A massive cyber-attack is undergoing in Ukraine Cisco Systems warned, cited by Reuters. So far there have been infected at least 500,000 routers and storage devices in dozens of countries with highly sophisticated malicious software, all in preparation of an another massive cyber attack on Ukraine.
Cisco’s Talos cyber intelligence unit said it has high confidence that the Russian government is behind the campaign because the hacking software shares code with malware used in previous attacks that the US government has attributed to Moscow.
The software can be used for espionage, for interfering with internet communications or to launch destructive attacks on Ukraine, which authorities accused Russia before for massive hacks that took out parts of its energy grid and shuttered factories.
Warnings about the malware, including software that targets industrial networks like the ones operating the electric grid, will come also from members of the Cyber Threat Alliance, a nonprofit group that fights against hackers.
The Alliance includes Cisco, Check Point Software Technologies, Fortinet, Palo Alto Networks, Sophos Group and Symantec Corp.
Infected devices are scattered across at least 54 countries, but Cisco determined the hackers are targeting Ukraine following a surge in infections in that country on May 8. The companies researchers decided to go public because they feared the surge will mean that Russia is preparing an attack there next month, possibly around Ukrain’s Constitution Day on June 28.
The researchers discovered that the malware also includes an auto-destruct feature that can be used to delete the malware and other software on infected devices making them inoperable.