Russian hackers infect 500,000 routers to launch a massive cyber attack on Ukraine

539

Cisco Systems Inc on Wednesday issued a warning that says hackers from Russia have infected over 500,000 routers including storage devices in order to launch a massive cyber attack on Ukraine. The Networking giant stressed on the fact that the attack will be of Denial of service attack genre and will be mainly targeting Ukraine’s critical infrastructure in Kiev.

Meanwhile, a news update released by a popular news source from Kiev says that the Russian Federation has already shown cyber aggression by targeting its critical infrastructure during the UEFA Champions League Final and now it was a payback time.


Note 1 –  UEFA Champions League Final is the biggest game in the club football history of this season. It is being held in the capital of Ukraine i.e in Kiev and will witness two teams Real Madrid and 5 times champion Liverpool taking on each other.  The final match of the football champions league will take place on Saturday 26,2018 and Ukraine believes that Russian hackers will try their best to disrupt the final event by knocking down the digital assets used to hold the match in a peaceful and organized manner- such as ticketing infrastructure.

A cyber intelligence unit from Cisco Talos says that it has high confidence that a hacker’s group have devised a malware dubbed VPNFilter which is likely to be used in the possible cyber attack campaign taking place on the eve of the finals. As there is evidence that the hacking software used to infect the routers in Ukraine has traces of that being previously used on US Government which was attributed to Moscow by FBI and CIA on a joint note.

Researchers from Cisco say that the malware could be used for espionage, to disrupt internet communication or launch destructive attacks on Ukraine.

Cisco Researcher Craig Williams confirmed this news to Reuters and said that Kremlin will, as usual, deny all these allegations as it has been doing till date.

The alert was issued based on the inputs provided by Cyber Threat Alliance(CTA), a non-profit group that promotes the fast exchange of data on new threats between contenders in the cybersecurity industry.

Members of CTA include Cisco, Check Point Software Technologies, Fortinet, Palo Alto Networks, Sophos Group Plc, and Symantec Group.

News is out that the technical details about VPNFilter were shared by CTA in a secret video conference with Cisco on Monday.

And as per a CTA source reporting to our Cybersecurity Insiders, a VPNFilter infects routers and internet based storage devices used in home offices and small offices, and the infected army of devices can be used to launch distributed denial of service attacks on websites owned by the government and private entities.

Note 2- Cisco Talos learned about the attack on May 8th this year and discovered that over 500,000 routers in Ukraine were infected with malware. Now after getting a confirmation from CTA, it has released the discovered data to the media and predicts that UEFA Champions League Final might get doomed with various Russian cyber threats.

Note 3- On request of Cisco, United States FBI succeeded in seizing control of the internet domain that was used by the notorious command and control server to issue instructions to infected devices. The law enforcement agency is said to take up an effort to clean up the estimated half a million infected devices before the cyber crooks could launch a cyber attack on Ukraine by Saturday this week.