The National Coordination Center for Cybersecurity (NCCC) at Ukraine's National Security and Defense Council (NSDC) warns about the high level of cyber threats in Ukraine due to a large-scale cyber attack in the United States.
Almost all U.S. government agencies were affected by the attack. The hack occurred through the SolarWinds Orion Platform product management system update server (its versions 2019.4 - 2020.2.1 HF1), as reported on the NSDC's website.
The attack is linked to the activities of the hacker group APT29 or Cozy Bear, which is in a way accused of links with Russia's foreign intelligence service.
Read alsoDutch expel two Russian diplomats on suspicions of espionage in hi-tech sectorAccording to the information currently available to the NCCC, the attack is very similar to the Ransom: Win32/Petya attack that occurred in Ukraine in 2017.
"Given that SolarWinds products are not widely used by government agencies in Ukraine, the risks of damaging Ukrainian government systems are not critical. However, the high activity of hacker groups, associated with the Russian secret services, threatens those business entities that use this product and therefore poses a threat to Ukraine, which is in a state of hybrid war with the Russian Federation," reads the report.
Business entities that use this product are encouraged to check their networks for compromise.
Cyber attack in Ukraine
- On June 27, 2017, Ukrainian banks, energy companies, state-owned online resources and local networks, as well as a number of media outlets, were subjected to a major cyber attack where a malware blocked computer systems operating on Windows.
- According to the National Police, over the two days, 1,508 legal entities and individuals filed complaints to Cyber Police claiming their computers had been blocked and data encrypted.
- The losses from the attack worldwide are estimated at US$1.2 billion.