March 2022 Threat Intelligence Summary

As the Russo-Ukrainian conflict continued to unfold in March, Fidelis Cybersecurity remained vigilant in defense of our clients, facing off against notable threats such as CaddyWiper – one of the latest iterations of destructive malware that impacted Ukraine. Government agencies in Ukraine are reporting that they are facing continuous onslaught of DDoS since the invasion began on 24 February 2022. State-sponsored actors operating on behalf Russia (APT28) and Belarus (UNC1151) continue their offensive cyber operations through phishing campaigns against public and private Ukrainian networks. Russian authorities published a staggering list of 17,576 IP addresses and 166 domains that it claims are responsible for participating in a series of DDoS attacks targeting Russian domestic infrastructure. While the Anonymous collective and Ukraine-backed IT Cyber Army continue to launch offensive operations against Russian media and government infrastructure. Given the unprecedented confluence of belligerents, the risks for spill-over effects and misattribution in this conflict are at an all-time high.