US Warns Destructive Malware Hitting Ukraine Could 'Spill Over' To Infect Others

pcmag.com:

A recent wave of “destructive malware” that hit Ukraine is causing US officials to warn about future attacks “spilling over” and ensnaring other companies across the globe.

Over the weekend, the US’s Cybersecurity and Infrastructure Security Agency sounded the alarms about the destructive malware attacks escalating in an official alert to the public.

“Further disruptive cyberattacks against organizations in Ukraine are likely to occur and may unintentionally spill over to organizations in other countries,” CISA said in the warning. 

The malware has been described as destructive because the attacks are designed to corrupt the Windows OS, and render the computer inoperable. Last week, antivirus providers noticed one such strain, dubbed HermaticWiper, targeting organizations in Ukraine, including those in the aviation, defense, financial and IT services sectors.  

A month earlier, Microsoft warned about a separate strain, dubbed WhisperGate, which was also found targeting computers in Ukraine. In both cases, the malware packages were designed to tamper with a computer’s Master Boot Record, which tells the hardware how to load the OS. 

Who’s responsible for the malware remains unclear. But in the past, the US has blamed Russian military intelligence officials for developing other destructive malware attacks that ended up causing power blackouts in Ukraine.  

CISA also refrained from directly pointing fingers at the Kremlin. But with Russia still invading Ukraine, the agency is telling US companies to be on guard against another wave of destructive malware attacks. The alert includes tips on how organizations can bolster their IT defenses to ward off the malware, such as conducting antivirus scans, using stronger spam filters