Technology content trusted in North America and globally since 1999
8,556 Reviews & Articles | 66,531 News Posts

FireEye suggests link between malware growth and Ukraine conflict

A growth in malware can be linked to escalating tensions between Russia and Ukraine, according to a report

By: Tamlin Magee from May 29, 2014 @ 14:02 CDT

As the situation grew more tense in the Ukraine and Russia over the annexing of Crimea, so did malicious activity between the two states in cyberspace.


According to a new report from security company FireEye, malware "callbacks" - where communications from compromised machines go back to the attacker's first stage server- increased dramatically over the period. Although the reasons cannot be known for sure, FireEye says it sees a "likely correlation" between the number of callbacks to Russia and Ukraine and the intensification of the crisis.

For 2013, Russia was seventh place in the amount of malware callbacks but in March 2014 it jumped to third place - at the same time its parliament authorized the use of force in Ukraine and Putin incorporated Crimea into the Russian Federation.

The report, from FireEye's senior global threat analyst Kenneth Geers, is not meant to suggest "Russia and/or Ukraine are the sole threat actors" within the data set, but that traffic analysis has its use in noting ties between malware activity and geopolitical events.

"In other words, the rise in callbacks to Russia and Ukraine during high levels of geopolitical tension suggests strongly that computer network operations are being used as one way to gain competitive advantage in the conflict," Geers said.


Related Tags