DDos attacks and phishing activity against Ukrainian sites are on the rise, capitalizing on the conflict. APT groups that are backed by Russia or are supporters are perpetrating phishing and other attacks on Ukrainian and European targets in cyberspace. Researchers from Google’s TAG have seen an increase in activity from espionage to phishing campaigns by FancyBear/APT28 and Ghostwriter/UNC1151. APT28 has been attributed to Russia’s GRU intelligence agency and UNC1151 has been identified as part of the Belarusian Ministry of Defense.
There have also been recent distributed denial-of-service attacks against Ukrainian government sites such as the Ministry of Internal Affairs and Ministry of Foreign Affairs. There have also been these DDos attacks against key information services for Ukrainians. China’s Mustang Panda is also using the war to target European entities with lures relating to the Ukrainian invasion in phishing campaigns.