According to Microsoft, Russia is preparing another devastating cyberattack against Ukraine and may expand its targets to include foreign organizations supplying Kiev.
Microsoft Threat Intelligence has revealed this news in a new report. Years of Russian mixed war in Ukraine.
Sandworm, a unit affiliated with Russia’s military intelligence agency GRU, says it is preparing a new wiper malware following last year’s Foxblade and Caddywiper efforts.
“As of late 2022, threat actors have also tested additional ransomware-style capabilities that could be used in destructive attacks against organizations outside Ukraine that perform critical functions in Ukrainian supply lines. It may be,” he added.
“The Prestige ransomware operation against Polish companies in late 2022 sets a precedent for such attacks.”
In fact, both Prestige and another subspecies, ‘Sullivan’, are associated with Sandworm. Attacks using these types of malware may have been an attempt to test the reaction of Ukraine’s allies to targeted and destructive attacks outside Ukraine, Microsoft claims.
For more information on destructive ransomware in Russia, see “Prestige” ransomware group targeting organizations in Ukraine and Poland.
Like NotPetya, ransomware is actually used as a cover for destructive attacks.
Microsoft said it observed Russian threat activity against organizations in at least 17 countries in Europe and several countries in the Americas from January to mid-February this year.
“These actions are most likely aimed at facilitating intelligence gathering against organizations providing political and material support to Ukraine, but if directed to do so, inform the destructive operations. I can do it,” he insisted.
At the same time, Russian operatives continue to wage an information war against Ukraine and its allies. They have fueled fears that Moldova could be the next target of aggression, with the Moldovan government even accusing Moscow of trying to overthrow the current pro-EU government.
The “hack and leak” operation targeting Moldovan politicians also aims to sow mistrust between Europeans and their governments, Microsoft warned.
