DailyPost 1944
DATA-WIPING ATTACKS
There is no moment when Cyber Security will not surprise you. The nature of attacks also has connections with the older versions and the digital modus operandi practices of the recent past. The main objective is to keep the world on its toes and that is where their success lies. Surprise is the key and if the enterprises learnt to manage their cyber risk in the very same manner as they manage their physical risks this industry would have been dead and buried a long time back. As the tech world becomes more and more dynamic, real time and hyper connected, even the practitioners, not clear and familiar with all the risks, will unknowingly allow the attackers keep marauding the world in a variety of ways.
As if the varieties of ransomware and the varieties of ransom demanded were not enough, we have the Data Wiping cyber-attacks which have posed a new risk reality to for to tackle. The Cybersecurity and Infrastructure Security Agency, CISA, has urged US organizations to strengthen their cyber security defences against the data wiping. This threat seems to be lurking is largely based on the recently seen attacks targeting Ukrainian government agencies and businesses. The attackers have conducted the website defacement attacks using the CVE-2021-32648 vulnerability in the OctoberCMS platform.
It is suspected by the Ukrainian Cyber Police who are investigating the case said, that there has been the use of Log4j vulnerabilities and stolen credentials as other means of access to the networks and servers. BleepingComputer reported that Ukraine government agencies and corporate entities suffered coordinated attacks last Friday. In the attack the websites were defaced and data wiping malware was deployed to corrupt data. This would finally allow Windows devices to become interoperable. These two types of attacks were originally thought to be different attacks. In a recent Ukrainian press release stated that the entities were hit by both attacks, leading to the conclusion that they were coordinated.
”The interface (replacement of displayed information) of websites of attacked government agencies and destruction of data by Viper are part of a cyber attack,” has been clearly indicated by the Ukrainian government. The aim was to cause as much damage as possible to the infrastructure of state electronic resources. Ukraine has blamed these attacks on Russia, given the geo-political tensions in that area and the immense capability which Russia is in possession of. There are other security experts attributing it to Ghostwriter, a state sponsored hacking group connected to Belarus. Future is not ours to see, what will be, will be, but the ominous signs are right there. Don’t say we didn’t warn you when you get wiped of your data.
IF YOU ARE WIPED OF YOUR DATA, THE DIGITAL RESURRECTION MAY THROW YOU OUT OF GEAR.
Sanjay Sahay