Tag Archive for: long

Russian influence and cyber operations adapt for long haul and exploit war fatigue

/in


Since July 2023, Russia-aligned influence actors have tricked celebrities into providing video messages that were then used in pro-Russian propaganda. These videos were then manipulated to falsely paint Ukrainian President Volodymyr Zelensky as a drug addict. This is one of the insights in the latest biannual report on Russian digital threats from the Microsoft Threat Analysis Center: “Russian Threat Actors Dig In, Prepare to Seize on War Fatigue”

As described in more detail in the report, this campaign aligns with the Russian government’s broader strategic efforts during the period from March to October 2023, across cyber and influence operations (IO), to stall Ukrainian military advances and diminish support for Kyiv.

Video messages from American celebrities are used in Russian propaganda

Unwitting American actors and others appear to have been asked, likely via video message platforms such as Cameo, to send a message to someone called “Vladimir”, pleading with him to seek help for substance abuse. The videos were then modified to include emojis, links and sometimes the logos of media outlets and circulated through social media channels to advance longstanding false Russian claims that the Ukrainian leader struggles with substance abuse. The Microsoft Threat Analysis Center has observed seven such videos since late July 2023, featuring personalities such as Priscilla Presley, musician Shavo Odadjian and actors Elijah Wood, Dean Norris, Kate Flannery, and John McGinley.

a gallery of celebrity videos used in Russian propaganda

Samples of the videos promoting pro-Russian propaganda aiming to malign Ukrainian President Volodymyr Zelensky that feature different celebrities

Prigozhin’s death has not slowed Russia’s influence operations

The August 2023 death of Russian businessman Yevgeny Prigozhin, who owned the Wagner Group and the infamous Internet Research Agency troll farm, led many to question the future of Russia’s influence and propaganda capabilities. However, since then, Microsoft has observed widespread influence operations by Russian actors that are not linked to Prigozhin, indicating that Russia has the capacity to continue prolific and sophisticated malign influence operations without him.

Russia’s…

Source…

The Long Island Press Amplifies a RevBits White Paper that Explores a Devastating 2022 Cyber Hack on the Computer Systems of Suffolk County New York

/in





Mineola, N.Y., United States:
 

RevBits, a cyber security solution company based on Long Island, New York, completed a review of the 2022 Suffolk County, New York, cyber hack that rendered government systems largely inoperable for months, affecting municipal work and citizen interaction with their county government. The RevBits white paper, Suffolk Hack Part of a Chinese Plot?, was recently profiled in a companion piece in the September edition of The Long Island Press.


 

This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20230919470113/en/


 

One year ago, on September 8, 2022, an anonymous email appeared on the Suffolk County government computer system announcing a devastating hack: unnamed thieves had sized four terabytes of data – some 300 million pages of detailed government information, including highly confidential personal information regarding 26,000 current and former employees as well as banking and personal information related to more than 400,000 people who have received traffic and parking tickets over the past years.


 

The hack brought government systems to a halt: crippling the billion-dollar real estate industry, sideswiping tens of millions of dollars in vital payments to mom-and-pop suppliers and disabled key functions of the county’s 911 emergency system.


 

The RevBits white paper reveals that top US law enforcement and intelligence officials are convinced the intrusion was executed by Chinese government hacking teams as part of Beijing’s drive toward global supremacy by 2049.


 

The white paper, initiated by RevBits CEO David Schiffer, who founded and headed Safe Banking Systems prior to running RevBits, is a veteran of the cyber-world, having intersected with many of the biggest computer cases of the past decades from Kremlin money laundering to security lapses at the FAA. “This hack hits close to home for us – we are a Long Island-based company, and I have been a Long Island resident nearly my whole life,” said Schiffer. “The scourge of state-sponsored hacking needs to be taken seriously by companies but, even…

Source…

Jasson Casey, Beyond Identity: “malware doesn’t care if your password is four characters or four thousand characters long”

/in


The increasing reliance on using the internet has businesses, governments, and individuals more aware of data security and identity protection. One of the primary concerns is password protection.

No matter how secure your passwords are, cybercriminals with the right malware will find a way to steal them. Even the leading VPN might be insufficient for full data protection and online security. Cybercriminals have access to the same advancing technology and software apps that the rest of the public does. That access resulted in an increase in cyberattacks by stealing passwords. Avoiding these risks means taking the time to learn more about preventative measures.

To discuss the issue in more detail, we spoke with Jasson Casey, the CTO at Beyond Identity – cybersecurity company advancing toward Zero Trust Authentication through constant risk assessment and continuous security validations.

How did Beyond Identity originate? What has the journey been like?

Two and a half decades ago, our founders – Jim Clark and Tom Jermoluk, made the World Wide Web accessible to all. They made it ready for business. Jim spearheaded the release of the Netscape browser along with SSL for secure Internet transactions. Tom focused on large-scale home broadband access with @Home Network. As businesses, governments, and individuals increasingly relied on the Internet, so too did bad actors. Bad actors eroded trust, stole intellectual property, and pilfered funds.

There are hundreds of billions of passwords in the world today. Yet, we continue to rely on this fundamentally insecure authentication model. Passwords are insecure because these “shared secrets” transit networks get stored in unprotected databases. They are also shared among friends and family. Ultimately, they’re reused across multiple apps. With the creation of Beyond Identity, the SaaS platform goes above and beyond FIDO standards. Our passwordless, invisible MFA supports broad authentication use cases. It turns all devices (including computers, tablets, and phones) into secure authenticators. Our platform validates the user and verifies the device is authorized. It checks the security posture of the device and executes an…

Source…

Ransomware Gang Haunted US Firms Long Before MOVEit Hack

/in


Shell Plc, IAG SA’s British Airways, the British Broadcasting Corp., the state of Minnesota’s Department of Education, multiple federal agencies — they’re among the victims of the latest data breach launched by Clop, a Russian-speaking hacking group that’s attacking targets around the world in both the public and private sectors. 

The Clop gang, also known as Cl0p, is known for “driving global trends in criminal malware distribution,” according to the US Cybersecurity and Infrastructure Security Agency, or CISA. Clop has pulled off its latest breach by exploiting a weakness in MOVEit, a file-transfer product that companies and organizations use to transmit sensitive data. Once the hackers penetrated MOVEit, they could access data stored on MOVEit servers, a portal that’s enabled them to steal personal information from industry giants with tens of thousands of employees and government agencies that handle data, some of it sensitive, on millions of people. 

The hacking group claimed it obtained data from hundreds of companies, and while that allegation is difficult to confirm, the list of victims keeps growing.  For instance, the US Department of Energy received a ransom request from Clop after two of its entities were affected by the breach. The Oak Ridge Associated Universities, which manages a contract with several of the department’s national laboratories, and the National Nuclear Security Administration, the agency arm that maintains the US nuclear stockpile, received the request but didn’t respond, a spokesperson for Oak Ridge said.

Another ransom request was received by an Energy Department arm affected by the hack, the Waste Isolation Pilot Plant, which stores nuclear waste underground in New Mexico, Reuters reported.

Clop is the name of a variant of ransomware, a type of malware used to encrypt a victim’s computer files in lieu of a payment. It is also the name of a financially motivated criminal gang that uses a variety of methods to extort its victims: by deploying ransomware and demanding payment; by stealing sensitive documents and threatening to post them online unless a payment is made; or both.

Source…