Ukraine suspects the group is linked to Belarusian intelligence over a cyber attack by Reuters

Ukraine suspects the group is linked to Belarusian intelligence over a cyber attack by Reuters

© Reuters. FILE PHOTO: Laptop screen displays warning message in Ukrainian, Russian and Polish, which appeared on the official website of the Ukrainian Ministry of Foreign Affairs after the massive cyber attack, in this illustration taken on January 14, 2022. REUTERS / Valentyn

Author: Pavel Politykauk

KIEV (Reuters) – Kiev believes a hacker group linked to Belarusian intelligence carried out a cyber attack – Troops-2022-01-14 that hit Ukrainian government websites this week and used malicious software similar to that used by a group linked to Russian intelligence, a senior Ukrainian security official said.

Serhiy Demedyuk, deputy secretary of the National Security and Defense Council, told Reuters that Ukraine blamed a group known as UNC1151 for Friday’s attack – which disrupted government websites with threatening messages – and was a cover for even more destructive actions behind the scenes.

“We preliminarily believe that UNC1151 could be involved in this attack,” he said.

His comments offer the first detailed analysis of Kiev on the suspected culprits behind the cyber attack on dozens of websites. Officials said on Friday that Russia was probably involved, but did not give details. Belarus is a close ally of Russia.

The cyber-attack flooded the website with a warning that “you are afraid and expect the worst” at a time when Russia is gathering troops talks- tension-2022-01-14 near Ukraine’s borders, and Kiev and Washington fear that Moscow is planning a new military attack on Ukraine.

Russia has dismissed such fears as “unfounded”.

The office of Belarusian President Alexander Lukashenko did not immediately respond to a request for comment on Demedyuk’s statements.

Russia’s foreign ministry also did not immediately respond to a request for comment on his statements. He has previously denied involvement in cyber attacks, including in Ukraine.

“The damage to the sites was just a cover for the more destructive actions that took place behind the scenes and whose consequences we will feel in the near future,” Demedjuk said in written comments.

Referring to UNC1151, he said: “This is a cyber espionage group connected with the special services of the Republic of Belarus.”


Demedjuk, who was once the head of the Ukrainian cyber police, said that the group had experience in attacks on Lithuania, Latvia, Poland and Ukraine, and that it spread stories condemning the presence of the NATO alliance in Europe.

“The malware used to encrypt some government servers is very similar in its characteristics to that used by the ATP-29 group,” he said, referring to a group suspected of involvement in hacking the Democratic National Committee before the 2016 US presidential election. . years.

“The group specializes in cyber espionage, which is connected to the Russian special services (Foreign Intelligence Service of the Russian Federation) and which uses recruits or secret work of its insiders in the right company for its attacks,” Demedjuk said.

The messages left on Ukrainian sites on Friday were in three languages: Ukrainian, Russian and Polish. They mentioned Volhynia and eastern Galicia, where the Ukrainian Rebel Army (UPA) carried out mass murders in Poland occupied by Nazi Germany. This episode remains a point of contention between Poland and Ukraine.

Demedyuk suggested that hackers used Google (NASDAQ 🙂 Translate to translate into Polish.

“It is obvious that they did not manage to deceive anyone with this primitive method, but it is still proof that the attackers ‘played’ on Polish-Ukrainian relations (which only got stronger every day),” he said.

Disclaimer: Fusion Media I would like to remind you that the information contained on this website is not necessarily real-time or accurate. All CFDs (stocks, indices, futures) and Forex prices are not provided by stock exchanges, but by market makers, so prices may not be accurate and may differ from the actual market price, which means that prices are indicative and not suitable for trading. Therefore, Fusion Media assumes no responsibility for any trading losses you may incur as a result of using this information.

Fusion Media or anyone involved with Fusion Media will not accept any liability for loss or damage resulting from reliance on information including data, quotations, charts and buy / sell signals contained on this website. Please be fully informed about the risks and costs associated with trading in financial markets, this is one of the riskiest possible forms of investment.

Source link

Leave a Reply