Category: russia

After the cyber attack on the British Army’s Twitter and YouTube feed, the National Cyber Security Centre (NCSC) has issued a warning against Russian hacking efforts on National Infrastructure.

The cyber arm of GCHQ is urging organizations to give regular breaks to the frontline cyber workforce to recharge, as the work pressure will quadruple in the coming months.

As Ukraine’s war with Russia is raging, NCSC believes that businesses and public entities should be prepared for any n every kind of digital assault.

According to an investigation conducted by representatives of ITV News, many of the public and private entities operating in the UK are vulnerable to attacks, as their web portals are filled with multiple backdoors that can be exploited by hackers anytime.

Interestingly, it was discovered in the investigation that the UK Council spent £32,000 a year on bolstering the government’s IT Infrastructure’s cyber security posture. And that seems to be too low when it must triple as per the current needs of the cyber posture.

Although many have condemned ITV for releasing a report without giving clarity on the standards followed by it to find out the figures, they agreed that websites need to improve their security postures to mitigate any risks associated with state-funded attacks.

Paul Maddison, the director of Resilience and Strategy, NCSC, shared his insights on this note. He said that the ongoing conflict between Ukraine and Russia can trigger more troubles for the UK and the entire world as it can deepen the fuel supply crisis across the UK and can pull down the economy forever.

The post Russia Ukraine War ejects cyber attack concerns in the Britain appeared first on Cybersecurity Insiders.

How did a saxophonist sneak sensitive information in and out of the Soviet Union? How might an Apple AirTag have led to murder? And isn't the world of cryptocurrency and blockchain doing just great? All this and more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.

Russia is saying that western nations like the United States and the UK are launching cyber attacks on its critical infrastructure in the name of “Glory of Ukraine”. The Putin-led nation warned about direct military warfare if the west doesn’t tone down its acts, as it might lead to serious consequences.

As soon as Vladimir Putin started invading Ukraine in the last week of February this year, the entire world, including developed nations such as UK and USA, was against the war. They not only openly confessed their dislike against the act but also pressed sanctions on Russia, which are now struggling to provide even the basic essentials to its populace.

Frequently, Kremlin tried to warn the Biden-led nation against the supply of arms, ammunition, essentials, and financial support to the Zelensky-led nation.

But Biden or its allies, like Boris Johnson, listened to those threats.

In May this year, a hacking group named Anonymous issued a pledge that it will start taking down all the power utilities, water facilities, and nuclear infrastructure in Moscow to create a kind of fear among the Russian public,

Kremlin feels the group is being funded by the West and its only motive is to take down its infrastructure to the core. And if is true, Russian Federation is ready to launch a special military operation on all its adversaries and is ready to fight till it achieves a win.

 

The post Russia warned the West against cyber attacks and threatened direct military warfare appeared first on Cybersecurity Insiders.

Russia started a war in Ukraine in the early hours of February 24th,2022, and even after 100 days of the invasion, the country could not get a complete hold of the entire region. On one hand, Putin’s led nation is facing a fund, ammunition, and manpower crunch on the other, it is also facing cyber threats from Ukraine.

Russian State News Agency RIA Novosti released a report that the country’s Construction, Housing, and utility website was down because of a cyber attack launched by Anonymous Group, which stated that it made the hack in the Glory of Ukraine.

Interestingly, RIA states sensitive data was stolen from the website and now the hackers are demanding a ransom to prevent data from spilling onto the dark web.

Security analysts state that the Anonymous group never indulges in threatening tactics. However, there is also doing around on the internet that the said hacking group might have indulged in blackmailing to keep its cash registers ringing.

Kremlin touted the latest hack as the biggest in the country’s history after the start of the war with Ukraine in Feb this year. In May, a state television channel was hacked on Victory day and almost 90 days ago, news agency TASS and News resource Kommersant were hacked.

Killnet, a Pro-Russian hacking group, has announced that it will launch a retaliation-filled cyber attack on the criminal gang that is behind the attack. Also, it reiterated the fact that the west needs to pay a heavy price for supporting Ukraine in the hack.

 

The post Russian Construction and Housing website hacked for war on Ukraine appeared first on Cybersecurity Insiders.

We all know that half of the ransomware gangs that are operating in the wild are from Russia or are being financially backed by Kremlin. So, after analyzing the current situation in the cyber landscape, the FBI has concluded that the Putin-led government is all set to the cyber-attack United States pretty soon!

It is going to be a destructive attack and will primarily focus on the critical infrastructure like power and water utilities and that too is going to happen soon, says the FBI in a statement released yesterday.

Meanwhile, the law enforcement agency proudly disclosed that it disrupted the 2021 Iranian digital attack on Boston Children’s Hospital that could have led to the death of several children.

Moscow now has the intention to cut down the supply of arms and finances to Ukraine from the west and so is planning to target the US and UK in the coming weeks as it wants to corner the Zelensky-led nation.

As it is becoming extremely difficult to gain a potential hold on Kyiv, after 100 days of battle, the Vladimir Putin-led nation is now planning to corner the nation with nuclear bombs, to win the war at any cost.

Its first plan is to cut down essential supplies to Ukraine, after which the populace will automatically bow down their heads to its military troops. And that can only be achieved if it blocks the west from waging any kind of interference on the battlefield.

Second, Russia wants to teach a lesson to the west for supporting Ukraine as without the support it would have conquered the nation within 15 days of its invasion.

To do so, it is first planning to take down the digital infrastructure and later launch a devastating war from air, land, and sea. And to purpose its objectives, the nation will never think twice about launching nuclear attacks.

So, it is better if the west takes all necessary measures to strengthen its current cybersecurity posture.

 

The post Russia to the cyber-attack United States with the help of its Ransomware gangs appeared first on Cybersecurity Insiders.

Interesting paper by Lennart Maschmeyer: “The Subversive Trilemma: Why Cyber Operations Fall Short of Expectations“:

Abstract: Although cyber conflict has existed for thirty years, the strategic utility of cyber operations remains unclear. Many expect cyber operations to provide independent utility in both warfare and low-intensity competition. Underlying these expectations are broadly shared assumptions that information technology increases operational effectiveness. But a growing body of research shows how cyber operations tend to fall short of their promise. The reason for this shortfall is their subversive mechanism of action. In theory, subversion provides a way to exert influence at lower risks than force because it is secret and indirect, exploiting systems to use them against adversaries. The mismatch between promise and practice is the consequence of the subversive trilemma of cyber operations, whereby speed, intensity, and control are negatively correlated. These constraints pose a trilemma for actors because a gain in one variable tends to produce losses across the other two variables. A case study of the Russo-Ukrainian conflict provides empirical support for the argument. Qualitative analysis leverages original data from field interviews, leaked documents, forensic evidence, and local media. Findings show that the subversive trilemma limited the strategic utility of all five major disruptive cyber operations in this conflict.

Dr. Melanie Garson, an international security specialist working for the University College of London, expressed her deep concerns about national security while interacting with a news web resource.

She said that hospital infrastructure was on the verge of being cyber-attacked by Russian sleeper cells, whose aim is to disrupt the healthcare infrastructure and to create panic among patients and their near & dear.

Melanie claims that a hacking group named Killnet, supposed to be funded by Kremlin, was threatening to hit the ventilators operating for NHS, after the arrest of a cyber crook working for a pro-Russian hacking organization.

As the threat was posted on a Telegram group, Dr. Garson expressed more concern as it was going in lines of the 2017 Wannacry Ransomware attack that crippled the IT infrastructure of the NHS to the core.

In another story linked to a Russian hacking group named Coldriver, information is now out that the said notorious hacking group was involved in stealing email content pertaining to former MI6 Director Sir Richard Dearlove, Gisela Stuart, and Robey Tombs between Aug’18 to July 2019.

According to an investigation launched by Reuters, Coldriver was the group behind the leak of Terra May’s Brexit campaign in early 2020, officially known as the ‘Clean’ EU Exit deal. The group was assigned the job of tarnishing the image of May in the political circuit that paved the way to the election of Boris Johnson.

Now, Coldriver’s are launching phishing attacks on Ukraine officials to steal vital details related to military help, financial help and essential supply made to the Zelensky-led country from foreign nations.

Their aim is to discover the data and publish it in the media to malign the sympathy image gained by Ukraine in the international field after the Russian invasion.

 

The post Britain hospitals to be cyber attacked by Russian Sleeper cells appeared first on Cybersecurity Insiders.

As soon as Russia waged a war on Ukraine, the entire world led by the United States termed it as a war on innocent and pressed sanctions on the Putin led nation, to pressurize him in stopping the war.

But Vladimir Putin was adamant about his Ukraine invasion and intensified the war to take control of Kyiv.

It has been almost 100 days, and nothing seems to stop Kremlin’s invasion in the Ukraine.

News is out that Russian hacking gang members are feeling the pinch of sanctions, as they are not in a position to monetize their cyber attacks.

During a virtual conference, Rob Joyce, the National Security Agency’s Director of Cybersecurity, disclosed the news about Russian hackers feeling the pinch and confirmed that it has led to a decrease in ransomware attacks.

However, in retaliation for sanctions, the Russian government could launch critical cyber attacks targeting US Critical Infrastructure operated by energy, nuclear and financial firms along with those operating in the Telecom sector.

Like how hackers from Moscow launched digital assaults on Starlink Satellite communication links owned by Tesla Chief Elon Musk that kept Ukraine connected with the world in early March this year.

Joyce also confirmed that the “Shields Up” campaign taken up by the white house in encouraging companies to raise their defense-line against cyber attacks was yielding significant results.

Note– It’s heard that Putin has ordered his officials to apply counter measures to situations where sanctions were being employed, such as demanding rubles for essentials, fuels and such.

 

The post Russian Ransomware hackers getting frustrated by sanctions appeared first on Cybersecurity Insiders.

Conti Ransomware gang has announced that it is going to shut down its digital operations and will come as a rebranded version split into multiple groups soon. According to the intelligence update provided by security vendor AdvIntel, the group was forced to take this action because of internal conflicts developed in its syndicate after its announcement to support Russia in its invasion in Ukraine.

From February this year or just after a few days after the start of the Russian war with Ukraine, the notorious organization announced its support to Putin and launched several cyber attacks on the critical infrastructure of Ukraine.

This did not go down well with some gang members, who not only retaliated the actions, but leaked classical info about the gang operations to law enforcement agencies in UK and USA.

After the gang launched a ransomware attack on the government of Costa Rica, Biden led the government announced a $10m reward to those who disclose details about the hacking group and also ordered the Costa Rican government not to pay a ransom to hackers.

Hence, a strict vigil started on a digital note, thus blocking Conti from receiving payments and launching any further attacks.

Thence, in this way, the Conti Ransomware group seems to have dug its own grave and is repenting with its past move of supporting Russia in its invasion of Kyiv.

Note 1- Conti has assured that it will return by splitting its self into multiple ransomware distribution groups and this time it will target large-scale organizations that have the potential to pay double-digit figures in millions.

Note 2- AdvIntel announced the shutdown of Conti on May 20th, 2022, i.e. Friday, and hinted that the gang might bounce back within a couple of months to target large organizations in the Christmas season this year.

 

The post Conti Ransomware to shut down and come rebranded into multiple groups appeared first on Cybersecurity Insiders.

Speaking at the Microsoft Envision held in London UK, Microsoft President Brad Smith said that cyberspace has become a new domain for cyber warfare. He argued that his perspective was cemented as soon as Russia started its invasion of Ukraine, where it not only attacked the nation’s populace from air, land, and water. But also on a digital note, targeting the critical infrastructure like power utilities, nuclear reactors, and essential storage warehouses.

It is a kind of hybrid war where the enemy is not only aiming to occupy the region but to dictate it from thereafter, added Mr. Smith.

During World War II, the UK government thought deeply and moved all its communication systems underground. Brad believes that the decision was taken as per the technology requirements reflecting that time.

He added the same was repeated the history by Ukraine’s government as most of the communication and applications were shifted to the cloud. Thus, paving the way for fail-over in negative scenarios to keep the digital continuity(communication systems) intact.

Smith openly disclosed that Putin started the war long before February 24th this year by launching cyber assaults from September 2021 and trying to disrupt digital services in and around Kyiv via DDoS attacks and website defacement emerging from cyber-kinetic attacks.

Microsoft Threat Intelligence teams were busy mitigating the risks. But they never expected that the virtual war will turn physical by February this year said Mr. Smith.

That’s true as no one expected a war between Vladimir Putin and Volodymyr Zelenskyy and never imagined it going long and touching the mark of three months (90 days) from the start.

 

The post Cyber Space has become a new domain for warfare, says Microsoft appeared first on Cybersecurity Insiders.