Russian hackers attacked Ukraine's document management system – NSDC
The National Coordination Center for Cybersecurity under the National Security and Defense Council (NSDC) of Ukraine has warned of a cyberattack on the document management system of government bodies, the NSDC's press service has reported.
"The National Coordination Center for Cybersecurity under the National Security and Defense Council of Ukraine has recorded attempts to disseminate malicious documents through the System of Electronic Interaction of Executive Bodies (SEI EB). The purpose of the attack was the mass contamination of information resources of public authorities, as this system is used for the circulation of documents in most public authorities," the report reads.
According to the report, the malicious documents contained a macro that, when opening files, secretly downloaded a program to remotely control a computer. The methods and means of carrying out this cyberattack allow connecting it with a hacker spy group from the Russian Federation.
"According to the scenario, the attack belongs to so-called supply chain attacks. It is an attack in which attackers try to gain access to the target organization not directly, but through the vulnerabilities in the tools and services it uses," the NSDC said.
According to the report, the most notorious and large-scale attacks of this type were NotPetya, aimed at damaging Ukrainian infrastructure in 2017, and Solorigate – Russia's cyber-espionage operation in 2020-2021, which is currently being investigated in the United States. In these cases, the malicious code was spread through distributed software (MeDoc in Ukraine and Solarwinds products in the United States), which was compromised by the attackers.
On February 22, the NSDC reported DDoS attacks on the websites of the Ukrainian security and defense sector, the source of which are IP addresses belonging to certain Russian traffic exchange networks.
op