Ukraine has confirmed, according to the Washington Post, that last week's WhisperGate cyberattacks were indeed destructive, and represented neither the hacktivist defacements nor the ransomware crimes they misrepresented themselves as. Ukraine's State Service of Special Communications and Information Protection said, "Thus with a high probability it can be argued that the defacement of the websites of the attacked government agencies and the destruction of data using a wiper are components of one cyber attack aimed at as much damage as possible to the infrastructure of state electronic resources.” Ukraine is calling the campaign #BleedingBear and attributed it to Russia.
Aware of heightened tensions and with vivid memories of NotPetya and Wannacry, governments are preparing for subsequent waves of cyberattacks. Serhii Demediuk, Deputy Secretary of Ukraine’s National Security and Defense Council, described the steps Kyiv is taking to protect the country from further cyberattack in an interview with the Record. The US Cybersecurity and Infrastructure Security Agency (CISA) yesterday published advice on how organizations can protect themselves against cyberattacks of the kind Ukraine sustained last week. The advisory is designed to help organizations defend against, detect, respond to, and ride out destructive cyberattacks.
Poland has also raised its level of cyber alert, Reuters reports.
Russia has consistently represented NATO and the US as aggressors interested in using Ukraine to hold Russia at risk, but it's fair to say that this is a minority view. NATO wants further talks with Russia over the crisis, but Moscow says it won't consider renewed talks until it receives responses to the proposals it put on the table last week.