Tag Archive for: RussiaUkraine

The Cybersecurity Ripple Effects of the Russia-Ukraine Conflict | Ankura Cybersecurity & Data Privacy

/in


Russia’s invasion of Ukraine has been characterized by strategic and significant use of cyberattacks to support its military objectives. In the days to come, there is likely to be a sharp increase in cyberthreat activity globally and leading organizations must be prepared for the ripple effects that spill out of the conflict.

Throughout the start of 2022, Russia has pressured Ukraine against joining the North Atlantic Treaty Organization (NATO) which would grant them access to powerful military allies. After conducting multiple cyber-attacks against Ukrainian networks, the Russian military is now executing a military assault on Ukraine, invading from multiple directions. This conflict has resulted in a significant increase in cybersecurity threats worldwide and will likely trigger an escalation in cyber-attacks on organizations everywhere. The Ankura Cyber Threat Investigations and Expert Services (CTIX) team is continuously monitoring and analyzing the global cyber threat landscape and is supplying this content to provide specific insights for organizations to help them proactively prepare and be ready to defend their environments and avoid operational disruptions.

How Did Russia Leverage Cyberattacks for its Invasion?

On January 26, 2022, Computer Emergency Response Team of Ukraine (CERT-UA) released a report stating that between January 13th and 14th multiple websites of state organizations were tampered with by Russia, resulting in content alteration and system destruction.[1]  The attack, now known as WhisperGate, gained access through the supply chain, and through the abuse of the vulnerabilities OctoberCMS and Log4j.[2] The malware itself is made up of three components: BootPatch, WhisperGate, and WhisperKill. Similar to the WhisperGate attacks, on February 23, 2022, ESET and Broadcom’s Symantec discovered a second data wiper malware.[3] This malware, dubbed HermeticWiper (KillDisk.NCV), has been used to target hundreds of additional machines. HermeticWiper is a custom application designed to wipe local data, as well as damage the master boot record of the hard drive, preventing the system from booting into the operating system, which is nearly identical to how…

Source…

Why Kenya is not safe from Russia-Ukraine cyberwar

/in


Malware is a file or a code that is basically meant to breach the security and privacy of a computer, server, client, or network. [File, Standard]

Government agencies and private companies are likely to experience more cyberattacks this year.

Threats to Kenya’s infrastructure, experts say, are likely to be heightened by rising global tensions as countries take sides in the raging Russia-Ukraine conflict

According to the Communications Authority of Kenya (CA), 143 million incidents of cyberattacks were detected in the country last year, which was a 23 per cent increase to 110 million cases.

CA attributed this to a surge in remote working as companies adopted remote working for their staff to mitigate the spread of the Covid-19 pandemic. 

And cyber experts are now concerned that the fallout from Russia’s invasion of Ukraine, which has disrupted financial systems and supply chains as Western countries impose sanctions against Moscow could precipitate the rise in cyberattacks.

Patrick Muya, the head of East Africa business development at Plena Solutions, an Israeli cybersecurity company based in Kenya noted that in the first 48 hours of Russia’s invasion of Ukraine, cybersecurity agencies observed an increase of over 800 per cent in cyberattacks worldwide.

“The increasing threat of cyberattacks is primarily, but not limited to, countries and companies directly involved or associated with the conflict. Cyberattacks know no borders with little to no effect on distance, time, and culture,” observed Mr Muya.

Anticipation of full-blown cyber warfare is on the back of a long history of international attacks coordinated out of Russia. Moscow, for instance, was blamed for the large-scale attack on Ukraine’s power grid in 2015. And in 2017, the Kremlin released on Ukraine the data-wiping NotPetya virus, a destructive malware. The virus ultimately spread globally, hurting companies and State agencies.

Independent Russian hackers have in recent years also been linked to several brazen hacking schemes, including the devastating ransomware hack of the Colonial Pipeline in the US last year.

Mr Muya said it would,…

Source…

Russia-Ukraine War scams are here

/in


There’s no limit to the depths that scammers will sink to find new victims. We saw a rise in scams from the start of the pandemic, and the pattern is continuing today with the Russia-Ukraine conflict.

Scammers can target you from anywhere in the world via email, social media, calls and texts. You can be directly targeted or fall victim to a phishing scam, malicious ad, website, or post. Your personal and financial information is at risk, so take great care, especially during times like these. Tap or click here for Kim’s report on 10 Russia-Ukraine war scams to watch out for.

As we predicted and warned you about, the scams are coming in fast. Some are taking advantage of people’s willingness to help the Ukrainian people, while others go after people’s fears. Keep reading for examples.

Charity scams

Humanitarian workers are on the ground helping out where they can and need financial assistance. While most charities seeking aid are legitimate, others are just looking for a payday. We touched on this subject and listed some fake aid websites in a recent report.

Researchers at internet security company ESET have been seeing an increase in websites posing as charities helping out the people of Ukraine and the country at large against the Russian invasion. The following are some examples:

You don’t need to look very close to spot the red flags. Poor spelling, grammar and punctuation can be found throughout the text, along with urgent requests for assistance. And just how will your money be helping out? Charities should be transparent about their goals.

Malicious/scam emails

ESET also warns about emails being sent out pleading for assistance in the form of Bitcoin. A post shared by a Reddit user is a prime example of this scamming method:

Researchers at Bitdefender Labs have also been tracking charity crypto scams making the rounds in the wake of the conflict. The Ukrainian government is accepting Bitcoin and Etherium donations and people around the world are opening their virtual wallets.

Scammers are well aware of…

Source…

Russia-Ukraine crisis: Moscow creating 'new normal' to contest sovereignty in Europe, says Nato – Telegraph.co.uk

/in



Russia-Ukraine crisis: Moscow creating ‘new normal’ to contest sovereignty in Europe, says Nato  Telegraph.co.uk

Source…