Using the Ukraine invasion timeline, full of DDoS attacks, hacktivists and data-wiping malware, SentinelOne researchers examined the real-world impact of cyber war.
Tom Hegel, senior threat researcher at SentinelOne, and Juan Andrés Guerrero-Saade, principal threat researcher at SentinelOne, kicked off their Black Hat 2022 session Tuesday by calling the term cyber war "terrible." From a Western context, Guerrero-Saade said it is associated with its "own domain of warfare -- self-contained and self-sufficient -- which is not a reality of war."
To demonstrate the reality of the ongoing conflict, Hagel and Guerrero-Saade analyzed the preparation leading up to the invasion, looked at instances that occurred in the first week or months, broke down known wipers, and sophistication levels and goals of those attacks, whether for destructive purposes or espionage. They observed certain aspects that demonstrated a change in the cybersecurity industry related to this conflict.
One prime example was the increased use of data-wiping malware, such as HermeticWiper, AcidWiper, WhisperGate and CaddyWiper.
"Before this, there was maybe a dozen wipers used by nation-states. Wipers weren't something you saw every day," Guerrero-Saade said during the session.
Since the beginning of 2022, SentinelOne has observed at least seven strains of wiper malware targeting Ukraine. An important question addressed during the session was: Why are there so many wipers? The researchers said they believe it reflects more on a biased observation and a lack of telemetry.
"What you're seeing is the activity we're meant to see. The reason wipers weren't very p ..
Support the originator by clicking the read the rest link below.