Category: russia

Eurovision Song Contest has experienced multiple numbers of cyber threats from Russian Federation and the reason is that Ukraine had fair enough of chances to win the competition through Kalush Orchestra.

Killnet hacking group that is being funded by Kremlin was assigned the duty to disrupt the servers of Eurovision to block Ukraine winning all the accolades. As Moscow has been banned from participating in the contest because of its invasion on the Zelenskyy led nation from February 2022, Killnet was assigned digitally by bringing down the whole of the contest.

After winning the semi-finals in Italy, Karun Orchestra was aiming for a win in the finale as it will not only give a morale boost to all the participants, but will bring in a lot of cheers into the populace of Ukraine who are currently busy battling with the soldiers of Putin.

The IT Company that has been assigned the task to looking into the digital operations of the online voting systems related to the singing contest have declared it officially, that they were registering fake web traffic onto their website and it could be a resultant of the constant Ddos threats emerging from hackers working for Russian Intelligence.

Good news is that the command center neutralized all such attacks, as they were already prepared to counter such attacks proactively.

On May 14th, 2022 Eurovision Singing Contest was held in Turin, Italy and the Kalush Orchestra from Ukraine won the title for its incredible song titled “Stefania”. Thus, with the latest achievement, Ukraine joined the list of countries that won the singing contest for the third time, i.e. in 2004, 2016 and in 2022.

 

The post Russia launched multiple cyber attacks on Eurovision Song Contest appeared first on Cybersecurity Insiders.

An army of hackers in sympathy with Ukrainian civilians hacked the Russian TV and posted a message saying ‘ No to War’. The hack came in the early hours of Monday when most Television Channels were preparing to air the celebrations for the annual Victory Day Military Parade held at Red Square by Vladimir Putin.

After a few minutes of the cyber attack, the message containing text saying ‘No to War’ was removed and a new message stating ‘ the blood of thousands of Ukrainians and hundreds of their children in on your hands’ was posted.

The good part of this hack is that it only affected viewers watching the television content online through the streaming and satellite services offered by MTS Mobile Operator, NTV Plus, Rostelecom, and Wink.

What astonished the entire world is the President’s strange gait at the parade as he was found limping while taking a walk to his seat and covering his leg with a half-sized blanket to keep his lower part of the body, especially, his legs warm.

The digital assault probably launched by the Anonymous Hacking Group also disrupted TV Zvezda, the channel run by the Russian Defense Ministry,.

On the war front, Kremlin has intensified its shelling on the borders of Ukraine and is planning to take control of the entire nation with more vigor in the next few weeks to come.

Moscow is also planning to take control of the IT Infrastructure operating in government agencies on a remote note and has prepared a special cyber arm to conduct related operations with great perseverance.

 

The post Russian TV hacked on Victory Day Military Parade appeared first on Cybersecurity Insiders.

Russia is not only indulging in a physical war with Ukraine, but has been consistently attacking it on a digital note via cyber attacks. But thankfully, God and Google seem to be on the side of Ukrainians, as the former has been saving most of them from the physical war, while the latter has been busy saving the nation from digital assaults.

Google’s Threat Analysis Group released a report on this note saying countries like North Korea, China, and Iran were also trying to use the situation by targeting the critical infrastructure of Ukraine. And the motive is simple, to check for susceptibilities in the critical infrastructure and to pass on the information to allies for more exploitation.

In March this year, the Alphabet Inc’s subsidiary issued an alert to CISA that many state-sponsored attacks were being targeted at the United States as it was supporting Ukraine in the war in all forms. Cozy Bear aka Fancy Bear is the state-sponsored group that was found targeting power stations and nuclear reactors in and around Ukraine.

The Biden-led nation knows well how to deal with the situation. But Ukraine needs help on this note, as many of its tech engineers are out of their jobs as they are busy saving the nation or their families.

For this reason, Russia assigned launching phishing attacks against the “Curious George” group against military, logistics, and manufacturing organizations in Ukraine, while its Ghostwriters group was seen sending phishing emails to innocent individuals by spoofing Google Drive and OneDrive websites and luring them to disclose their online service credentials.

Google is not only helping the people of Ukraine by protecting them from cyber attacks, but also assisting them on humanitarian grounds. As it has so far donated $45 million in donations and grants to the International Rescue Committee that is supervising the social work activities in Ukraine, especially in Kyiv and Mariupol.

 

The post Google is protecting Ukraine from State Sponsored Cyber Attacks of Russia appeared first on Cybersecurity Insiders.

Microsoft has issued a serious warning to companies serving the healthcare sector in the United States and Ukraine. And the alert is related to a wiper malware that has the potential to disrupt the IT infrastructure on an entire network.

John Riggi, the National Advisor for Cybersecurity at the American Hospital Association, said that the danger was currently lurking in the darkness and could hit its target soon.

Riggi mentioned a 2017 Wannacry Ransomware Attack on companies across the globe and said that such an attack is due to be launched by Russian hackers in the coming weeks and it can be much more disastrous than what it proved in the past.

Russia has started a hybrid war of attack on Ukraine on the ground, through the air, on water, and on the digital front and is leaving no stone unturned to win the battle.

Healthcare sector will be its primary target as it wants the Zelensky-led nation to knees within no time and surrender to its forces.

Russian hackers will also aim at the healthcare sector operating in the Biden-led nation as it is offering open support to Ukraine by sending funds, ammunition, and essentials to keep the military and civilians in Ukraine sustained.

If all these instances fail, then Putin might plan to take down Ukraine and its allies with Nuclear power and for that reason the President of the Russian Federation is always seen carrying a black-colored box with him that has the red button to launch nuclear bombs on western countries.

 

The post Wiper malware threat to the healthcare sector in US and Ukraine appeared first on Cybersecurity Insiders.

Microsoft’s Digital Security Unit has confirmed that Russian cyber attacks on Ukraine were timed in such a way that they coincided with the timing of military strikes. The American technology giant stated the attacks were timed just before military attacks to either weaken the target digitally or to double strike it in such a way that it never recovers from the assault.

A report released by the Digital Security Unit owned by the Windows giant states the two major attacks hitting a television broadcaster and a nuclear power plant in the first week of March were crafted to down the morale of the Ukraine, President Zelensky and his Ministers.

The plan was to strike the region’s critical infrastructure and the military strength both at a time.

It was a pre-planned war as the digital attacks emerged in early 2021 and were launched by Nobelium and Strontium group to access the digital strength of government and private companies serving the critical infrastructure.

After the war started on February 24th, 2022, Kremlin involved two other groups in cyber attack campaigns. First, it was the Iridium group that was assigned spreading disinformation by stealing info from government networks and leaking their projects to the world. Second, it was Bromine, whose primary duty was to infiltrate nuclear facilities of Ukraine and take control of servers, thereafter customizing them to run on the commands of Vladimir Putin.

Microsoft recommends companies to install endpoint detection and response solutions having potential to identify and remediate intrusions having malicious intent.

 

The post Microsoft confirms Russian Cyber Attacks on Ukraine coincided with Military Strikes appeared first on Cybersecurity Insiders.

Intelligence agencies from the west have issued a special alert yesterday stating that the Work from Home (WFH) culture could add fuel to Russian Cyber Attacks and may rise their success score from 30% to 70%.

An alert issued by Five Eyes Alliance comprising countries such as Australia, New Zealand, Canada, UK and US cautioned the companies managing critical infrastructure and asked them to keep a strict vigil on employees working from home.

Usually, employees following the WFH cultural pattern do not follow the basic required cyber hygiene because they feel hackers can never target them.

But Five Eyes claims that none on the internet are safe and so should take proper precautions to safeguard their networks from malicious cyber threats.

Those business sectors that are under constant threat are nuclear power plants, airports, bus and rail transits, water utilities, power sector and fuel supply.

Russian President Vladimir Putin has already issued a serious warning that all those nations supporting Ukraine will have to face his country’s wrath and might face nuclear power invasion if forced.

Five Eyes claims that Russian FSB and GRU have received an order from Kremlin they prepared for a digital assault on nuclear reactors operating in the west from the first week of May.

FBI has issued an alert that hacking groups named Mummy Spider, Killnet, Salty Spider and The Xaknet Team have been assigned attacking government networks to the core with malware or other spying tools. Their aim in doing so is to collect information about the population, military intelligence and cybersecurity measures, followed by private firms.

Therefore, all CIOs and CTOs of businesses operating in the west are being urged to proactive upgrade their networks with required software and enforce multi-factor authentication at the earliest.

Microsoft authenticated the threat update released by Five Eyes and added that Russian has been launching constant cyber assaults on Ukraine’s critical infrastructure from the day it began the invasion from the early hours of February 24th,2022.

 

The post Work from home culture could fuel Russian Cyber Attacks appeared first on Cybersecurity Insiders.

Microsoft has a comprehensive report on the dozens of cyberattacks — and even more espionage operations — Russia has conducted against Ukraine as part of this war:

At least six Russian Advanced Persistent Threat (APT) actors and other unattributed threats, have conducted destructive attacks, espionage operations, or both, while Russian military forces attack the country by land, air, and sea. It is unclear whether computer network operators and physical forces are just independently pursuing a common set of priorities or actively coordinating. However, collectively, the cyber and kinetic actions work to disrupt or degrade Ukrainian government and military functions and undermine the public’s trust in those same institutions.

[…]

Threat groups with known or suspected ties to the GRU have continuously developed and used destructive wiper malware or similarly destructive tools on targeted Ukrainian networks at a pace of two to three incidents a week since the eve of invasion. From February 23 to April 8, we saw evidence of nearly 40 discrete destructive attacks that permanently destroyed files in hundreds of systems across dozens of organizations in Ukraine.

UK’s Ministry of Defense (MoD) has released a press statement that few of its servers might have been compromised by hackers believed to be working for the Russian government. The suspicion finger pointed out towards Kremlin as the cyber crooks stolen classical data related to 100 British Army recruits who were working in other nations as spies.

News is out that the activity was conducted in January this year when a Russian agent infiltrated a database belonging to MoD and stole critical information.

Details of the hack were detected in the first week of April 2022 while the IT staff was going through a routine security check.

As of now, hacked details of only 124 spies were found to be stolen from an outsourcing firm named Capita and the numbers might increase as the investigation unfolds the mystery on a further note.

The data steal was discovered when a hacking group was trying to sell information related to 9 spies on the dark web while promoting the activity on Twitter.

Information Commissioner’s Office has taken a note of the situation and is assured to react after a detailed investigation report is submitted to it.

Tory MP Mark Francois tagged the data breach as extremely concerning for the government and entire nation, as data leaks could put the lives of the on-duty spies working for the nation and their families in extreme danger.

Cybersecurity Insiders have learnt that hackers got their hands on the details such as addresses, DoBs, qualifications, employment history, full names and family details.

Note- Capita is handed over £3 billion worth of business every year by governments and private entities and from the past three years received £900m as contract amount with the MoD to run Army Recruitment.

 

The post Russia could have hacked the UK Spy agency says MoD appeared first on Cybersecurity Insiders.