The Latest on Russia-Ukraine Cyber Threats

Dark Roast Intelligence Briefing

Photo by Tetiana SHYSHKINA on Unsplash

As the majority of those in the cybersecurity community know, the Russia-Ukraine war has had immense ramifications on the threat landscape over the last several months.

On February 27th, I published an article covering the events that had occurred throughout the preceding week, which included the surfacing of multiple Wiper malware variants, a phishing campaign targeting Ukrainian military personnel, and Distributed Denial-of-Service (DDoS) attacks, among other things.

In this article, given so much has happened since then, I’ll be covering some of the key events over the last month, some of the notable threat actors that have been involved, and discuss a few of the trends that have emerged.

Key Events

• March 3, 2022 — Multiple Ukrainian government websites were defaced at the hands of pro-Russian threat groups. In an attempt to spread disinformation, the sites were replaced with various messages that blamed Ukraine and President Zelensky for the war.
• March 7, 2022 — Email security vendor, Proofpoint, uncovered an ongoing phishing operation targeting European Diplomats. A threat actor dubbed RedDelta, also referred to as TA416, was found to be leveraging spearphishing and malicious URLs…