Tag Archive for: Putin’s

Unmasking Putin’s Schadenfreude and His Suspected Cyberwarfare

/in


Amy Neustein

Amy Neustein

Bewilderment, angst and fear would grip an entire world on Oct. 7 as savagery and barbarism were unleashed by the Hamas terrorist group on the kibbutzim and towns in Israel along the Gazan border in the early morning hours of Simchas Torah and Shabbat.

Astonishingly, Israel, known for its superior reconnaissance and military savvy, was caught off guard; the consequences were verily catastrophic. Cybersecurity gaps may have contributed to this debacle.

Deputy Editor James Coker of Infosecurity Magazine reported last week that Radware, a publicly-traded cybersecurity company headquartered in Tel Aviv-Yafo with offices in Europe, Africa and Asia Pacific, found that Israel topped the list worldwide in its receipt of DDoS (Distributed Denial of Service) attacks just five days before the Hamas raid and in the days that followed. Such cyberattacks involve multiple connected online devices, collectively known as “botnet,” in which a targeted website is overwhelmed with fake traffic.

Coker stated Israel received 143 such DDoS attacks “making it the most targeted nation” in the world during that period. Radware found that more than a third of the claimed DDoS attacks were aimed at Israeli governmental agencies. Killnet, a pro-Russian (and purportedly Kremlin-associated) cybersecurity threat group that engaged in DDoS attacks targeting websites in countries that supported Ukraine following the Russian invasion, claimed several attacks on Israel’s cybersystem along with pro-Palestinian hacktivist groups.

Radware pointed to Killnet’s claim on Telegram Messenger, a cloud-based, cross platform instant messaging service, to targeting Israel’s banks and government sites that included Shabak.gov.il, Israel’s internal security service. The Jerusalem Post wrote on X (formerly Twitter) that it suffered downtime due to cyberattacks two days subsequent to the massacre.

Rob Joyce, director of cybersecurity at the National Security Agency, a national level intelligence agency of the United States Department of Defense, weighed in…

Source…

RSAC Fireside Chat: Counteracting Putin’s weaponizing of ransomware — with containment

/in


By Byron V. Acohido

The ransomware plague endures — and has arisen as a potent weapon in geopolitical conflicts.

Cyber extortion remains a material threat to organizations of all sizes across all industries. Ransomware purveyors have demonstrated their capability to endlessly take advantage of a vastly expanded network attack surface – one that will only continue to expand as the shift to massively interconnected digital services accelerates.

Meanwhile, Russia has turned to weaponing ransomware in its attempt to conquer Ukraine, redoubling this threat. Now that RSA Conference 2023 has wrapped, these things seem clear: ransomware is here to stay; it is not, at this moment, being adequately mitigated; and a new approach is needed to slow, and effectively put a stop to, ransomware.

I had the chance to visit with Steve Hahn, EVP Americas, at Bullwall, which is in the vanguard of security vendors advancing ways to instantly contain threat actors who manage to slip inside an organization’s network.

Guest expert: Steve Hahn, EVP Americas, Bullwall

Bullwall has a bird’s eye view of Russia’s ongoing deployment of ransomware attacks against Ukraine, and its allies, especially the U.S.

Weaponized ransomware doubly benefits Russia: it’s lucrative, generating  billions in revenue and thus adding to Putin’s war chest; and at the same time it also weakens a wide breadth of infrastructure of Putin’s adversaries across Europe and North America.

Containment is a logical tactic that could make a big difference in stopping ransomware and other types of attacks. For a full drill down, please give the accompanying podcast a listen. I’ll keep watch and keep reporting.

Acohido

Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.

(LW provides consulting services to the vendors we cover.)

May 20th, 2023

 

Source…

How one of Vladimir Putin’s most prized hacking units got pwned by the FBI

/in


How one of Vladimir Putin’s most prized hacking units got pwned by the FBI

Getty Images

FBI officials on Tuesday dropped a major bombshell: After spending years monitoring exceptionally stealthy malware that one of the Kremlin’s most advanced hacker units had installed on hundreds of computers around the world, agents unloaded a payload that caused the malware to disable itself.

The counter-hack took aim at Snake, the name of a sprawling piece of cross-platform malware that for more than two decades has been in use for espionage and sabotage. Snake is developed and operated by Turla, one of the world’s most sophisticated APTs, short for advanced persistent threats, a term for long-running hacking outfits sponsored by nation-states.

Inside jokes, taunts, and mythical dragons

If nation-sponsored hacking was baseball, then Turla would not just be a Major League team—it would be a perennial playoff contender. Researchers from multiple security firms largely agree that Turla was behind breaches of the US Department of Defense in 2008, and more recently the German Foreign Office and France’s military. The group has also been known for unleashing stealthy Linux malware and using satellite-based Internet links to maintain the stealth of its operations.

One of the most powerful tools in Turla’s arsenal is Snake, a digital Swiss Army knife of sorts that runs on Windows, macOS, and Linux. Written in the C programming language, Snake comes as a highly modular series of pieces that are built on top of a massive peer-to-peer network that covertly links one infected computer with another. Snake, the FBI said, has to date spread to more than 50 countries and infected computers belonging to NATO member governments, a US journalist who has covered Russia, and sectors involving critical infrastructure, communications, and education.

A short list of Snake capabilities includes a backdoor that allows Turla to install or uninstall malware on infected computers, send commands, and exfiltrate data of interest to the Kremlin. A professionally designed piece of software, Snake uses several layers of custom encryption to encrypt commands and exfiltrated data….

Source…

Vladimir Putin’s cyber warfare chief sent sex toys after his email is hacked – World News

/in


Ukrainian hackers broke into Sergey Morgachev’s AliExpress account and ordered several sex toys and gay pride flags in his name in an “symbolic act of moral humiliation”

Sergei Morgachev, a Russian top-ranking spy, was hacked(InformNapalm)

A top Russian military spy has been bombarded with sex toys after his personal email was hacked.

Ukrainian hackers claim they gained access to Sergey Morgachev’s AliExpress account, ordering multiple sex toys and gay pride flags in his name.

The embarrassing hack was intended as “a symbolic act of moral humiliation.”

Morgachev is Vladimir Putin‘s Lieutenant Colonel at Moscow’s chief intelligence office, the GRU.

It is believed he was in charge of Russia‘s notorious “Fancy Bear” hackers, also known as APT28.

The hackers, who call themselves Cyber Resistance, claimed on Telegram that they had managed to break into Morgachev’s email account.

Then, they were able to access personal information such as family photos and scanned documents of people associated with him, according to the open-source intelligence site Info Nampalm.

Source…