In light of the crisis in Ukraine, Mandiant is preparing for Russian actors to carry out aggressive cyber activity against our customers and community. Russia regularly uses its cyber capability to carry out intelligence collection and information operations, but we are particularly concerned that as tensions escalate, they may target organizations within and outside of Ukraine with disruptive and destructive cyber attacks.
Threat actors leverage destructive malware to destroy data, eliminate evidence of malicious activity, or manipulate systems in a way that renders them inoperable. Destructive cyber attacks can be a powerful means to achieve strategic or tactical objectives; however, the risk of reprisal is likely to limit the frequency of use to very select incidents. Destructive cyber attacks can include destructive malware, wipers, or modified ransomware.
Our latest white paper, Proactive Preparation and Hardening to Protect Against Destructive Attacks, provides hardening and detection guidance to protect against a destructive attack within an environment. The focus areas outlined within this white paper include: