California-based telecommunications giant Cisco sounded the alarm Wednesday, saying the company had identified more than 500,000 computers infected with malware to be used in a massive upcoming cyberattack. Who is behind this? Russia, of course.
Some 500,000 computers have been discovered to be infected with a new malware, dubbed VPNFilter, and those computers are believed to be a sort of a botnet intended to enact a huge cyberattack very soon, probably against Ukraine, Cisco analyst Craig Williams told Reuters Wednesday.
Williams noted that on May 8, Cisco, which had been investigating the malware for several months already, registered a surge of infections in Ukraine, leading them to believe the cyberattack will target that country.
In the meantime, infected machines are spread across 54 different countries, he said.
True to recent fashion in Western countries, Cisco’s Talos cyberintelligence unit says it has a “high level of confidence” that Moscow is behind the planned attack. The proof? They say the new malware shares some code with previously used malware, such as NotPetya, which the US government attributes to the Kremlin.
Ukraine’s security service, SBU, already issued a statement regarding Cisco’s warning, saying they believe the attack will come Saturday, when the Champions League final will take place in Kiev.
“Security Service experts believe the infection of hardware on the territory of Ukraine is preparation for another act of cyber-aggression by the Russian Federation aimed at destabilising the situation during the Champions League final,” it said in a statement.
It is unknown what exactly the hackers are going to do, Cisco says. However, the company disclosed that the malware can target industrial networks like those operating electric grids, says Michael Daniel, chief executive officer of Cyber Threat Alliance, a nonprofit group, Reuters reports.
“We should be taking this pretty seriously,” Daniel added.
“Cyber security firms, governments and corporate security teams closely monitor events in Ukraine, where some of the world’s most costly and destructive cyberattacks have been launched.”
Last year, a wave of large-scale cyberattacks hit companies worldwide. In May, WannaCry blocked computers in numerous countries and demanded ransom to unlock them. In June, ransomware called NotPetya targeted companies across the world, mostly in Ukraine, but also in Western Europe, Russia and North America. The US government blamed several nations one after another for that attack, most notably naming North Korea, but ended pinning the fault on their latest favorite target, Russia.