LONDON — Dozens of computer networks in Ukraine have been infected by an aggressive new cyber weapon called Snake, according to expert analysis.
The cyber weapon has been increasingly used since the start of this year, even before protests that led to the overthrow of president Viktor Yanukovych, British-based BAE Systems said in a report published Friday.
The complex composition of Snake bears similarities with Stuxnet, the malware that disrupted Iran’s nuclear facilities in 2010.
Snake — also known as Ouroboros after the serpent in Greek mythology — gives remote attackers “full remote access to the compromised system”, BAE said.
Because it can stay inactive for a number of days, it is extremely hard to detect.
Although its origins are unclear, its developers appear to operate it in the same timezone as Moscow — GMT plus four hours — and some Russian text is embedded into the code, BAE says.
BAE has identified 14 cases of Snake in Ukraine since the start of 2014, compared to eight cases in the whole of 2013. In all there have been 32 reported cases in Ukraine since 2010, out of 56 worldwide.
Nigel Inkster, who until 2006 was the head of operations and intelligence at Britain’s MI6 foreign intelligence agency, said Russia was most likely behind the cyber-attacks on Ukraine.
“If you look at it in probabilistic terms… then the list of suspects boils down to one, he told the Financial Times.
“Until recently the Russians have kept a low profile, but there’s no doubt in my mind that they can do the full scope of cyber attacks, from denial of service to the very, very sophisticated.”