Tag Archive for: identifies

Enea identifies trends that will shape the mobile industry in 2022

/in


Nation states will ramp up mobile cyber attacks; hyperscalers will mimic Google and introduce powerful proprietary encryption protocols; and new edge clouds could make the last mile vulnerable.

These are amongst the major trends Enea has highlighted in a new report about top trends that will shape the mobile industry in 2022. Each year, Enea surveys a cross-section of mobile industry thought leaders and experts to identify the key trends for the next 12 months.

For 2022, those thought leaders included ABI Research, Analysys Mason and Strategy Analytics. The trends in 2022 include the following.

State-sponsored cyber attacks accelerate and evolve: 2022 will undoubtedly bring an increase in the number and sophistication of nation state cyber attacks on mobile telecom infrastructure, the report finds.

As tensions between global power brokers intensifies in hotspots such as Taiwan, Ukraine and Kazakhstan, mobile networks’ value as a target for espionage and disruption will soar.

Furthermore, IT/OT/telco convergence and 5G’s expanded attack surface including 2G, 3G and 4G weaknesses will all provide ripe terrain for achieving geopolitical ends via cyber warfare.

Hyperscaler protocols dictate terms to operators: Complex encryption protocols, such as Google’s QUIC, based on UDP, were meant to keep subscribers safe and improve web and video performance, and they have.

However, they’ve left operators scrambling to maintain the traffic visibility they need to stay in the game, the report states. Expect more trouble ahead as UDP dominates traffic, and newer encryption protocols like eSNI and DoH/DoT become the norm.

Video delivery shifts to new edge clouds: According to analysts, the edge cloud market for mobile operators is set to grow significantly in 2022. Ultra-low latency applications like live multi-angle sports streaming and cloud gaming will be at the forefront of this growth. While Content Delivery Networks (CDNs) have been bringing content and users closer together for many years, the nature of the edge cloud tilts the game in favour of mobile operators, who have ready-to-go locations across thousands of towns and cities.

Sustain the environment and the bottom…

Source…

Ukrainian security service identifies Russian FSB officers behind Primitive Bear. US sanctions four spyware firms, including NSO Group.

/in


By the CyberWire staff

Ukrainian security service identifies Russian FSB officers behind Primitive Bear.

Ukraine’s security service, the SSU, has identified five Russian FSB officers as operators behind the Gamaredon threat actor (also known as “Primitive Bear”). The group has specialized in targeting Ukrainian critical infrastructure and classified networks. The group is centered, geographically, in Russian-occupied Ukraine, and the FSB chatter the SSU intercepted includes a lot of whining about getting shafted out of awards and bonuses, recognition going to the undeserving, and everybody having to get tested for COVID at work.

US sanctions four spyware firms, including NSO Group.

The US Department of Commerce has sanctioned four companies for providing spyware to foreign governments. NSO Group and Candiru (both based in Israel) have been added to the Entity List, as have Positive Technologies (a Russian firm), and the Computer Security Initiative Consultancy PTE (headquartered in Singapore).

Of the two Israeli firms, Commerce said they “were added to the Entity List based on evidence that these entities developed and supplied spyware to foreign governments that used these tools to maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers. These tools have also enabled foreign governments to conduct transnational repression, which is the practice of authoritarian governments targeting dissidents, journalists and activists outside of their sovereign borders to silence dissent. Such practices threaten the rules-based international order.”

Positive Technologies and the Computer Security Initiative Consultancy were placed on the Entity List after, Commerce said, “a determination that they traffic in cyber tools used to gain unauthorized access to information systems, threatening the privacy and security of individuals and organizations worldwide.”

The sanctions, Commerce explains, represent a move in support of human rights. “This effort is aimed at improving citizens’ digital security, combating cyber threats, and mitigating unlawful surveillance and follows a recent interim final rule released by the Commerce Department…

Source…

Ukraine Identifies Russian FSB Officers Hacking As Gamaredon Group

/in


Ukraine’s premier law enforcement and counterintelligence agency on Thursday disclosed the real identities of five individuals allegedly involved in cyberattacks attributed to a cyber-espionage group named Gamaredon, linking the members to Russia’s Federal Security Service (FSB).

Calling the hacker group “an FSB special project, which specifically targeted Ukraine,” the Security Service of Ukraine (SSU) said the perpetrators “are officers of the ‘Crimean’ FSB and traitors who defected to the enemy during the occupation of the peninsula in 2014.”

Automatic GitHub Backups

The names of the five individuals the SSU alleges are part of the covert operation are Sklianko Oleksandr Mykolaiovych, Chernykh Mykola Serhiiovych, Starchenko Anton Oleksandrovych, Miroshnychenko Oleksandr Valeriiovych, and Sushchenko Oleh Oleksandrovych.

Since its inception in 2013, the Russia-linked Gamaredon group (aka Primitive Bear, Armageddon, Winterflounder, or Iron Tilden) has been responsible for a number of malicious phishing campaigns, primarily aimed at Ukrainian institutions, with the goal of harvesting classified information from compromised Windows systems for geopolitical gains.

The threat actor is believed to have carried out no fewer than 5,000 cyberattacks against public authorities and critical infrastructure located in the country, and attempted to infect over 1,500 government computer systems, with most attacks directed at security, defense, and law enforcement agencies to obtain intelligence information.

“Contrary to other APT groups, the Gamaredon group seems to make no effort in trying to stay under the radar,” Slovak cybersecurity firm ESET noted in an analysis published in June 2020. “Even though their tools have the capacity to download and execute arbitrary binaries that could be far stealthier, it seems that this group’s main focus is to spread as far and fast as possible in their target’s network while trying to exfiltrate data.”

Besides its heavy reliance on social engineering tactics as an intrusion vector, Gamaredon is known to have invested in a range of tools for scything through organizations’ defenses that are coded in a variety of programming languages such as VBScript, VBA Script, C#, C++, as…

Source…