The Ukraine War Is Becoming More Digital

Modern warfare has become increasingly digital, with cyberattacks playing a significant role in the conflict between Ukraine and Russia. According to the ESET Threat Report (covering October to December 2022), ransomware attacks have increased in this region and worldwide.

China topped the list of affected countries with the highest ransomware attacks, followed by the U.S., Russia, Ukraine, and Japan. The annual data showed that Russia led with 8% of all 2022 ransomware attacks, followed by the US with less than 7%, and Ukraine in fourth place at less than 4%.

Ransomware has been particularly damaging for Ukraine in T3 2022. Several ransomware-mimicking wipers, also known as data killers, appeared during the war and targeted Ukrainian entities.

Despite the increasing threats, Remote Desktop Protocol (RDP) password-guessing attacks dropped in prevalence during T3 2022. The daily average oscillated around 100 million attack attempts compared to 1 billion in T1 2022. Nonetheless, RDP remains the top network attack vector, as the ESET Threat Report confirmed.

"The ongoing war in Ukraine has created a divide among ransomware operators, with some supporting and others opposing the aggression. Attackers have also been using increasingly destructive tactics, such as deploying wipers that mimic ransomware and encrypt the victim’s data with no intention of providing a decryption," explains Roman Kováč, Chief Research Officer at ESET.

Energy prices, crypto, and other threats

As the war in Ukraine continues, the energy cost has steadily risen. This has directly impacted the cost of cryptocurrency, as energy is a significant factor in mining operations. In turn, this has caused crypto-threats to become more prevalent.

Cryptocurrency-related scams have also seen an uptick in T3, with ESET products blocking an increase of 62% in cryptocurrency-themed phishing websites. The FBI has also issued a warning about an increased number of crypto-investment schemes.

Although infostealer detections have declined in both T3 and banking malware was an anomaly in 2022, it has experienced a 100% year-on-year growth.

Over the holiday season, ESET uncovered various malicious threats, such as augmented phishing activities that disguise themselves as online stores and increased Android adware detections due to numerous low-grade mobile games appearing on alternative app stores.

ESET also discovered RansomBoggs, a ransomware with the fingerprint of the Sandworm group, targeting multiple organizations in Ukraine.

Image credit: iStockphoto/IherPhoto