Biden warns of US 'cyber' response after Ukraine says computers wiped during attack – ZDNet

Two Ukrainian agencies said their computers were wiped due to a larger attack on government systems.
Jonathan Greig is a journalist based in New York City.
US President Joe Biden responded forcefully to reports of a wide-ranging cyberattack on Ukrainian government systems Wednesday afternoon, telling reporters that the US would respond with its own cyberattacks if Russia continues to target Ukraine’s digital infrastructure.  
“The question is if it’s something significantly short of an…invasion or major military forces coming across,” Biden said in response to a question about how the US would respond to a Russian invasion of Ukraine. 
“For example, it’s one thing to determine that if they continue to use cyber efforts, well, we can respond the same way, with cyber.”
The Daily Beast later asked White House Press Secretary Jen Psaki, and she confirmed that if Russia continued to launch cyberattacks, they would be answered with a “decisive, reciprocal, and united response.”
Biden’s comments come after Ukrainian officials told journalist Kim Zetter that dozens of systems within at least two government agencies were wiped during a cyberattack last week. Microsoft released a detailed blog about wiping malware, named “WhisperGate,” and said it was first discovered on January 13. 
In a follow-up examination of WhisperGate, security company CrowdStrike said the malware aims “to irrevocably corrupt the infected hosts’ data and attempt to masquerade as genuine modern ransomware operations.” 
“However, the WhisperGate bootloader has no decryption or data-recovery mechanism and has inconsistencies with malware commonly deployed in ransomware operations,” CrowdStrike explained.
“The activity is reminiscent of VOODOO BEAR‘s destructive NotPetya malware, which included a component impersonating the legitimate chkdsk utility after a reboot and corrupted the infected host’s Master File Table (MFT) — a critical component of Microsoft’s NTFS file system. However, the WhisperGate bootloader is less sophisticated, and no technical overlap could currently be identified with VOODOO BEAR operations.”
Yurii Shchyhol, head of the State Service of Special Communications and Information Protection of Ukraine, told The Washington Post that one of the agencies affected by the wiper was the Motor Vehicle Insurance Bureau. 
The wipers were launched days after more than 70 Ukrainian government websites were defaced by groups allegedly associated with Russian secret services
While it was initially unclear whether the website defacements and the wiper attacks were coordinated, Ukrainian officials confirmed this week that they occurred at the same time. Kitsoft, the company that built about 50 of the government websites, told Zetter that it too discovered WhisperGate malware on its systems. 
Ukraine’s State Service for Special Communications and Protection confirmed Zetter’s reporting in a statement. Ukrainian officials floated several theories for how hackers got into their systems, theorizing that a CMS vulnerability may have been the cause. 
The Cyberpolice Department of the National Police of Ukraine also said hackers may have gotten in using the Log4J vulnerability or through compromised employee accounts. 
According to The Washington Post, Russia has brought more than 100,000 troops to its border with Ukraine. The Associated Press reported this week that Poland was also raising its nationwide cybersecurity terror threat level in response to the attacks on Ukraine. 
Finalsite says no data stolen during ransomware attack affecting 3,000 US public schools

Treasury Department sanctions four Ukrainians for allegedly helping Russia

Singapore pushed to introduce security measures amidst online banking scams

Best foldable phones 2022: You’ll flip for Samsung

Best MagSafe battery packs 2022: Charge your iPhone 12 or iPhone 13

Best Mac app 2022: 10 essential tools

Best portable power station 2022: Emergency power when you need it

Best security key 2022: Protect your online accounts

Best Kindle 2022: Paper White, Kindle Kids, and Kindle alternatives

Please review our terms of service to complete your newsletter subscription.
You agree to receive updates, promotions, and alerts from ZDNet.com. You may unsubscribe at any time. By joining ZDNet, you agree to our Terms of Use and Privacy Policy.
You agree to receive updates, promotions, and alerts from ZDNet.com. You may unsubscribe at any time. By signing up, you agree to receive the selected newsletter(s) which you may unsubscribe from at any time. You also agree to the Terms of Use and acknowledge the data collection and usage practices outlined in our Privacy Policy.
© 2022 ZDNET, A RED VENTURES COMPANY. ALL RIGHTS RESERVED. Privacy Policy | Cookie Settings | Advertise | Terms of Use

source

Share this post:

Leave a Reply