The future of cyber warfare is here. While everyone is talking about a possible WW3 because of the ongoing war between Russia and Ukraine, perhaps we should be more concerned about global cyber warfare that could cripple global critical infrastructure such as the power grid, satellites, hospital systems and other military systems.
With the exception of nuclear weapons (which used to run on floppy disks), most military and civilian systems are now connected to the Internet. An example of this is Ukraine. A few days after war broke out between Russia and Ukraine, there were reports of a new wiper malware targeting the Ukrainian government and civil organizations. The cyber attacks affected Ukrainian infrastructure such as power grids and hospital systems, as well as the government.
This week, Microsoft warned that the group behind the “HermeticWiper” cyberattacks – a series of destructive malware designed to erase data with a ransomware lure – was deployed in the first wave of cyberattacks against Ukraine. The tech giant said the malware remains an ongoing threat.
So far in the past week, HermeticWiper attacks have hit the Ukrainian government and civil organizations. According to recent reports, more wiper attacks have been identified, which are not disclosed for the time being. Microsoft added that “there remains a risk” from the threat actor behind the HermeticWiper attacks.
The HermeticWiper attacks affected “hundreds of systems spanning multiple government, information technology, financial sector and energy organizations,” Microsoft said in a statement.
It all started on February 23, the day before Russian forces invaded Ukraine, when a new data eraser was discovered being used against a number of Ukrainian units. This malware was named “HermeticWiper” based on a stolen digital certificate from a company called Hermetica Digital Ltd.
Most worrying, however, is Microsoft’s apparent admission that the HermeticWiper cyberattacks haven’t stopped on February 23. While the company did not provide details, Microsoft appears to describe an ongoing risk from the threat actor behind the HermeticWiper/FoxBlade attacks.
“Microsoft has informed customers in Ukraine about activities where possible and coordinated closely with the government in Ukraine. This support is ongoing. We have also summarized information about what we do to protect organizations in Ukraine from cyber attacks; Protection from state-sponsored disinformation campaigns; supporting humanitarian aid; and Protecting Our Employees: Digital Technology and the War in Ukraine.”
Below is a video that goes into more detail on how the HermeticWiper malware works.
Here’s another video covering the start of the largest cyberwar in history.