Intelligent Tech Channels Issue 52 | Page 39

Threats to Ukraine
Trellix Threat Labs has been investigating wiper malware and other cyberthreats targeting Ukraine . Wipers render devices within targeted organisations useless by destroying the memory critical to how the devices operate . Trellix analysis of the Whispergate and HermeticWiper malware used before and during the invasion of Ukraine details the similarities and differences of the two strains used to destabilise Ukrainian IT systems by destroying the communications within the country .
Many critical infrastructure providers have not implemented cybersecurity best practices despite highprofile breaches
The Threat Labs Report : April 2022 study lists threat actors targeting Ukraine , including Actinium APT , Gamaredon APT , Nobelium APT ( also known as APT29 ), UAC-0056 and Shuckworm APT . Of all APT activity Trellix observed in Q4 2021 , APT29 accounted for 30 % of the detections .
The report details recommendations for organisations seeking to proactively protect their environment from tactics these actors use .
Tactics , techniques and procedures
Trellix observed the continued use of Living off the Land ( LotL ) methods , where criminals use existing software and controls native to a device to execute an attack . Windows Command Shell ( CMD ) ( 53 %) and PowerShell ( 44 %) were the most-frequently used NativeOS
INTELLIGENT TECH CHANNELS 39