Business

Framingham cybersecurity firm detects new attack in Ukraine

epa05771714 Ukrainian servicemen stand near of their armed personal carrier (APC) at the eastern city of Avdiivka, Donetsk area, Ukraine, 04 February 2017. Heavy artillery and rockets have hit residential and industrial areas amid a new outburst of fighting between government troops and Russia-backed separatist rebels. The fighting in Avdiivka damaged infrastructure and left residents with power and heating outages amid freezing conditions. EPA/VOLODYMYR PETROV

VOLODYMYR PETROV/European Pressphoto Agency

Ukraine is already believed to be the target of a massive cyberwarfare campaign run by Russia, which annexed the Ukrainian territory of Crimea in 2014 and has been involved in a tense military standoff with Ukraine ever since.

The Framingham-based Internet security firm CyberX said it has spotted a new weapon in the ongoing cyberwar between Russia and Ukraine — a program called BugDrop that is being used to steal vast amounts of sensitive data from Ukrainian businesses and institutions.

“It looks very professional ... and most important, very successful,” said CyberX co-founder Nir Giller, a former engineer for the Israel Defence Forces cybersecurity unit.

Advertisement

Ukraine is already believed to be the target of a massive cyberwarfare campaign run by Russia, which annexed the Ukrainian territory of Crimea in 2014 and has been involved in a tense military standoff with Ukraine ever since.

In 2015, an electrical outage cut power to 230,000 Ukrainian homes in what US authorities concluded was the world’s first successful hack of a nation’s electrical grid. A similar attack in late December 2016 cut power to a large part of the Ukrainian capital, Kiev.

Get Talking Points in your inbox:
An afternoon recap of the day’s most important business news, delivered weekdays.
Thank you for signing up! Sign up for more newsletters here

In BugDrop, attackers are using booby-trapped Microsoft Word documents to get inside computer systems and copy vital data, according to CyberX. The infected machines record all keystrokes, take screenshots of the monitor, and even activate the computer’s microphone to record voices. All the data is encrypted and sent to a Dropbox account.

Giller estimated that BugDrop has collected up to 3 gigabytes of data per day since it was launched, probably last year.

More than 70 organizations have been hit by BugDrop, including two Ukrainian newspapers, a company that makes oil and gas pipeline equipment, a company that designs water systems and electrical substations, and an international human rights organization.

Advertisement

CyberX researchers also found infected computers in Russia, Austria, and Saudi Arabia.

CyberX has not identified the perpetrators but noted that since BugDrop attackers would need ample resources, the attack could be state-sponsored. But they don’t know which state is behind it. Some of the targets are in regions of Ukraine dominated by pro-Russia separatists, leading Phil Neray, CyberX vice president of industrial cybersecurity, to question whether Moscow or Kiev is behind the BugDrop operation.

Hiawatha Bray can be reached at hiawatha.bray@globe.com. Follow him on Twitter @GlobeTechLab.
Loading comments...
Real journalists. Real journalism. Subscribe to The Boston Globe today.
You're reading  1 of 5 free articles.
Get UNLIMITED access for only 99¢ per week Subscribe Now >
You're reading1 of 5 free articles.Keep scrolling to see more articles recomended for you Subscribe now
We hope you've enjoyed your 5 free articles.
Continue reading by subscribing to Globe.com for just 99¢.
 Already a member? Log in Home
Subscriber Log In

We hope you've enjoyed your 5 free articles'

Stay informed with unlimited access to Boston’s trusted news source.

  • High-quality journalism from the region’s largest newsroom
  • Convenient access across all of your devices
  • Today’s Headlines daily newsletter
  • Subscriber-only access to exclusive offers, events, contests, eBooks, and more
  • Less than 25¢ a week
Marketing image of BostonGlobe.com
Marketing image of BostonGlobe.com
Already a subscriber?
Your city. Your stories. Your Globe.
Yours FREE for two weeks.
Enjoy free unlimited access to Globe.com for the next two weeks.
Limited time only - No credit card required!
BostonGlobe.com complimentary digital access has been provided to you, without a subscription, for free starting today and ending in 14 days. After the free trial period, your free BostonGlobe.com digital access will stop immediately unless you sign up for BostonGlobe.com digital subscription. Current print and digital subscribers are not eligible for the free trial.
Thanks & Welcome to Globe.com
You now have unlimited access for the next two weeks.
BostonGlobe.com complimentary digital access has been provided to you, without a subscription, for free starting today and ending in 14 days. After the free trial period, your free BostonGlobe.com digital access will stop immediately unless you sign up for BostonGlobe.com digital subscription. Current print and digital subscribers are not eligible for the free trial.