Nation-state malware could become a commodity on dark web soon, Interpol warns

Pierluigi Paganini May 24, 2022

Interpol Secretary warns that nation-state malware will become available on the cybercrime underground in a couple of years.

Interpol Secretary General Jurgen Stock declared that nation-state malwre will become available on the darknet in a couple of years.

In the ongoing conflict between Russia and Ukraine, the malware developed by both nation-state actors and non state actors represents a serious risk for critical infrastructure and organizations worldwide.

Threat actors could perform reverse engineering of military-made malicious code and use their own versions in attacks in the wild. The scenario also opens the doors to false flag operations, nation-state actors could have access to cyber weapons used in the conflict and use them in attacks in the wild making the attribution impossible.

“That is a major concern in the physical world — weapons that are used on the battlefield and tomorrow will be used by organized crime groups,” said Jurgen Stock, the Interpol secretary general during a CNBC-moderated panel at the World Economic Forum in Davos, Switzerland, Monday.

“The same applies for the digital weapons that, maybe today are used by the military, developed by military, and tomorrow will be available for criminals,” he explained.

During the first couple of months after the Russian invasion of Ukraine, security firms have observed multiple attacks against Ukrainian government entities and organizations. Russia-linked APT groups used wipers to destroy the target systems, in some cases, these attacks hit companies operating in other regions, such as VIASAT.

Early this month, the European Union accused Russia of the cyberattack that hit the satellite KA-SAT network in Ukraine, operated by Viasat, on February 24.

This cyberattack caused communication outages and disruptions in Ukraine, it also impacted several EU Member States. 5,800 Enercon wind turbines in Germany were unreachable due to the spillover from this attack. Security researchers at SentinelLabs who investigated the attack spotted a previously undetected destructive wiper, tracked as AcidRain, that hit routers and modems

Stock urged strong cooperation between governments and law enforcement authorities to prevent nation-state malware will proliferate on the dark web.

“On the one hand, we are aware of what’s going on — on the other hand, we need the data, which are in the private sector,” Stock said. “We need your [cyber breach] reports. Without your reports, we are blind.”

“That is a gap we need to close together, not just law enforcement that require that we build bridges between our siloes, the islands of information.”

More exposed are critical infrastructure and supply chain, it is essential to increase their level of security.

Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. I ask you to vote for me again (even if you have already done it), because this vote is for the final.

Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”)

To nominate, please visit:

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, nation-state malware)

[adrotate banner=”5″]

[adrotate banner=”13″]

you might also like

leave a comment