Wiper Malware: Purposes, MITRE Techniques, and Attacker's Trade-Offs
.png)
Following recent events in Ukraine, various cybersecurity agencies such as CISA or BSI have warned of potential data wiping attacks spillover to organisations in other countries. While destructive malware such as wipers are still rare and more targeted compared to malware focused on espionage and financial gains, there are reasons for believing that this wipers will become more prevalent: If hybrid warfare operations continue and/or intensify, it must be assumed that (destructive) cyber operations will increasingly be used alongside kinetic weapons despite the fact significant impact has not yet been observed in the current war. Sanctions and/or support for Ukraine by other countries may also increase the risk for Russian retaliatory cyber attacks against those countries. The increasing number of (sophisticated) hacktivists that support either Russia or Ukraine for ideological reasons (e.g., IT Army of Ukraine counts ~300,000 people in their Telegram group) may lead to more s