The Pentagon and NATO countries are behind massive cyberattacks from Ukrainian territory against the Russian critical infrastructure, the press office of Russia’s Federal Security Service (FSB) claimed.
Over 5,000 hacker attacks on Russian critical infrastructure have been recorded since the beginning of 2022, the press office said in a statement. ‘The analysis of revealed computer threats has helped obtain data evidencing that the United States and NATO countries used Ukrainian territory for carrying out massive computer attacks on civilian infrastructure facilities in Russia,’ the security agency stated. The FSB further claimed that Washington wants to portray only Ukraine as the ‘author” of these cyberattacks. However, FSB stressed that the Pentagon is directly involved in developing these cyberattacks in consultation with international and national hacker groups such as Anonymous, Silence, Ghost Clan from the United States, RedHack from Turkey, GNG from Georgia, and Squad 303 from Poland.
Ukrainian hacktivist group Kiber Sprotyv (Cyber Resistance) claimed to have breached the email of Sergey Alexandrovich Morgachev, who is believed to be the leader of the Russian state-sponsored hacker group Fancy Bear, also known as APT28.
Kiber Sprotyv uncovered Morgachev’s personal data, his home address, car plates, the location of the Russian hackers’ secretive office, and associates of Morgachev. They shared the data with InformNapalm volunteer intelligence community.
Morgachev serves as a Lieutenant Colonel of the Russian Main Intelligence Directorate of the General Staff of the Russian Army (GRU). In 2018, he was named in a US indictment charging Russian nationals with attempting to hack the Democratic National Committee (DNC) ahead of the 2016 US presidential election.
Yurii Shchyhol, the head of the Ukrainian State Service of Special Communications and Information Protection, warns there might be an ongoing World Cyber War since the start of Russia’s invasion. Russian cyberespionage and cyberattacks since 24 February weren’t targeted only at Ukraine. Their intervention has been recorded in 42 countries across six continents, mostly from NATO and countries which supported Ukraine during this period.
Shchyhol has stated for Politico that the world has been awakened and that countries are more willing to intensely cooperate with each other on these issues. He also advised: ‘But what we need are not further sanctions and further efforts to curb cyberattacks, we also need for global security companies to leave the market of the Russian Federation. Only then can we ensure the victory will be ours, especially in cyberspace.’
In this interview, it was said that there is strong assistance from the U.S. Cyber Command and the National Security Agency as all of Russia’s attacks are ‘an ongoing, continuous war, including the war in cyberspace.’ What Shchyhol also warns us is that despite the two-month stagnation of Russian cyber attacks, what they’re doing is just a part of their tactic in order to collect resources for another attack – which will likely be on a global level.
The Costa Rican Social Security Fund (CCSS), i.e. Costa Rica’s public health service was hit by Hive ransomware and forced to shut its systems down. The ransomware was deployed on at least 30 out of 1,500 government servers, CCSS told local media.
Cybersecurity experts suggested that Hive might be working with Conti to help Conti rebrand.
Italian police thwarted hacker attacks by pro-Russian hacker groups Killnet and Legion during the 10 May semi-final and 14 May final of the Eurovision Song Contest (ESC) in Turin, Italy. Russia was excluded from the competition due to what it calls its special military operation in Ukraine, while Ukraine went on to win the contest.
Killnet denied the attack on ESC, but then declared cyberwar on 10 countries in the same Telegram post. In a separate video, the group stated that these 10 countries are ‘the US, the UK, Germany, Italy, Latvia, Romania, Lithuania, Estonia, Poland, and Ukraine.’
The OEWG reached agreement to apply modalities for the participation of stakeholders as proposed by the Chair on 20 April, through a silent procedure. NGOs both with and without ECOSOC status should inform the OEWG Secretariat of their interest to participate. However, states can object to the participation of NGOs without consultative status with ECOSOC. The approved NGOs will be invited to participate as observers in the formal sessions, make oral statements during a dedicated stakeholder session, and submit written inputs to be posted on the OEWG’s website. The modalities will be read out at the OEWG’s third substantive session for the formal record.
