The WordPress-based security firm reported that the focus of the attacks appeared to be a subset of 375 academic sites, of which received close to 210,000 between February 25-27.
Of those attacks, said to be purposed to take down websites and bring about widespread disruption and demoralization, around 145,000 attacks were recorded in a single day on February 25.
These coordinated attacks compromised 30 Ukrainian university websites, with many suffering from service unavailability and total defacement.
“We will use the term ‘attack’ in this blog post to indicate a sophisticated exploit attempt,” Wordfence explained in a recent blog post entry via its website.
“This does not include simple brute force attacks (login guessing attempts) or distributed denial of service traffic. It only includes attempts to exploit a vulnerability on a target WordPress website, which are the sites Wordfence protects.”
Ukraine Education in Hackers’ Crosshairs
“TheMx0nday”, a pro-Russian hacking group who posted evidence of the hacks on defacement aggregator Zone-H, is believed to be behind the attacks, according to Wordfence.
It was discovered that the orchestrators were Brazilian-based, yet routed their attacks via Finish IP-based addresses using Njalla, an anonymous internet service provider.
This specific group of threat actors has already attacked websites based in countries including the US, Spain, Brazil, Indonesia and Argentina, with its first Zone-H entries dating back to April 2019.
The Cyber Warfare of the Ukraine Invasion
While cyber warfare – in varying degrees – may have already been quietly taking place across the world for some time, the Ukraine invasion has really highlighted how devastating it can be.
The invasion has also raised much discussion about how the world – from governments to tech titans – should react. For instance, should Russian content (or anything deemed to be disinformation) be blocked/censored?
The Russia vs. Ukraine Cyber War
While its claims have not yet been confirmed, the Anonymous hacking collective has reportedly managed to hack Russian state TV channels to broadcast pro-Ukraine content.
Meanwhile, the Ukraine continues to be the target of cyber attacks, having already suffered denial-of-service hits affecting government websites, along with apparent no-data-return ransomware attacks.
Microsoft described this “wiper” malware as being “intended to be destructive and designed to render targeted devices inoperable”.
The tech giant also said that the malicious software had been discovered in dozens of Ukrainian systems, including that of government, IT and non-profit sectors.
Reuters reported that Ukrainian officials had alleged a Belarusian cyber-spying operation was underway, targeting the personal email accounts belonging to Kyiv’s military forces.
Kwasi Kwarteng, the UK’s Business Secretary, is set to hold talks with Paula Rosput Reynolds who chairs the National Grid, amid mounting fears of Russian state-sponsored cyber attacks.
While the country’s NCSC (National Cyber Security Centre) has called on organizations to strengthen their online defenses, its former head Ciaran Martin stated to The Guardian that cyber warfare had played a “remarkably little part” in the conflict thus far.
The Ukrainian Internet & Starlink
The availability of Ukrainian internet access is expectedly going to be touch and go in certain regions as artillery forces damage networks and associated equipment.
According to NetBlocks, the most significant disruption – which saw connectivity to the country’s primary internet provider GigaTrans drop by 20% – occurred during heavy fighting in Kharkiv city.
Elon Musk, the entrepreneur and business magnate, appears ready for Starlink, his worldwide satellite broadband service, to be activated in Ukraine.
Mykhailo Fedorov, the Ukrainian Deputy Prime Minister & Digital Transformation Minister, confirmed that the country had received crucial terminals necessary for the pioneering system to work.
Meanwhile, UK mobile network operators, including Vodafone, Three, EE and O2, have removed call charges to Ukraine, along with additional roaming charges for customers situated within the country.
Tech Giants’ Response to Ukraine Invasion
In the immediate wake of Russia’s invasion, Ukrainian politicians began requesting that tech giants of the world – including social media and entertainment firms – play their own roles in the conflict.
“We need your support,” the Digital Transformation Minister, Mykhailo Fedorov, told Apple’s chief executive, Tim Cook.
Fedorov, who also asked Meta to ban access to Facebook and Instagram in Russia, added: “In 2022, modern technology is perhaps the best answer to the tanks, multiple-rocket launchers and missiles.”
Nick Clegg, Meta’s head of global affairs, however, commented that such a scenario could prevent Russian people from using those platforms to “protest and organise against the war, and as a source of independent information.”
While Tim Cook did state that Apple was “deeply concerned” about the conflict and was supportive of humanitarian efforts, he too did not express any plans to sever the firm’s services.
Over at YouTube, the streaming titan added that it would disable revenue-generating tools being utilized by several Russian channels, and would limit platform user recommendations.
The firm’s parent and largest online-ad seller, Google, said it would prevent Russian state media from using its tools to sell adverts.
Following consultations with regional authorities, Google has now disabled live traffic and information about how busy/frequented places such as restaurants, cafes and shops are.
Furthermore, at the request of the Ukrainian government, both Google and Facebook have restricted access to certain Ukrainian state media accounts. The downloading of Russia Today’s mobile app has also been banned.
Facebook took down a network run by Russian and Ukrainian-based administrators for what was described as “inauthentic behaviour”, after discovering the channels, filled with fake personas, were merely posing as independent news entities.
The social media giant also issued a warning about a hack named Ghostwriter accessing the Ukrainian military and public figures’ social media, carried out via email to post various disinformation.
Twitter, in an effort to reduce the circulation of potentially misleading materials linked to Russian state-affiliated accounts, has been attaching ‘Stay informed’ notifications that read: ‘This Tweet links to a Russia state-affiliated media website.’
03/05/2022 Billions of Chrome users are being warned after the successful attack has revealed 30 new security flaws, including seven that pose a ‘high threat’ to users. Attackers have managed to access Chrome's unused memory. This is typically used to help the browser run smoother, however by exploiting this finding it has given hackers access to the inner workings...
21/03/2022 But with the final recovery bill expected to cost hundreds of thousands of pounds, members of the council have understandably been expressing their concerns. In order to restore several of its affected online services, a £380,000 reserve was created; the Government and Local Government Association also provided the council with a collective £250,000. Despite...
21/03/2022 But what exactly are trackers? And how do you go about stopping them to create a more secure, worry-free internet experience? What are Internet Trackers? Tracking technologies – usually owned/developed by advertising and marketing firms and government agencies, among other authorities – are utilized to monitor visitor-based data for the purpose of establishing...
21/03/2022 From a secret Kiev-based underground bunker, Fedorov has been urging high-ranking social media executives to sever Russia from their multinational services. Digital minister Fedorov has also set up an “IT Army of Ukraine” campaign in the hopes of recruiting volunteers willing to fight the country’s “enemy” with cyber attacks. The 31-year-old Fedorov,...