Champions League final 'faces hacking threat'

Ukrainian state security accuses Russia of preparing huge attack as Cisco details VPNFilter threat

Russia is preparing a large-scale cyber attack on Saturday's Champions League final in Kiev, according to Ukrainian state security.

The Ukrainian Security Service (SBU) accused the Russian government of "cyber aggression", with the aim of infecting hardware and "destabilising" Ukraine's hosting of the match between Real Madrid and Liverpool.

The statement came just hours after networking giant Cisco's cybersecurity division, Talos, warned that hackers had infected some 500,000 internet routers and storage devices, mainly focusing on Ukraine, with state-developed malware called VPNFilter.

Advertisement - Article continues below

Talos said it was releasing the information before fully completing its investigation because of the urgent need to prevent the potential attack.

"Both the scale and the capability of this operation are concerning," Talos said. "The malware has a destructive capability that can render an infected device unusable, which can be triggered on individual victim machines or en masse, and has the potential of cutting off internet access for hundreds of thousands of victims worldwide."

VPNFilter is a multi-stage, modular platform, the first stage of which can survive a device reboot, which sets it apart from other malware, Talos said. Once it gains a foothold in a device, it deploys other stages of the malware, which can steal website credentials and even cause infected devices to self-destruct.

Advertisement
Advertisement - Article continues below

While Talos didn't say who was behind VPNFilter, it did say the malware shared similarities with BlackEnergy, which destroyed a huge part of Ukraine's power grid in 2015, an attack Ukraine linked to Russia at the time.

Advertisement - Article continues below

"The type of devices targeted by this actor are difficult to defend," Talos added, saying VPNFilter had grown quietly since 2016. "They are frequently on the perimeter of the network, with no intrusion protection system (IPS) in place, and typically do not have an available host-based protection system such as an anti-virus (AV) package."

As yet, no details have been released as to how the attack would affect the final.

Earlier in the year, Russian spies were accused of hacking South Korea's hosting of the 2018 Winter Olympics in South Korea. The attack caused large disruption to the opening ceremony, affecting TV and web broadcasting, knocked out display monitors, Wi-Fi networks and the Winter Olympics official website.

Picture: Shutterstock

Featured Resources

Preparing for long-term remote working after COVID-19

Learn how to safely and securely enable your remote workforce

Download now

Cloud vs on-premise storage: What’s right for you?

Key considerations driving document storage decisions for businesses

Download now

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Transforming productivity

Solutions that facilitate work at full speed

Download now
Advertisement

Recommended

Visit/security/28170/what-is-cyber-warfare
Security

What is cyber warfare?

16 Mar 2020
Visit/mobile/google-android/356373/over-2-dozen-additional-android-apps-found-stealing-user-data
Google Android

Over two dozen Android apps found stealing user data

7 Jul 2020
Visit/antivirus/28144/best-antivirus
antivirus

Best antivirus for Windows 10

30 Jun 2020
Visit/security/hacking/356152/searching-for-a-new-job-that-linkedin-job-offer-may-be-fake
hacking

Searching for a new job? That LinkedIn job offer may be fake

19 Jun 2020

Most Popular

Visit/business/business-operations/356395/nvidia-overtakes-intel-as-most-valuable-us-chipmaker
Business operations

Nvidia overtakes Intel as most valuable US chipmaker

9 Jul 2020
Visit/laptops/29190/how-to-find-ram-speed-size-and-type
Laptops

How to find RAM speed, size and type

24 Jun 2020
Visit/mobile/google-android/356373/over-2-dozen-additional-android-apps-found-stealing-user-data
Google Android

Over two dozen Android apps found stealing user data

7 Jul 2020