Ukraine suspects group linked to Belarus intelligence over cyber attack – Security
Kyiv thinks a hacker group connected to Belarusian intelligence carried out a cyber attack that strike Ukrainian governing administration internet sites final week and made use of malware comparable to that made use of by a group tied to Russian intelligence, a senior Ukrainian security official mentioned.
Serhiy Demedyuk, deputy secretary of the countrywide security and defence council, explained to Reuters that Ukraine blamed the attack – which defaced governing administration internet sites with threatening messages – on a group known as UNC1151 and that it was deal with for much more damaging steps guiding the scenes.
“We feel preliminarily that the group UNC1151 may perhaps be included in this attack,” he mentioned.
His reviews offer you the very first in depth examination by Kyiv on the suspected culprits guiding the cyberattack on dozens of internet sites.
Officials mentioned Russia was almost certainly included but gave no information. Belarus is a near ally of Russia.
The cyber attack splashed internet sites with a warning to “be afraid and expect the worst” at a time when Russia has massed troops around Ukraine’s borders, and Kyiv and Washington worry Moscow is setting up a new armed service assault on Ukraine.
Russia has dismissed these types of fears as “unfounded”.
The business of Belarusian President Alexander Lukashenko did not promptly answer to a ask for for comment about Demedyuk’s remarks.
Russia’s international ministry also did not promptly answer to a ask for for comment on his remarks. It has earlier denied involvement in cyberattacks, which include from Ukraine.
“The defacement of the sites was just a deal with for much more damaging steps that were having spot guiding the scenes and the repercussions of which we will truly feel in the around future,” Demedyuk mentioned in created reviews.
In a reference to UNC1151, he mentioned: “This is a cyber-espionage group affiliated with the specific solutions of the Republic of Belarus.”
‘Track record’
Demedyuk, who made use of to be the head of Ukraine’s cyber law enforcement, mentioned the group experienced a keep track of report of focusing on Lithuania, Latvia, Poland and Ukraine and experienced spread narratives decrying the NATO alliance’s existence in Europe.
“The malicious software package made use of to encrypt some governing administration servers is pretty comparable in its features to that made use of by the ATP-29 group,” he mentioned, referring to a group suspected of involvement in hacking the Democratic Countrywide Committee before the 2016 US presidential election.
“The group specialises in cyber espionage, which is affiliated with the Russian specific solutions (International Intelligence Assistance of the Russian Federation) and which, for its attacks, resorts to recruiting or undercover perform of its insiders in the appropriate firm,” Demedyuk mentioned.
The messages left on the Ukrainian internet sites on Saturday were in a few languages: Ukrainian, Russian and Polish.
They referred to Volhynia and Eastern Galicia, wherever mass killings were carried out in Nazi German-occupied Poland by the Ukrainian Insurgent Army (UPA).
The episode continues to be a place of contention among Poland and Ukraine.
Demedyuk prompt the hackers experienced made use of Google Translate for the Polish translation.
“It is noticeable that they did not be successful in misleading anybody with this primitive process, but nonetheless this is evidence that the attackers ‘played’ on the Polish-Ukrainian relations (which are only finding stronger each individual working day),” he mentioned.