Mary Madison, RN, RAC-CT, CDP
Clinical Consultant – Briggs Healthcare
January 16, 2022
|Microsoft Security Blog|
Microsoft Threat Intelligence Center (MSTIC) has identified evidence of a destructive malware operation targeting multiple organizations in Ukraine. Specifically, Microsoft identified intrusion activity originating from Ukraine that appeared to be possible Master Boot Records (MBR) Wiper activity. During Microsoft’s investigation, it found a unique malware capability being used in intrusion attacks against multiple victim organizations in Ukraine. This malware first appeared on victim systems in Ukraine on January 13, 2022.
Given the scale of the observed intrusions, MSTIC is not able to assess intent of the identified destructive actions but does believe these actions represent an elevated risk to any government agency, non-profit or enterprise located or with systems in Ukraine. Microsoft strongly encourages all organizations to immediately conduct a thorough investigation and to implement defenses using the information provided in the blog.
Microsoft is aware of the ongoing geopolitical events in Ukraine and surrounding region and encourages organizations to use the information in the post to proactively protect from any malicious activity.
MSTIC will update the blog as additional information becomes available. Please review the full Microsoft Security Blog at Microsoft.com.
• US-CERT Announcement
If you have comments or questions, send an email to CIP@hhs.gov . The CIP team will work to answer your inquiries or connect you to the proper entity.