BACKGROUND:
Today, the Ukrainian special service (SSU) revealed the identities of hackers behind the notorious ‘Armagedon’ group, which is responsible for more than 5,000 cyber attacks on state bodies and critical infrastructure in the Ukraine. More information is included in the SSU blog post here.
<div><span style=\"color: #000000; font-family: Arial;\">The attribution by Ukrainian authorities is another reminder that Russia and its proxies are carrying out offensive cyber activity from occupied Ukraine. Furthermore, intrusions into Ukrainian critical infrastructure, including power plants and water systems, highlight Russia’s constantly developing cyberattack capability.</span></div>
<div><span style=\"color: #000000; font-family: Arial;\"> </span></div>
<div><span style=\"color: #000000; font-family: Arial;\">Though this group has been largely focused on Ukraine, we have seen them carry out global operations. Furthermore, due to the ongoing conflict, Ukraine has born early witness to many of Russia’s most aggressive cyberattack capabilities, from the ability to knock power offline to the earliest versions of the fake ransomware that event</span><span style=\"color: #000000; font-family: Arial;\">ually became NotPetya. If we want to see what’s coming next, we have to be mindful of the lessons already being learned in Ukraine and other countries where cyberattacks are frequent and evolving.</span></div>