March 1st - 9:45
Ukraine: highlights of the digital war, and a look back at previous cyberattacks.
Several cyber attacks such as NotPetya, Industroyer or BlackEnergy have targeted Ukraine for almost 10 years and tried to paralyze essential sectors of the territory. The 2022 invasion of Ukraine was also accompanied by numerous cyberspace operations. ESET is a leading provider of security solutions in Ukraine. Its research teams, including its including its Montreal office, have been on the front lines of analyzing and responding to these attacks. We will therefore present you with a summary of the malware that could be observed during the last year. We’ll focus on the APT Sandworm group, known for being behind the 2017 NotPetya attack and in 2022 conducting major attacks against Ukraine. The group has notably deployed Industroyer2, a malware capable of causing a power outage by interacting with critical industrial systems used in power grids. We have also seen the deployment of several “wipers” including HermeticWiper, CaddyWiper and more recently RansomBoggs which aim to render any compromised system unusable. These wipers have targeted government institutions, banks and other private sector companies. Finally, we will look at the potential impact of this type of threat on Quebec infrastructures.
Presented by Mathieu Tartare & Matthieu Faou
About Mathieu Tartare
After earning his PhD in astrophysics and working in high-performance computing, Mathieu Tartare began his career in cybersecurity in 2018, joining ESET as a Malware researcher. His current research focuses on cyber espionage and he leads one of the research teams at ESET’s R&D center in Montreal.
About Matthieu Faou
Matthieu Faou is a senior malware researcher at ESET where he specializes in targeted attack analysis. His main tasks include monitoring cyber espionage groups and reverse engineering malware. He completed his master’s degree in computer science at École Polytechnique de Montréal and École des Mines de Nancy in 2016. In the past, he has presented at several conferences, including BlueHat, Botconf, CYBERWARCON, RECON and Virus Bulletin.