FireEye suggests link between malware growth and Ukraine conflict

A growth in malware can be linked to escalating tensions between Russia and Ukraine, according to a report.

Published Thu, May 29 2014 2:02 PM CDT   |   Updated Tue, Nov 3 2020 12:16 PM CST

As the situation grew more tense in the Ukraine and Russia over the annexing of Crimea, so did malicious activity between the two states in cyberspace.

FireEye suggests link between malware growth and Ukraine conflict |

According to a new report from security company FireEye, malware "callbacks" - where communications from compromised machines go back to the attacker's first stage server- increased dramatically over the period. Although the reasons cannot be known for sure, FireEye says it sees a "likely correlation" between the number of callbacks to Russia and Ukraine and the intensification of the crisis.

For 2013, Russia was seventh place in the amount of malware callbacks but in March 2014 it jumped to third place - at the same time its parliament authorized the use of force in Ukraine and Putin incorporated Crimea into the Russian Federation.

The report, from FireEye's senior global threat analyst Kenneth Geers, is not meant to suggest "Russia and/or Ukraine are the sole threat actors" within the data set, but that traffic analysis has its use in noting ties between malware activity and geopolitical events.

"In other words, the rise in callbacks to Russia and Ukraine during high levels of geopolitical tension suggests strongly that computer network operations are being used as one way to gain competitive advantage in the conflict," Geers said.


Tamlin Magee is based in London. His name can be found around the web and in print, and he's mostly interested in the ways the rapid rate of technological development is affecting us and our surroundings.

Newsletter Subscription

Related Tags

Newsletter Subscription
Latest News
View More News
Latest Reviews
View More Reviews
Latest Articles
View More Articles