An aggressive cyber weapon called Snake has infected dozens of Ukrainian computer networks including government systems in one of the most sophisticated attacks of recent years.
Also known as Ouroboros, after the serpent of Greek mythology that swallowed its own tail, experts say it is comparable in its complexity with Stuxnet, the malware that was found to have disrupted Iran’s uranium enrichment programme in 2010.
The cyber weapon has been deployed most aggressively since the start of last year ahead of protests that climaxed two weeks ago with the overthrow of Viktor Yanukovich’s government.
Ouroboros gives its operators unfettered access to networks for surveillance purposes. But it can also act as a highly advanced “digital beachhead” that could destroy computer networks with wide-ranging repercussions for the public.
Dozens of computer networks in Ukraine have been infected by an aggressive new cyber weapon called Snake, according to expert analysis.
The cyber weapon has been increasingly used since the start of this year, even before protests that led to the overthrow of president Viktor Yanukovych, British-based BAE Systems said in a report published Friday.
The complex composition of Snake bears similarities with Stuxnet, the malware that disrupted Iran’s nuclear facilities in 2010.
Snake — also known as Ouroboros after the serpent in Greek mythology — gives remote attackers “full remote access to the compromised system”, BAE said.
Because it can stay inactive for a number of days, it is extremely hard to detect.
Although its origins are unclear, its developers appear to operate it in the same timezone as MOSCOW — GMT plus four hours — and some Russian text is embedded into the code, BAE says.
BAE has identified 14 cases of Snake in Ukraine since the start of 2014, compared to eight cases in the whole of 2013. In all there have been 32 reported cases in Ukraine since 2010, out of 56 worldwide.
Nigel Inkster, who until 2006 was the head of operations and intelligence at Britain’s MI6 foreign intelligence agency, said Russia was most likely behind the cyber-attacks on Ukraine.
“If you look at it in probabilistic terms… then the list of suspects boils down to one, he told the Financial Times.
“Until recently the Russians have kept a low profile, but there’s no doubt in my mind that they can do the full scope of cyber attacks, from denial of service to the very, very sophisticated.”