On Thursday, the Russian Federal Security Service (FSB) announced that it had identified and resolved the aftermath of more than 5,000 cyberattacks on critical infrastructure in Russia since the start of 2022.
According to the official statement, “The Russian Federal Security Service has recorded more than 5,000 cyberattacks on Russia’s critical infrastructure since early 2022.
The timely taken measures allowed for the prevention of negative consequences from such actions for our country.”
The press office has revealed that through analysis of computer threats, FSB has obtained evidence indicating that the United States and NATO countries utilized Ukrainian territory to launch large-scale cyber attacks on civilian infrastructure facilities in Russia.
They further highlighted that the network infrastructure of Ukraine is currently being utilized by cyberattack units of Western nations, which enables them to surreptitiously employ novel cyber weapons.
As per the FSB, despite many cyber attacks being attributed to the “IT Army of Ukraine,” their analysis has revealed the involvement of pro-Western hacker groups such as “Anonymous,” “Silence,” “Ghost Clan,” “Ji-En-Ji,” “SquadZOZ,” and various others.
The FSB has further claimed that the offensive cyber operations units of Western nations are currently utilizing Ukraine’s network infrastructure, allowing them to clandestinely leverage novel forms of cyber weaponry.
However, the reporting from BleepingComputer refutes this claim by Russia, which is based on Rostelecom’s CERT team report.
Rostelecom claims that 20% of all detected attacks can be attributed to sophisticated APT groups, 38% are cases of hacktivism, and another 38% are ransomware attacks.
In 72% of the detected cases, the network intruders leveraged known vulnerabilities for initial access, while the time for reaching their ultimate goal has now been reduced to an average of seven days.
According to Rostelecom, around 20% of the detected attacks can be attributed to sophisticated Advanced Persistent Threat (APT) groups, 38% of the cases were attributed to hacktivism, and another 38% to ransomware attacks.
In 72% of the identified cases, network intruders gained initial access by exploiting known vulnerabilities, and the time taken to reach their ultimate goal has now been reduced to an average of seven days.
Rostelecom’s analysts have reported that the four hacking groups with the most significant activity against Russian entities during the mentioned period are APT27, APT41, and APT10, all believed to be of Chinese origin, and the North Korean Lazarus Group.
This report is in direct contradiction with the earlier statement made by the FSB about a massive wave of thousands of cyber attacks carried out by NATO-supported hacking groups.