Cyber attacks on Ukraine’s government and military sector surged by 196% within the first three days of Russia’s invasion on Feb. 24, 2022, compared to the start of the month, according to Check Point Research.
The cybersecurity firm released its findings from the first few days of the conflict, finding that attacks against Ukraine far outweighed any other region, as the same sectors globally and in Russia did not show a similar increase.
Cyber attacks against Russian organizations increased by 4%, compared to the same days in the previous week, according to data from Check Point.
Compared to the Ukraine, the overall number of cyber attacks per organization increased by .2%. Regions across the world are experiencing a new decreases in cyber attacks per organization, the company says.
Interestingly, cyber attacks against the U.S. and North America have declined 12% and 13%, respectively, despite both the U.S. and Canada taking part in sanctions against Russia and supplying aid to Ukraine.
Increase in Phishing Emails
Check Point also notes phishing emails in Russian and Ukrainian languages have increased by seven times. A third of the malicious phishing emails were directed at Russian recipients sent from Ukrainian email addresses, either real or spoofed.
Check Point says it is also observing an increase of fraudulent emails taking advantage of the situation, luring recipients to donate money to fake-Ukrainian aide organizations to gain financial profit.
WhisperGate & HermeticWiper Malware
The Cybersecurity and Infrastructure Agency (CISA) and the FBI issued a joint advisory on the destructive malware, WhisperGate and HermeticWiper, both used to target organizations in Ukraine. The malware is capable of destroying computer systems and rendering them inoperable. It targets Windows devices, manipulating the master boot record, displays a fake ransomware note, and encrypts files based on certain file extension, which results in subsequent boot failure, according to SentinelLabs.
CISA and FBI notes that there is no credible threat to the U.S. at this time, but urges organizations to assess and bolster its cybersecurity.
How to Spot a Phishing Email
With any phishing email, it is imperative to look for the following, according to Check Point:
- Fake domains
- Unusual attachments
- Incorrect Grammar or tone
- Suspicious requests