Amidst the ongoing warfare, we were able to track the development of new dedicated and tailored malware (HermeticWiper and Whisper Gate) on the dark web forums, which were specifically crafted for the war. Now there are several reputable sources providing the same intelligence. Technical analysis of the malware indicates their destructive capabilities. Currently, the primary intent and usage are still limited to the cyberwarfare against Ukraine.

However, it is of utmost importance to be aware of these threats and stay prepared, as whenever the military goals for these malware are achieved, they will soon transfer to target commercial markets or even sooner, targeting western organizations due to supporting Ukraine. Which means our businesses might be one of the next targets, either directly or by the supply-chain attacks.

This whitepaper covers detailed analysis of known malware used in cyberwarfare, with guidelines on how to mitigate, detect and respond to them.

Author: David Kasabji, Threat Intelligence Expert, Conscia Group