Category Archives: destructive cyberattack

UK government blames Russian military for infamous ‘NotPetya’ cyberattacks

Posted on by

The United Kingdom’s government is blaming the Russian military for a famous cyberattack that took place last June. This is now the second country to publicly recognize that NotPetya was carried out by Russia— Ukraine being the first. The National Cyber Security Centre (NCSC) conducted an assessment, saying that the purpose of the cyberattack was to disrupt Ukraine’s financial systems. The sophistication and planning of the attack required considerable resources and time, according to the NCSC. “The Kremlin has positioned Russia in direct opposition to the West: it doesn’t have to be that way.  We call upon Russia to be the responsible member of the international community it claims to be rather then secretly trying to undermine it,” Foreign Office Minister of State with responsibility for Cyber, Lord (Tariq) Ahmad of Wimbledon said in a NCSC statement. NotPetya, a destructive ransomware virus, infected thousands of computers used in financial, energy […]

The post UK government blames Russian military for infamous ‘NotPetya’ cyberattacks appeared first on Cyberscoop.

Continue reading UK government blames Russian military for infamous ‘NotPetya’ cyberattacks

Shamoon 2.0 and StoneDrill are separate campaigns, but target the same country

Posted on by

The complex, destructive cyberattacks launched against Saudi Arabian businesses and government organizations in recent months are likely coming from at least two separate groups with aligned interests, according to a group of cybersecurity intelligence and research professionals. Based on newly released forensic evidence unearthed by Kaspersky Lab’s Global Research and Analysis Team, data destroying malware known respectively as Shamoon 2.0 and StoneDrill has been located in computers stationed in Saudi Arabia. Beginning in Nov. 2016, researchers say there’s been three different “waves” of Shamoon 2.0 hitting computers in Saudi Arabia — executed twice in November and most recently on Jan. 23. According to the Saudi National Cyber Security Center, Shamoon 2.0 has so far infected 11 organizations. Multiple reports attribute Shamoon 2.0 to Iranian government hackers, though Kaspersky Lab does not provide attribution. “The Iranian attacks are probably a consequence of their incredibly strained relations,” said John Hultquist, iSight’s director of espionage analysis. “Tensions rose from a stampede which […]

The post Shamoon 2.0 and StoneDrill are separate campaigns, but target the same country appeared first on Cyberscoop.

Continue reading Shamoon 2.0 and StoneDrill are separate campaigns, but target the same country