Ransomware Groups Likely to Use Cover of Ukraine War to Increase Activity - Shields Up

Highly recommended to keep your user’s security awareness at a heightened level as hacking activity is highly likely to increase in the wake of Russia’s unprovoked attack on the Ukraine.

The Conti Group a soviet sphere ransomware actor announced on their leak site that they are hacktivists who will go after any entity attacking Russia’s critical infrastructure. For ransomware groups operating in the Russian sphere of influence, this is a convenient way to use the cover of the Ukraine war to curry favor with Moscow. Likely, they hope it’s a return to “normal” with tacit or outright protection to operate freely outside of Russia sphere of influence to go after nations and their businesses aligned against the current Russian Ukraine activity. Russia had previously cracked down on the REvil ransomware gang.

The Conti Group announcement
“The Conti Team is officially announcing a full support of Russian government,” the statement says. “If anybody will decide to organize a cyberattack or any war activities against Russia, we are going to use all of our possible resources to strike back at the critical infrastructure of an enemy.”

Meanwhile, CISA has issued a “Sheilds Up” Alert

CISA recommends all organizations—regardless of size—adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets.

‘Every organization—large and small—must be prepared to respond to disruptive cyber activity,’ CISA said in the alert.