Warning of social engineering attacks in the context of the war of aggression against Ukraine

Russia’s attack on Ukraine also includes a cyber war and affects the current cyber threat landscape worldwide. The number of cyber attacks continues to increase.

Cyber ​​criminals also use the political situation thematically and emotionally according to the principle of “social engineering”: On the basis of psychological mechanisms, they profit from the wave of helpfulness and use social networks, among other things, to do so.

“Current political, societal or social events are instrumentalized for cyber attacks because they offer the perfect conditions for social engineering. Unfortunately, we have seen a similar approach to all COVID-related issues since the beginning of the pandemic,” says Dr. Niklas Hellemann, Managing Director at SoSafe and qualified psychologist.

A variety of new social engineering attacks can be observed

A variety of new social engineering attacks can currently be observed: phishing mails are circulating that exploit the personal suffering of those affected and ask for personal donations. This usually happens with a high degree of urgency due to the current situation – a typical psychological mechanism that cyber criminals exploit. In addition, numerous links are circulating that users are supposed to click on in order to allegedly support cyber attacks on Russia. These are supposed to be so-called DDoS attacks, through which certain servers and services are so overloaded that they can no longer be reached. The danger for private individuals is that it cannot initially be ascertained who the target of these attacks is. In addition, clicking on the link is also a gateway for cyber criminals into their own systems, into which viruses and Trojans can be smuggled, for example. In the meantime, ignorant private individuals are also spreading these links on social networks, which makes it difficult to check the origin and makes them credible “mediators” themselves.

Warning of aggravation of the cyber threat situation due to the war of aggression against Ukraine

SoSafe specifically warns against these social engineering attacks and advises increased vigilance. Corresponding links should not be clicked on or distributed. Donations should ideally be made directly to established aid organizations and NGOs. “Cyber ​​criminals are taking advantage of our humanity in the current, stressful situation. By clicking on the appropriate links, users give them a free hand to exploit their devices for their own purposes. It can be assumed that cybercriminals will profit from this and that helpful users will become victims themselves. We advise increased vigilance,” says Hellemann.

The warnings about specific social engineering campaigns come in the context of increased activity in cyberspace. The Federal Institute for Security and Information Technology (BSI) does not currently rate the IT threat situation in Germany as higher, but also calls for increased attention. The IT threat situation in Germany is still “orange”, i.e. level 3 of 4, and is therefore “business-critical”. SoSafe also expects “spill-over effects” due to the raging cyber war: In a digital, networked world, cyber attacks on the critical infrastructure of states are likely to spread across global software chains.