Tag: cyber espionage
The West braces for massive Russian cyber offensive
Russia is believed to be planning widespread cyber-attacks on the West in part retaliation for Ukraine’s cyber-attack, which recently crippled Russia’s financial services. “In retaliation to NATO support for Ukraine, cyberwarfare coinciding with the ongoing Russia-Ukraine conflict will likely include focused state-level attacks against Western critical and military sectors launched by Moscow’s hacker groups,” says Craig Watt, a consultant specializing in strategic and geopolitical intelligence at cybersecurity firm Quorum Cyber.
Ukraine takes down Russia’s financial services
Hackers from Ukraine’s Main Intelligence Directorate claim to have effected one of the largest Distributed Denial-of-Service (DDoS) attacks in history, derailing Russia’s financial services. According to the Kyiv Post, the attack compromised the online services of all major Russian banks, including the Central Bank, telecommunications service providers, national payment systems, social networks and messengers, government resources, and dozens of other services. The affected Russian financial institutions are reported to include VTB Bank, Alfa Bank, SberBank, Raiffeisen Bank, RSHB Bank, Ak Bars Bank, Rosbank, Gazprombank, Tinkoff Bank, iBank, Dom.RF Bank, and the Bank of Russia. On the last day of the attack, the resources of the Russian Ministry of Defense, the Ministry of Internal Affairs. The Federal Tax Service was also reported to have been affected.
Cyber-piracy on the high seas
Escalating geopolitical instability in the South China Seas and The Red Sea are being seen as the root cause behind a rapid rise in cyber-attacks on commercial shipping, as well as a sharp increase in cyber-assisted piracy. “The risk has escalated significantly in the past year due to heightened geopolitical tensions and increased cyber capabilities of threat actors…The average cost per data breach now exceeds $545,000 for a shipping organization,” says Freight Right Global Logistics CEO Robert Khachatryan. According to C. Todd Doss, Senior Managing Director at Guidepost Solutions: “Over the past year, these risks have escalated notably. Reports indicate that cyber-attacks on maritime infrastructure and vessels increased by over 20% in 2023 compared to the previous year .”
Exclusive: CrowdStrike crash is only the beginning…
The famous “blue screen of death,” witnessed with horror by 8.5 million Microsoft Windows users worldwide as a result of the ongoing CrowdStrike outage, may soon become a far more familiar sight across a wide range of sectors. While there is no evidence that the widespread Microsoft Windows outage caused by the CrowdStrike upgrade was anything but accidental, many in the cybersecurity industry are seeing the past week’s experience as a dummy run for a full-fledged cyber-attack aimed at crippling critical infrastructure. As the current media pictures of people sleeping in airports testify, some sectors appear to be faring better than others.
Exclusive: Hostile nations ramp up attacks on US infrastructure
Recent reports that ransomware attacks on industrial organizations increased by over 50 percent in 2023 represent only “the tip of the iceberg.” According to operational technology (OT) cybersecurity company IXDen, critical infrastructure across the US is being attacked at unprecedented levels. “The vast majority of cyber breaches of critical infrastructure such as water and power facilities go unreported, although a precise figure is impossible to gauge. Those that are reported in the media are only the tip of the iceberg. OT attacks on private businesses are not reported at all, and in public organizations, they are rarely reported,” says IXDen CEO and Co-Founder Zion Harel.
Russian gang shuts down two Indiana counties
Clay County, Indiana, in the US, is sounding a Local Disaster Declaration in the wake of a “criminal ransomware attack” that occurred last week, following reports of increasing cyber-attacks on local governments across America. “Clay County local government suffered a significant ransomware attack in the early morning hours of July 9, 2024. This has resulted in an inability to provide critical services required for the daily operation of all offices of the Clay County Courthouse, Community Corrections, and Clay County Probation,” said the county in an official statement.
Public sector phishing attacks increase fourfold
With national elections coming up later this year, US public-sector organizations are experiencing unprecedented levels of phishing attacks designed to dupe government staff into opening weaponized links in fake emails. According to email security firm Abnormal Security: “Between May 2023 and May 2024, public sector organizations experienced an astounding 360 percent growth in phishing attacks. While phishing tends to consistently increase each year and regularly accounts for the majority of advanced threats, this level of growth is extraordinary.”
US to block use of Chinese semiconductor equipment
The US Congress has introduced a new act to prevent the Chinese and “other foreign entities of concern” from infiltrating the US’s domestic chipmaking industry. The bill, the Chip Equipment Quality, Usefulness, and Integrity Protection Act of 2024 (Chip EQUIP Act), follows on from the CHIPS and Science Act, enacted in 2022, which earmarked roughly $280 billion in new funding to boost US domestic research and manufacturing of semiconductors. It included $39 billion in subsidies plus tax breaks for US chipmakers. However, China has recently matched this with a new $40 billion investment in its own semiconductor industry, which will heavily focus on chip manufacturing equipment. In April, Chinese tech giant Huawei announced investing in new R&D capabilities to rival US, Japanese, and Dutch firms.
It’s official…It definitely IS the Russians
The US Federal Bureau of Investigation (FBI) has laid the blame for escalating worldwide ransomware attacks squarely at Russia’s door. Speaking at the 2024 Boston Conference on Cyber Security last week, FBI Cyber Division Assistant Director Bryan Vorndran said: “Almost all of the criminals developing sophisticated malware to enable ransomware attacks are based in Russian-speaking countries and operate as organized crime syndicates, similar to traditional organized crime elements.” He focused on the FBI’s earlier this year disruption of Dark Web ransomware gang LockBit, stressing that organized cybercriminal gangs, particularly Russian ones, are essentially the same as old-school mafia mobsters. They differ only in their methods and avenues of attack.
Bangladeshi Police Officer Caught Selling Citizen Data on Telegram – June 6th
In late April, the Brigadier General of Bandladesh's NTMC announced that two police officers had been caught selling citizen data on Telegram. Bangladeshi officials said the data allegedly sold included national identity details of citizens, cell phone call records, and other “classified secret information.”
New cyber threat from North Korea
Microsoft has identified a new North Korean threat actor, Moonstone Sleet. Also known as Storm-1789, Moonstone Sleet has set up fake companies and job opportunities to engage with potential targets and has even created a fully functioning computer game designed to trap the unwary. The potentially hostile nation-state of North Korea has long been suspected of resorting to cybercrime, targeting the West to fund its military build-up and commit ongoing cyber espionage against countries such as the US and the UK. But Moonstone Sleet is taking cyber-attacks on the West to new levels of sophistication, posing a threat to all organizations. Microsoft says Moonstone Sleet “uses both a combination of many tried-and-true techniques used by other North Korean threat actors and unique attack methodologies to target companies for its financial and cyberespionage objectives.”
Indian elections targeted by cyber-attacks
India’s current elections have become a prime target for malicious cyber activity on the part of foreign threat actors and independent hacktivist groups. With the results expected to be counted on June 4, the spike in cyber-attacks is a stark warning for other countries such as the US, the UK and the European Union (EU), which are also holding national elections later this year. Cybersecurity company Resecurity reports that the early stages of cyber-attacks have been observed since the launch of an #OpIndia campaign last year. Escalating geopolitical tensions across the globe are now heightening the threat to India at this crucial time, with the number of attacks increasing by nearly 300% following the launch of #OpIsrael, which coincided with heightened online protests in the context of the ongoing Israel-Gaza crisis.