A special Ukrainian group of suspects linked to Belarusian intelligence in connection with a cyber attack

In this illustration taken on January 14, 2022, the laptop screen shows a warning message in Ukrainian, Russian and Polish languages ​​that appeared on the official website of the Ukrainian Ministry of Foreign Affairs after the massive cyber attack. REUTERS / Valentyn Ogirenko / Illustration

Sign up now for unlimited free access to Reuters.com

  • Ukrainian government websites have been hit by a cyber attack
  • Russia has concentrated its forces near the Ukrainian border
  • The United States held security talks with Russia this week

KYIV, Jan. 15 (Reuters) – Kiev believes a hacker group linked to Belarusian intelligence has been hijacked. Cyber ​​attack A senior Ukrainian security official said it had attacked Ukrainian government websites this week and used malware similar to that used by a group linked to Russian intelligence.

Serhiy Demedyuk, deputy secretary general of the National Security and Security Council, told Reuters that Friday’s attack on Ukraine – which disrupted government websites with threatening messages against a group known as UNC1151 – and that it was a cover-up for even more destructive acts behind the scenes. read more

“We initially believe that a group called UNC1151 may have been involved in the attack,” he said.

Sign up now for unlimited free access to Reuters.com

His comments provide the first comprehensive analysis of the suspected perpetrators behind the cyber attack on dozens of websites. On Friday, officials said Russia may have been involved but did not provide any details. Belarus is a close ally of Russia.

At a time when cyber-attacks are rampant in Russia, websites have been flooded with warnings to “be afraid and expect the worst”. Troops Near the borders of Ukraine, and Kiev and Washington fear that Moscow is planning a new military offensive against Ukraine.

See also  1,100 people, including 380 children, were killed in the devastating floods in Pakistan

Russia has dismissed such fears as “unfounded.”

The office of Belarusian President Alexander Lukashenko did not immediately respond to a request for comment.

Russia’s Foreign Ministry did not immediately respond to a request for comment. It has previously denied involvement in cyber-attacks against Ukraine.

“The decay of sites is a cover for more destructive acts going on behind the scenes and we will realize its consequences in the future,” Demedio said in a written statement.

In a note to UNC1151, he said: “This is an Internet-spy group affiliated with the Special Services of the Republic of Belarus.”

‘Track Record’

Demediuk, who heads Ukraine’s cyber police, said the group had a track record of targeting countries such as Lithuania, Latvia, Poland and Ukraine, and had spread stories criticizing the presence of the NATO alliance in Europe.

“The malicious software used to encrypt certain government servers is very similar in properties used by the ATP-29 group,” he said, referring to a group suspected of hacking the Democratic National Committee ahead of the 2016 US presidential election.

“The group specializes in cyber intelligence, which is associated with the Russian special services (foreign intelligence service of the Russian Federation) and, for its attacks, seeks to recruit its insiders or covert work in the right organization,” Demediuk said.

The messages posted on Ukrainian websites on Friday were in three languages, Ukrainian, Russian and Polish. They referred to Volginia and East Galicia, where massacres were carried out by the Ukrainian rebel army (UPA) in Nazi-occupied Poland. The episode is a point of contention between Poland and Ukraine.

See also  'I think he will': Zelenskiy hopeful President Biden will visit Ukraine | Volodymyr Zelenskiy

Demediuk suggested that hackers use Google Translate for Polish translations.

“It is obvious that they did not succeed in misleading anyone in this primitive manner, but it is a testament to the fact that the attackers ‘played’ on Polish-Ukrainian relations (which are getting stronger every day),” he said.

Sign up now for unlimited free access to Reuters.com

Additional report by Andrey Ostroukh in Moscow; Written by Matthias Williams, edited by Timothy Heritage

Our standards: Thomson Reuters Trust Principles.

Leave a Reply

Your email address will not be published.