Microsoft warns of the new malware family disguised as ransomware which is being used in attacks against multiple organizations in Ukraine. Since January 13th, Microsoft detected attacks that implement a destructive two-stage attack used to intentionally destroy their victim’s data. Because the malware does not offer a means to recover the maliciously encrypted data, Microsoft did not classify this as ransomware (an attack aimed to collect a ransom payment), but rather a deliberately destructive attack. With geopolitical tensions recently escalating between Russia and Ukraine, it is believed that the malware attacks are designed as an intimidation campaign to propagate chaos in Ukraine.
Due to the coordinated cyberattacks against Ukraine last week, the Cybersecurity and Infrastructure Security Agency (CISA) urges U.S. organizations to strengthen their cybersecurity defenses against data-wiping attacks.
“This CISA Insights is intended to ensure that senior leaders at every organization in the United States are aware of critical cyber risks and take urgent, near-term steps to reduce the likelihood and impact of a potentially damaging compromise,” warns a new CISA Insights bulletin. “All organizations, regardless of sector or size, should immediately implement the steps outlined below.”
While the CISA’s recommendations are in direct response to the recent cyberattacks on Ukraine, their recommended steps are also excellent advice for all businesses looking to prevent any network intrusion or ransomeware attack.