NSDC warned of cyber attack on government bodies’ document flow
The National Security and Defense Council of Ukraine warned of a cyber attack on the document flow system of government bodies. This was reported on the website of the National Security and Defense Council.
The National Coordination Center for Cyber Security under the NSDC has recorded several attempts to disseminate malicious documents through the System of Electronic Interaction of Executive Bodies (SEI EB).
The NSDC reckoned that the purpose of the attack was the mass contamination of information resources of government agencies, because this is the system that is employed to ensure the document flow in majority of public authorities.
“The malicious documents contained a macro that secretly downloaded a program to remotely control a computer when opening the files. (…) According to the scenario, the attack belongs to the so-called supply chain attacks. It is an attack in which attackers try to gain access to the target organization not directly, but through the vulnerabilities in the tools and services it uses, ” the NSDC said.
The most notorious and large-scale attacks of this type were NotPetya, aimed at damaging Ukrainian infrastructure in 2017, and Solorigate, a cyber espionage operation in the Russian Federation in 2020-2021, which is currently being investigated in the United States. In these cases, the malicious code was spread through software (MEDOC in Ukraine and Solarwinds products in the United States), which was compromised by the attackers.
As IMI reported, on February 22, the National Security and Defense Council of Ukraine warned about a new mechanism of attacks on the Ukrainian segment of the Internet, mainly on the websites of the security and defense sector.
On February 18, the website of the Security Service of Ukraine ceased to operate due to a hacker attack.