This is not the first instance of such attacks on Ukrainian state networks. In January 2023, the Sandworm group targeted the country’s state news agency, Ukrinform, using a similar method and a modified version of the RoarBat malware.
To defend against these types of attacks, it is crucial to keep hardware and software updated, enable multi-factor authentication whenever possible, and restrict access to management interfaces to minimize potential vulnerabilities. By adopting these preventive measures, organizations can significantly enhance their security posture and protect against such malicious cyber activities.