CISA Adds New Russian Malware to Cyber Advisory

Olemedia/Getty Images

The agency updated its warning regarding malware deployed by Russian state actors as the country continues war against Ukraine.

The Cybersecurity and Infrastructure Security Agency updated its original alert regarding the malware being deployed against Ukraine, as Russia continues its military invasion of the country.

On Thursday, CISA and FBI officials added several new indicators of compromise originally listed on Tuesday. New forms of destructive malware identified by law enforcement include HermeticWiper, IsaacWiper, HermeticWizard and CaddyWiper. All of these have been deployed on Ukrainian networks beginning in January 2022.  

“Leading up to Russia’s unprovoked attack against Ukraine, threat actors deployed destructive malware against organizations in Ukraine to destroy computer systems and render them inoperable,” the original advisory reads. 

Malware and cyber attacks are a hallmark feature of Russia’s war on Ukraine, a tactic that U.S. officials have warned may strike their critical network infrastructure. Federal agencies in both the U.S. and U.K. warned of enhanced Russian hacking techniques, and in February  President Joe Biden placed the Department of Homeland Security in charge of responding to cyber threats, particularly related to the HermeticWiper malware. 

In light of Russia’s cyber threat, CISA has been pointing all digital organizations to its Shields Up initiative, which offers resources and best practices to prevent and mitigate a potential cyberattack.