Ukrainian national telecommunications operator Ukrtelecom was hit by a serious cyber attack, which triggered an outage of the nationwide network. The internet connection suffered a blackout of about 15 hours. Darktrace's comment
Ukrainian national telecommunications operator Ukrtelecom was hit by a serious cyber attack, which triggered an outage of the nationwide network. The internet connection suffered a blackout of about 15 hours. This is the comment of Toby Lewis, Global Head of Threat Analysis at Darktrace: “In this dramatic context, it is not surprising that a large Internet provider has been targeted. Disrupting telecommunications infrastructure is a practice we can expect during a military invasion and takes on much greater significance in this war dubbed "World War Wired". For now we have minimal details on the matter, but the analysis of network activity seems to show a gradual decline in connectivity, rather than a steep drop in traffic typical of DDoS attacks or ransomware at the core of the network. This could indicate that we are facing an attack that has targeted the supply chain by directly knocking out endpoint devices such as home routers. We had already seen a similar attack on the day the invasion of Ukraine began, when the US satellite connection company ViaSat was hit, and previously something similar happened with the Solarwinds Orion campaign, where the damage really only occurred after updates or configuration changes made by hackers reached customers. Some outages may actually also be the result of incident response actions taken by Ukrtelecom. It is possible, in fact, that the provider has chosen to assign priority to the connection of critical infrastructures rather than to customers or private companies, even if this choice has important consequences. Attacks like these, which target the supply chain, are increasingly widespread and worrying. Global supply chains offer cybercriminals numerous points of vulnerability to test and then exploit during attacks in an attempt to compromise sensitive systems or equipment. The challenge to be addressed and resolved as soon as possible is to gain better visibility into what is happening in today's complex digital infrastructures, to identify and take action on potential attacks as they occur and before they disrupt operations ”.
COMMENT: these are war actions, it is useless to issue sentences on what to do. Current knowledge leads to a clear inferiority with respect to the front of the attackers. Many attackers are also in our own companies, on the dark web there are packages ready for hacker attacks. We have an important solution, both to limit the dangerous phenomenon of phishing and to disconnect companies and strategic sites from the internet world using the formidable CRIPTEOS 3001 encryption system. Isn't it good in all situations? Perhaps, but nuclear power plants and important databases can be defended. As for our anti-phishing system it is a technical solution and not a product and we no longer depend on the distractions of any citizen. Read our proposals on the site.