Microsoft specialists have discovered malicious software (software) in systems belonging to a number of government agencies and organizations in Ukraine, closely cooperating with the Cabinet of Ministers.
As reported in the Microsoft blog, malicious software (software) was first recorded in Ukraine on January 13, 2022.
“Malware disguises itself as ransomware, but when activated by an attacker, the infected computer system becomes inoperable,” the message says.
According to the Microsoft Threat Intelligence Center (MSTIC), the malware looks like ransomware, but does not have a ransom mechanism. This software is designed to disrupt and disable systems under attack, not to demand a ransom.
Currently, Microsoft specialists have found this software in dozens of affected systems, covering several government, non-profit organizations in Ukraine, as well as organizations involved in information technology.
At the same time, the corporation emphasizes that this number may increase with further investigation.
– Organizations affected by this malware include government agencies providing mission-critical executive functions or emergency response, as well as an IT firm operating websites for public and private sector clients, including government agencies, websites which were recently damaged… Perhaps more organizations were struck by this malicious software, their number can increase — told in Microsoft.
The corporation has not yet established a link between the cyberattack and any known threat actors monitored by Microsoft.
At the same time, the corporation noted that such destructive actions pose an increased risk for any state institution, non-profit organization or enterprise located or having systems in Ukraine.
As such, Microsoft recommends that all institutions and organizations affected by the attack immediately investigate and secure their systems.
The incident was brought to the attention of government agencies in the United States and other countries.
Meanwhile, Microsoft continues to work with cybersecurity experts to determine the origin of the malware as well as the targets of the hackers.
