Teaser
Retrospective
Full conference
Description
Several cyber attacks such as NotPetya, Industroyer or BlackEnergy have targeted Ukraine for almost 10 years and tried to paralyze essential sectors of the territory. The 2022 invasion of Ukraine was also accompanied by numerous cyberspace operations. ESET is a leading provider of security solutions in Ukraine. Its research teams, including its including its Montreal office, have been on the front lines of analyzing and responding to these attacks. We will therefore present you with a summary of the malware that could be observed during the last year. We’ll focus on the APT Sandworm group, known for being behind the 2017 NotPetya attack and in 2022 conducting major attacks against Ukraine. The group has notably deployed Industroyer2, a malware capable of causing a power outage by interacting with critical industrial systems used in power grids. We have also seen the deployment of several “wipers” including HermeticWiper, CaddyWiper and more recently RansomBoggs which aim to render any compromised system unusable. These wipers have targeted government institutions, banks and other private sector companies. Finally, we will look at the potential impact of this type of threat on Quebec infrastructures.
About the speaker
Matthieu Faou
Malware researcher
Matthieu Faou is a senior malware researcher at ESET where he specializes in targeted attack analysis. His main tasks include monitoring cyber espionage groups and reverse engineering malware. He completed his master’s degree in computer science at École Polytechnique de Montréal and École des Mines de Nancy in 2016. In the past, he has presented at several conferences, including BlueHat, Botconf, CYBERWARCON, RECON and Virus Bulletin.