A wiper is malware that deletes or destroys an organization’s access to files and data. This type of malware is commonly used as a tool for destruction and disruption since the loss of critical information could make it impossible for an organization to maintain business operations or carry out certain actions.
Wipers were not a frequently used type of malware because they don’t provide an opportunity for an attacker to make a profit. Their main purpose is to cause disruption and destruction, making them a more common tool for nation-state actors and hacktivists.
In 2022, the use of wipers surged dramatically. During the Russian invasion of Ukraine, numerous wipers were used to disrupt the Ukrainian government, critical infrastructure, and business. Over the course of the year, at least nine wipers were deployed against the country
These attacks demonstrate the increased usage of destructive malware as a tool for cyberwarfare. In the past, Ukraine has suffered multiple attacks against its critical infrastructure by the Industroyer malware. However, the eve of the Russian invasion showed a dramatic uptick with three new malware variants — HermeticWiper, HermeticWizard, and HermeticRansom — deployed within a single day.
A wiper’s purpose is to render data inaccessible and unusable. However, unlike ransomware, the intent is not to restore access after a ransom has been paid. Wiper destroys data forever, and this can be accomplished in a couple of ways: The contents of the files can be encrypted or overwritten, or the attacker could render them impossible to access by attacking the operating system itself.
Wipers don’t make attackers money, which is the most common motive for cyberattacks. Some of the reasons why an attacker may choose to use the destructive power of a wiper include:
Wipers are designed to destroy data in a few different ways, including the following:
Organizations can take various steps to protect themselves against the data loss caused by wipers. Some best practices include the following:
The first step to protecting your organization against malware and other cyber threats is understanding the current threat landscape. To learn more about modern wipers and other major cybersecurity challenges of 2023, check out Check Point’s 2023 Cyber Security Report.
Check Point Harmony Endpoint provides robust protection against wipers and other malware threats. Learn more about its capabilities by signing up for a free demo today.