Tag Archive for: NationState

“Unpatchable” hardware flaw. Nation-state conflict in cyberspace. Threat actor Aoqin Dragon has been operating since 2013.

/in


Dateline

Ukraine at D+106: Cyber ops and escalation. (The CyberWire) An artillery war in the Donbas. Russia warns that Western, especially US, “aggression and encouragement of banditry” in cyberspace risks escalation into full combat, and that Washington can be sure that Moscow will retaliate. Beijing issues a similar warning, with special mention of the risks small countries assume when they accept American cybersecurity aid. Canada is on “high alert” for Russian cyberattacks. And Mr. Putin identifies with Tsar Peter the Great.

Live updates | Ukraine: Russia still attacking eastern city (AP NEWS) The Ukrainian army says Kyiv’s forces continue to frustrate Russian attempts to take the fiercely contested eastern city of Sievierodonetsk. “The occupiers, with the help of motorized rifle units and artillery, conducted assault operations in the city of Sievierodonetsk.

‘Dead Cities’ Become the Flashpoint for the Fierce War in the East (New York Times) President Volodymyr Zelensky has framed the battle in Sievierodonetsk as pivotal to the broader fight for the Donbas. Amid relentless Russian attacks, Ukraine holds on and waits for Western weapons.

Key city’s fate in balance as fighting rages in east Ukraine (AP NEWS) Russian forces pounded an eastern Ukrainian city Thursday and the two sides waged pitched street battles that Ukrainian President Volodymyr Zelenskyy said could determine the fate of the critical Donbas region.

UK says Mariupol at risk of cholera outbreak (Reuters) Ukraine’s southern city of Mariupol is at risk of a major cholera outbreak as medical services are likely already near collapse, Britain’s defence ministry said on Friday.

We’re almost out of ammunition and relying on western arms, says Ukraine (the Guardian) Exclusive: Deputy head of military intelligence says it’s an artillery war now and ‘everything depends on what the west gives us’

Live Updates: Ukraine’s Pleas Grow Louder as Soldiers Are Outgunned and Putin Talks of Empire (New York Times) As Ukrainian soldiers try to hold on in the besieged city of Sievierodonetsk, President Volodymyr Zelensky said that his country must not be forced to stay in a “gray zone” and that it needed more weapons…

Source…

Nation-state attacks are hard to spot. It’s time for a new approach to threat detection

/in


Nation-state attacks are hard to spot. It’s time for a new approach to threat detection | Security Magazine




Source…

Nation-State Cyber-Attack Tools Enter Black Market, With Rise In Ransomware As A Service

/in


Cyber-attacks are on the rise globally, accelerated further after the pandemic forced the world into a remote workforce and a digitized ecosystem. In India, cyber-attacks have doubled in the past three years, according to University of Surrey research, with enterprises the most common target of these attacks. 

Air India experienced a devastating cyber-attack in February, with 4.5 million customers having their data compromised, prompting the enterprise to encourage all of its customers to change their passwords. In January, Indian payment provider Juspay experienced a data breach, with 35 million customers having their data, including card information and fingerprint scans, released on the dark web for anyone to buy. 

India is ranked among the top-3 most frequently attacked company for years, according to our own Cyber Readiness Report 2020/2021. With 1.15 billion phones and 700 million internet users, India exposes a vulnerable and large user base and plenty of surfaces for cyber-attacks to take off.

CodingUnsplash/Representational image

One of the most well-known cyber-attacks was the WannaCry attack, a worldwide ransomware cyber-attack occurring in May 2017 using the WannaCry cryptoworm. This attack targeted computers running Microsoft Windows, encrypting data and extorting money out of victims with ransom threats. This attack used the EternalBlue exploit to gain access, an exploit developed by the U.S. National Security Agency (NSA) and leaked by a hacker group called the Shadow Brokers, a name referencing a character in the video game series Mass Effect. The SolarWinds supply chain attack from May was also launched by nation-state attackers, with threat actors accessing Orion users’ networks with a trojan hiding in software updates.

So, why should businesses care about ransomware attacks, especially when most attacks seem to be against public sectors? Simply because, while the attacks on public sector get vast coverage and close attention, truth is, there are many more attacks on SMEs – successful ones at that, but those are simply not as visible, so they’re not making the news. Research shows: small businesses are a ripe target for attackers – with 71% of ransomware…

Source…

Supply chain and nation-state attacks will highlight 2022, says vendor

/in


Supply chain attacks and nation-state cyber warfare will continue to cause anguish for CISOs in 2022, says Check Point Software in its annual predictions blog.

Supply chain attacks will become more common, the security company said, which will lead to governments beginning to establish regulations to address these attacks and protect networks. They will also look into collaborating with the private sector as well as with other countries to identify and target more threat groups operating on a global and regional scale.

Check Point also expects to discover more about the global impact of the Sunburst attack on SolarWinds Orion network monitoring suite.  “As investigations are still ongoing, security researchers will unveil some of the biggest questions regarding the attack: What were the attackers doing these networks, and how did they benefit from the massive attack?”

“Supply chain attackers take advantage of a lack of monitoring within an organization’s environment,” the blog warns. “The well-known SolarWinds supply chain attack stands out in 2021 due to its scale and influence, but other sophisticated supply chain attacks have occurred, such as Codecov in April, and most recently, Kaseya.  Kaseya provides software for Managed Service Providers (MSPs) and the REvil ransomware gang exploited the company to infect over 1,000 customers with ransomware.  The group demanded a ransom of $70 million to provide decryption keys for all affected customers.

Among other predictions:

The cyber ‘cold war’ intensifies: The cyber cold war is intensifying, and taking place online as more nation-state actors push western governments and continue to destabilize society. Improved infrastructure and technological capabilities will enable terrorist groups and political activists to further their agendas and carry out more sophisticated, widespread attacks. Cyber-attacks will increasingly be used as proxy conflicts to destabilize activities globally;

Attackers leverage vulnerabilities in microservices to launch large scale attacks: The move to the cloud and DevOps will result in a new form of botnet. With microservices becoming the leading method for application development,…

Source…