CISA Helps Critical Infrastructure Organizations Prevent Ransomware Attacks Through Pilot Program
Hello, Guest.!
Tag Archive for: attacks
Russia behind cyber attacks on Western utilities, security firm says | Yle News
“It’s kind of an escalation in that we’re seeing more than just data collection, surveillance and intelligence gathering,” Mikko Hyppönen says.
Russia has used malware in cyber attacks on targets in Eastern European countries since at least mid-2022, according to Finnish cyber security firm Withsecure.
More specifically, the company has reported that a Russian military intelligence effort led to the breach of databases belonging to an Estonian logistics company.
Finland’s eastern neighbour also appears to have tampered with water utility data systems in the US, France and Poland, according to Mandiant, a data security firm and subsidiary of Google.
So far, the cyberattacks do not appear to have caused significant disruptions. For example, the attack in the US caused a water tank at a facility in Texas to overflow until the system was brought under control, according to CNN.
But according to Withsecure’s research director, Mikko Hyppönen, it is a serious matter if Russia has started carrying out cyber attacks on Nato countries’ utilities.
“It’s kind of an escalation in that we’re seeing more than just data collection, surveillance and intelligence gathering,” Hyppönen told Yle.
Hyppönen: Russia attacked Estonian firm
At the end of 2022 malicious code dubbed “Kapeka” helped hackers to breach a database belonging to an Estonian logistics firm. A recent study at Withsecure revealed who was behind the attack, according to Hyppönen.
“Our research linked the Kapeka malware directly to Russia’s Sandworm group, the country’s military cyber intelligence unit,” he explained.
The Sandworm group is known for having carried out several destructive attacks in Ukraine, including temporarily knocking out the war-torn country’s electricity grid.
“Kapeka’s development and deployment likely follow the ongoing Russia-Ukraine conflict, with Kapeka being likely used in targeted attacks of firms across Central and Eastern Europe since the illegal invasion of Ukraine in 2022,” a Withsecure brief on the matter explained.
According to Hyppönen, the Sandworm-delivered malware in Estonia caused disruptions at the…
CISA, Partners Warn Organizations of Akira Ransomware Attacks
The Cybersecurity and Infrastructure Security Agency and its U.S. and international partners have released a joint cybersecurity advisory, or CSA, warning organizations against the Akira ransomware that has targeted critical infrastructure entities in North America, Europe and Australia.
The CSA outlines known tactics, techniques and procedures used by Akira ransomware operators and indicators of compromise to help organizations respond to ransomware attacks, CISA said Thursday.
According to the advisory, Akira threat actors have deployed a Linux variant targeting VMware ESXi virtual machines after initially focusing on Windows systems.
As of January, the ransomware group has targeted more than 250 organizations and gained approximately $42 million in ransomware proceeds.
In August 2023, Akira attacks started using Megazord, using Rust-based code, and Akira ransomware written in C++ and encrypted files.
CISA and its partners encourage organizations to implement the mitigations outlined in the CSA to reduce the impact of Akira ransomware attacks.
How Israel could strike Iran, from cyber attacks to assassinations
The two states have been involved in a shadow war for decades, with Tehran funding terrorist groups around Israel and the latter responding with covert attacks
Article content
For days, Iran was bracing for an Israeli retaliation.
On Thursday night, long-distance aircraft fired missiles on an Iranian airforce base, breaking the lull in the Islamic Republic’s Isfahan city, Israeli media reported. Two Israeli officials reportedly confirmed the country’s involvement in the attack.
Article content
Italian Foreign Minister Antonio Tajani said the U.S. told members of the G7 that it received “last minute” information from Israel about a drone strike in Iran, but added that the U.S. did not participate in the offensive.
Advertisement 2
