- Ongoing political tensions between Russia and Ukraine are at a breaking point, with the US and other NATO nations preparing to assist Ukraine if a military conflict arises.
- Russia and Ukraine have a long history of state-sponsored cyber conflicts, including both espionage and disruptive attacks.
- Recent cyber activity targeting Ukraine includes multiple government website defacements and WhisperGate, a wiper malware disguised as ransomware. IOCs for PolySwarm’s samples of WhisperGate are provided.
- Hacktivists recently attacked Belarus Railway to protest Russian troop transport and demand the release of “political prisoners.” This incident marked the first time hacktivists have leveraged ransomware in pursuit of political objectives.
- The cyber struggle between Russia and Ukraine has the potential to spill over and have a real-world kinetic impact. Our analysts provide a list of implications.