-ukraine-conflict
Rewterz Threat Alert – APT Mustang Panda – Active IOCs – Russian-Ukrainian Cyber Warfare | | Rewterz. (2022). Retrieved 1 March 2022, from https://www.rewterz.com/rewterz-news/rewterz-threat-alert-apt-mustang-panda-active-iocs-russian-ukrainian-cyber-warfare
SADOWSKI, J., & HALL, R. (2022). Responses to Russia’s Invasion of Ukraine Likely to Spur Retaliation | Mandiant. Retrieved 4 March 2022, from https://www.mandiant.com/resources/russia-invasion-ukraine-retaliation