Ukraine central bank warns of new cyber-attack risk

Send a link to a friend  Share

[August 18, 2017]  By Natalia Zinets

KIEV (Reuters) - The Ukrainian central bank said on Friday it had warned state-owned and private lenders of the appearance of new malware as security services said Ukraine faced cyber attacks like those that knocked out global systems in June.

The June 27 attack, dubbed NotPetya, took down many Ukrainian government agencies and businesses, before spreading rapidly through corporate networks of multinationals with operations or suppliers in eastern Europe.

Kiev's central bank has since been working with the government-backed Computer Emergency Response Team (CERT) and police to boost the defenses of the Ukrainian banking sector by quickly sharing information.

"Therefore on Aug. 11..., the central bank promptly informed banks about the appearance of new malicious code, its features, compromise indicators and the need to implement precautionary measures to prevent infection," the central bank told Reuters in emailed comments.

According to its letter to banks, seen by Reuters, the new malware is spread by opening email attachments of word documents.

[to top of second column]

A message demanding money is seen on a monitor of a payment terminal at a branch of Ukraine's state-owned bank Oschadbank after Ukrainian institutions were hit by a wave of cyber attacks earlier in the day, in Kiev, Ukraine, June 27, 2017. REUTERS/Valentyn Ogirenko/File Photo - RTS19XCK

"The nature of this malicious code, its mass distribution, and the fact that at the time of its distribution it was not detected by any anti-virus software, suggest that this attack is preparation for a mass cyber-attack on the corporate networks of Ukrainian businesses," the letter said.

Ukraine - regarded by some, despite Kremlin denials, as a guinea pig for Russian state-sponsored hacks - is fighting an uphill battle in turning pockets of protection into a national strategy to keep state institutions and systemic companies safe.

The state cyber police and Security and Defence Council have said Ukraine could be targeted on Aug. 24 with a NotPetya-style attack aimed at destabilizing the country as it celebrates its 1991 independence from the Soviet Union.

(Writing by Alessandra Prentice; editing by Mark Heinrich)

[© 2017 Thomson Reuters. All rights reserved.]

Copyright 2017 Reuters. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.

Back to top