Tag Archive for: started

Ukraine war has started a new era of global security: Adm. Bauer

/in


TALLINN/ BRUSSELS — The Chair of the NATO Military Committee Adm. Rob Bauer said Saturday that the Ukraine war has started a new era of global security and underlined the Alliance’s continued support to Ukraine.

“Without a doubt a new era for global security has begun. It is crystal clear that this conflict is bigger than Ukraine,” he told a press conference at the end of the 2-day meeting held in Tallinn, Estonia, this afternoon.

“The entire international rules-based order is under attack. It is up to the free democratic nations of the world to protect it,” he stated. The Military Committee discussed how to sustain and increase NATO’s support to Ukraine.

“The ammunition, equipment, and training that Allies and other nations are delivering are all making a real difference on the battlefield. With its success on the ground Ukraine has fundamentally changed modern warfare,” said Adm. Bauer.

NATO will support Ukraine for as long as it takes, he stressed. The discussions of the military chiefs of the 30-member Alliance covered the breadth of the security challenges facing the Alliance, he said.

For the first time, NATO military chiefs welcomed their Finnish and Swedish counterparts around the table as invitees. The accession of both countries to NATO will enhance the security of the Baltic Sea region and strengthen the Alliance as a whole, he said.

The Committee also discussed NATO’s ongoing operations, missions, and activities including the NATO Mission Iraq (NMI) and Kosovo Force (KFOR).

The NATO Military Committee meets, in Chiefs of Defense level, twice a year at NATO Headquarters in Brussels, and once a year a Conference is held in a NATO member state.

The Military Committee convenes to discuss NATO operations, missions and activities and to provide NATO advice on how the Alliance can best address global security challenges.

Adm. Bauer on Friday conducted a country visit to Estonia, ahead of the annual NATO Military Conference. During his visit, he met with President Alar Karis, Minister of Defense Hanno Pevkur and Chief of Defense Lt. Gen. Martin Herem.

Adm. Bauer also traveled to Tapa to meet the 1st Infantry Brigade and NATO’s enhanced Forward…

Source…

Who are the hackers who say they started a fire in Iran?

/in


The steel factory moments before the fire

The steel factory shortly before the fire

It’s extremely rare for hackers, who operate in the digital world, to cause damage in the physical world.

But a cyber-attack on a steel maker in Iran two weeks ago is being seen as one of those significant and troubling moments.

A hacking group called Predatory Sparrow said it was behind the attack, which it said caused a serious fire, and released a video to back up its story.

The video appears to be CCTV footage of the incident, showing factory workers leaving part of the plant before a machine starts spewing molten steel and fire. The video ends with people pouring water on the fire with hoses.

In another video that surfaced online, factory staff can be heard shouting for firefighters to be called and describing damage to equipment.

Predatory Sparrow, also known by its Persian name, Gonjeshke Darande, says this was one of three attacks it carried out against Iranian steel makers on 27 June, in response to unspecified acts of “aggression” carried out by the Islamic Republic.

The group has also started sharing gigabytes of data it claims to have stolen from the companies, including confidential emails.

On its Telegram page Predatory Sparrow posted: “These companies are subject to international sanctions and continue their operations despite the restrictions. These cyber-attacks, being carried out carefully to protect innocent individuals.”

That last sentence has pricked the ears of the cyber-security world.

Clearly the hackers knew that they were potentially putting lives in danger, but it seems they were at pains to ensure the factory floor was empty before they launched their attack – and they were equally eager to make sure everyone knew how careful they had been.

This has led many to wonder whether Predatory Sparrow is a professional and tightly regulated team of state-sponsored military hackers, who may even be obliged to carry out risk assessments before they launch an operation.

“They claim themselves to be a group of hacktivists, but given their sophistication, and their high impact, we believe that the group is either operated, or sponsored by, a nation state,” says Itay Cohen, head of cyber research at Check Point Software.

Predatory Sparrow

Source…

Ransomware attacks decrease, operators started rebranding

/in


Positive Technologies experts have analyzed the Q3 2021 cybersecurity threatscape and found a decrease in the number of unique cyberattacks. However, there’s been an increase in the share of attacks against individuals, and also a rise in attacks involving remote access malware.

ransomware attacks decrease

The number of attacks in Q3 decreased by 4.8% compared to the previous quarter—the first time since the end of 2018 that Positive Technologies has recorded a negative trend. The researchers believe one key reason for the change is the decrease in ransomware attacks and the fact that some major players have quit the stage. This is also why the share of attacks aimed at compromising corporate computers, servers, and network equipment has fallen, from 87% to 75%.

“This year we saw the peak of ransomware attacks in April when 120 attacks were recorded. There were 45 attacks in September, down 63% from the peak in April. The reason is that several large ransomware gangs stopped their operation, and law enforcement agencies started paying more attention to the problem of ransomware attacks (due to recent high-profile attacks),” said Ekaterina Kilyusheva, Head of Research and Analytics, Positive Technologies.

Researchers also noted a trend toward the rebranding of existing ransomware gangs: Some operators are rethinking their preference for the Ransomware as a Service (RaaS) scheme, which carries certain risks from unreliable partners.

Kilyusheva explains: In Q2, we predicted that one of the possible scenarios of ransomware transformation would be that groups abandon the RaaS model in its current form. It is much safer for ransomware operators to hire people who will deliver malware and search for vulnerabilities as permanent ‘employees.’ It will be safer for both parties, as more organized and efficient all-in-one forms of cooperation can be created. In Q3, we saw the first steps in this direction. An additional boost for this transformation is the development of the market of initial access.”

The research shows that although the share of malware attacks on organizations decreased by 22%, the attackers’ appetite for data also led to an increase in the use of remote access trojans. In…

Source…

Cybersecurity careers: What to know and how to get started

/in


Want to help make technology safer for everyone? Love solving puzzles? Stuck in a rut? Take your career to a whole new level – break into cybersecurity! Insights from ESET researchers Aryeh Goretsky and Cameron Camp will put you on the right track.

How do you start a career in cybersecurity? What qualifications, certifications and skills do you need? Should you spend half the cost of a house on a top-tier degree? Should you try to hack the Pentagon and get a reputation (which actually carries a whole pile of its own issues, so shouldn’t be pursued wholesale) or build your own Python library that helps cure cancer and try to get noticed?

These are some of the questions ESET folks are asked quite frequently. What better time to try and answer them than Cybersecurity Career Awareness Week, a campaign that runs this week and is part of Cybersecurity Awareness Month? The answers will come from two ESET researchers, who will weigh in on what it took in the past to break into security and what seems to be attracting the attention of companies of all stripes hiring today.

Indeed, demand for security professionals continues to outpace supply. The talent gap remains (de)pressing, not least because, you guessed it, security threats aren’t going anywhere. Nary an organization is immune from the myriad risks associated with cyberattacks, as threats escalate in size and frequency and hit ever closer to home, causing untold damage in the process (and in its aftermath). It’s little wonder, then, that many companies will pay top dollar to bring in and retain security talent, and it seems that the stars are aligned for those willing to seize the opportunities.

There’s more to the equation, though. Read on to find out as we sit down with two ESET experts who’ve worked in the trenches of security for decades – Distinguished Researcher Aryeh Goretsky and Specialized Security Researcher Cameron Camp.


First things first, why choose a career in cybersecurity?

Aryeh: There are the usual reasons for entering the cybersecurity field, such as seeking fame or fortune (or…

Source…