Wiper Malware Poses Increasing Threat to Cybersecurity
Category: Russia & Ukraine | Industry: Global | Level: Strategic | Source: Fortinet
An escalated use of data wipers, since the Russian invasion of Ukraine, has persisted without any signs of slowing down. According to a recent analysis by researchers at Fortinet, there was a significant 53% increase in the use of disk wipers by threat actors between the third and fourth quarters of 2022. The use of data wipers is not only limited to nation-state actors since the destructive malware has made its way through cybercrime networks. As observed by Fortinet while "initially observed wiper malware being developed and deployed by nation-state actors—particularly in parallel with the Russia-Ukraine war—we’re now seeing wipers being scaled and deployed worldwide. These new strains are increasingly being picked up by cybercriminal groups and used throughout the growing Cybercrime-as-a-Service (CaaS) network." Threat actors have made data wipers open source providing code on public repositories like GitHub allowing the malware to be more accessible and to create new variants. While the majority of wiper malware was deployed against Ukraine there have been "spillover effects on other countries." The most prominent example was the attempted attack on the Ukrainian satellite communication provider, Viasat which inadvertently led to the outage of 5,800 German wind turbines operated by Enercon.