Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Cyber War. Show all posts
Phishing Attacks
Cyber Attacks Cyber War Cyber Warfare Cyberhacking Hacking Attack Iran Iranian hackers Isreal Phishing Attacks

Israel and Iran Cyber War Escalates After June Conflict Despite Ceasefire

 

The long-running cyber conflict between Israel and Iran has intensified following the June war, according to a recent report by the Financial Times. Israeli officials disclosed that they began receiving suspicious text messages containing malicious links soon after the 12-day conflict. One official, speaking anonymously, confirmed that the attacks have not stopped, emphasizing that the cyber hostilities remain active despite a temporary ceasefire on the battlefield. 

Recent incidents highlight the scale of the digital confrontation. Iranian hackers have been linked to phishing campaigns targeting Israeli diplomats and government officials, while also attempting to exploit vulnerabilities in Microsoft software to infiltrate Israeli networks. 

In parallel, Israel and groups aligned with its interests have launched disruptive cyberattacks on Iran, underscoring how digital warfare has become a central element in the shadow war between the two nations. During the June conflict, Iran’s Ministry of Communications reported facing what it described as its most extensive cyberattack campaign to date, with more than 20,000 incidents in just 12 days. 

One attack temporarily disabled Iran’s air defense systems as Israeli Air Force jets launched strikes on Tehran on June 13. Israeli cybersecurity experts later described the air defense breach as a tactical move designed to give Israel an initial advantage, while stressing that intelligence gathering on Iranian military figures and nuclear scientists was the most significant outcome. 

On the other side, an Israeli-aligned hacking group known as Gonjeshke Darande claimed responsibility for siphoning around $90 million from the Iranian cryptocurrency exchange Nobitex, transferring the funds into a wallet that could not be accessed. Nobitex rejected accusations that it operated as a regime tool, though the same group also targeted two major Iranian banks, including state-owned Bank Sepah. 

These attacks reportedly crippled banking systems by disabling not only primary data but also backup and disaster recovery servers, according to Dotin, the software provider for the affected banks. Meanwhile, Iranian-backed hackers conducted cyber operations against 50 Israeli companies, including firms in logistics, human resources, and defense-related sectors.

Leaked resumes of thousands of Israeli citizens linked to defense work were published online. Attackers also attempted to manipulate Israelis by sending fake messages that appeared to come from the Home Front Command, advising civilians to avoid bomb shelters during missile strikes. Other attempts focused on breaching security camera systems to track the locations of incoming rockets. 

Despite these efforts, Israeli cybersecurity officials argue that the cyberattacks on their country have caused minimal disruption. Iran, however, appears to have suffered more significant setbacks. Senior Iranian officials acknowledged weaknesses in their systems, citing the country’s centralized data structures as a vulnerability exploited by Israeli forces. 

The scale of the damage prompted calls within Iran for urgent measures to strengthen its cyber defense capabilities. Experts believe the cyber war will continue to escalate, as it allows both sides to strike at one another without triggering immediate international backlash. Analysts note that while conventional attacks risk provoking strong responses from global powers, operations in cyberspace often proceed unchecked. 

For Israel and Iran, the digital battlefield has become a critical front in their decades-long struggle, one that persists even when guns fall silent.
Read more »
Ukraine
Anonymous Cyber Attacks Cyber War Russia Ukraine

Anonymous Wages a Cyber War Against Russia, Targets Oligarchs

Anonymous continues its attacks against Putin and Russia, recently, the latest attack is targeted against the Russian investment agency 'Marathon Group.' Anonymous keeps attacking Russian firms owned by oligarchs, last week, the group announced the hacking of Thozis Corp and in the most recent incident, the group claims responsibility behind the Marathon group hack. Marathon group is a Russian investment firm, the owner is oligarch Alexander Vinokuro, the EU sanctioned him recently. Vinokurov is the son-in-law of Russian Foreign Minister Lavrov. Anonymous breached the organization's systems and leaked 62,000 emails (a 52 GB archive) through DDoSecrets (Distributed Denial of Secrets). 

DDoSecrets is a non for profit whistleblower website launched in 2018. "JUST IN: #Anonymous has hacked & released 62,000 emails from the Marathon Group, a Russian investment firm owned by oligarch Alexander Vinokurov, currently under EU sanctions. Vinokurov is also the son-in-law of Russian Foreign Minister Lavrov" tweets @YourAnonTV. The group also takes responsibility for the hacking of Belarus government website associated with Volozhin Economy, a city in the Minsk region of Belarus. 

"Anonymous makes an intrusion into a website of the Government of Belarus dedicated to the Economy of Volozhin, a Belarusian city in the Minsk region" tweets @Anonymous_Link. The Anonymous group tweeted that due to the nature of the leak, DDoSecrets is willing to offer the data to journalists and researchers. "Hackers leaked 15GB of data stolen from the Russian Orthodox Church's charitable wing & released roughly 57,500 emails via #DDoSecrets. #DDoSecrets noted that due to the nature of the data, at this time it is only being offered to journalists & researchers," tweets @YourAnonTV What else has Anonymous done to Russia? 

In March, Anonymous declared to wage a "cyber war" against a Russia. Since then, Anonymous has claimed responsibility for launching various attacks on the Russian government, news websites and organizations, and leaked data of prominent firms like Roskomnadzor, a federal agency which censors Russian media. "Many CIS files were erased, hundreds of folders were renamed to "putin_stop_this_war" and email addresses and administrative credentials were exposed," said Jeremiah Fowler, cybersecurity company Security Discovery's Co-founder.

Read more »
WordPress
cyber attack Cyber War Infected websites Ukraine WordPress

Cyber Attacks Targeted on Websites Using Wordpress

Thirty Ukrainian Universities were hacked as a result of the targeted cyberattack supporting Russia's attack on Ukraine. In the latest report, experts from Wordfence said that the cyber attack had massive repercussions on Ukrainian Education organizations by hackers known as Monday Group. The threat actor has openly supported Russia's invasion of Ukraine. The members of the hacking group identify themselves as 'the Mxonday' has attacked the websites using WordPress hosting more than in the past two weeks, since the start of the Russian invasion of Ukraine. 


As per the Wordfence blog, the firm protects more than 8,000 Ukranian websites, around 300 of these belong to education websites. Wordfence also offers assistance to government agencies, police, and military websites. The security firm also mentioned that it experienced a rise of 144,000 cyber attacks on February 25, the second day of the Kinetic attack. The rise is three times the number of regular attacks compared to the starting of the month across the Ukranian websites that Wordfence protects. According to founder and CEO Mark Maunder, a threat actor was continuously trying to attack Ukranian websites, immediately after the Ukranian invasion. 

An inquiry into the issue found four IP addresses associated with the campaign, these are distributed through a VPN service from Sweden. The hacking group also has ties with Brazil, Wordfence is supposed to be operating from here. But the threat actors behind the cyber attack are yet to be known. The report comes after ESET's new research, which mentioned various malware families that are used in targeted cyber attacks against organizations in Ukraine. An ESET blog reported a destructive campaign that used HermeticWiper that targets different organizations. 

The cyberattacks comprised of three elements; HermeticWiper, which corrupts a system making it inoperable, HermeticWizard, which spreads HermeticWiper across the local network via WMI and SMB, and lastly, HermeticRansom. According to the blog, the cyberattack was preceded by a few hours from the start of the Russian invasion of Ukraine. The malware used in these attacks suggests that the planning of the campaign was done months ago. HermeticWiper has been found in hundreds of systems in the last five Ukrainian organizations, says ESET. It also mentioned that no tangible connection with a known threat actor has been found yet.
Read more »
Ukraine
America CNN Cyber Security Cyber War Cyberattack Russia Ukraine

The USA will Continue to Support Ukraine in Ensuring Cybersecurity

 

The U.S. authorities will continue to support Ukraine aimed at improving its cybersecurity. U.S. Undersecretary of Homeland Security Robert Silvers said Thursday. 

He claimed at an online cybersecurity conference that they have been warning publicly and privately for months that cyberattacks could be part of a large-scale Russian effort to destabilize and invade Ukraine. “Of course, we offer support to Ukraine to help Ukraine strengthen its cyber defenses. We will continue to do so in the days ahead." 

According to Silvers, the American side also works closely with other international partners and strengthens its own security. "At the moment, there are no specific and credible threats [from the Russian Federation] to the United States [in cyberspace], however, we, of course, are attentive to the fact that Russia may consider [options] for escalation in ways that may have an impact on other [countries] outside Ukraine. So we are actively working here in the US with industry representatives, with owners and operators of critical infrastructure to strengthen protection," he added. 

The Washington Post newspaper in its article reported on hackers associated with Russia, who, if necessary, will bring down many networks of Ukraine. At the same time, the publication refers to American intelligence data. "We don't know if they intend to do this. But we are working with Ukraine to strengthen their cyber defense," the unnamed official's words are quoted in the article. 

On Tuesday, the Information Security Center of Ukraine announced a DDoS attack on the websites of the Ministry of Defense, the Armed Forces, state Privatbank and Oschadbank. White House Press Secretary Jen Psaki noted at a briefing on Wednesday that Washington is not yet ready to say who the US authorities consider responsible for these cyberattacks. The press secretary of the President of the Russian Federation Dmitry Peskov said earlier that Russia has nothing to do with cyberattacks in Ukraine. 

Read more »
Ukraine
America CNN cyber attack Cyber Security Cyber War Russia Ukraine

CNN Learned About the Preparation of the US Authorities to Repel Cyber Attacks from Russia

 

CNN reported citing US administration sources that representatives of the White House, US intelligence, the US Department of Homeland Security (DHS), and other agencies have discussed preparations to repel cyber attacks that could be carried out in the United States and Ukraine. 

According to the interlocutors of the TV channel, the meeting at the interdepartmental level took place on Friday, February 11, in the format of a videoconference. It discussed the measures that the U.S. leadership in cooperation with private companies could take in various areas of the economy in case of "a potential attack by cybercriminals or government-linked" hackers. 

In addition, there was a discussion of the "possible increase in ransomware attacks on U.S. companies" that "Russian-speaking hackers" allegedly might carry out. The issue of providing cybersecurity support to Ukraine was also raised, where, according to sources, there is a "concrete, credible threat" of attacks on infrastructure facilities. No such threat currently exists in the United States. A CNN source stressed that the administration was working on steps in case the situation changed for the worse. 

In mid-January, unknown hackers attacked at least 70 state websites of Ukraine, including portals of the Cabinet of Ministers, the Ministry of Education, the Ministry of Foreign Affairs, the Ministry of Sports, and other departments An appeal in Ukrainian, Russian and Polish appeared on them, the authors of which urged Ukrainian citizens "to fear and wait for the worst. In Ukraine, they believe that Russia is involved in the incident. The US said that the attack was carried out "according to the Russian scheme." On January 16, Russian presidential spokesman Dmitry Peskov said that Moscow had nothing to do with the incidents. He noted that no evidence of Moscow's culpability has been provided. 

White House Press Secretary Jen Psaki noted that the United States is in contact with Ukraine regarding the incident, and also offered its assistance in the investigation. According to her, Washington, their allies, and partners are "concerned about this cyberattack." 

Western media and officials have been speculating about an impending Russian invasion of Ukraine since the fall of 2021. Washington and Brussels threaten Moscow with new sanctions in case of an invasion. On February 9, Politico newspaper reported that U.S. senators suggested adding to the bill on sanctions against Russia the possibility of imposing restrictions "for cyberattacks" on Ukraine.
Read more »
Ukraine
Cyber Attacks Cyber War Cyberattack Kiev Russia Russian Hacker Ukraine

EU Ready to Send a Mission to Kiev to Fight Cyberattacks

 

The EU countries, while discussing the situation around Ukraine, expressed their readiness, if necessary, to adopt a set of sanctions against Russia. French Foreign Minister Jean-Yves Le Drian said this on Monday after the EU Council meeting in Brussels. 

"This meeting showed a great degree of agreement between the Europeans and the United States. This cohesion is very important," he said, adding that diplomatic efforts are underway in connection with the escalation along the Ukrainian border. 

"I was greatly impressed by the firmness of the Europeans and their willingness to jointly present a set of sanctions, measures to contain Russia in order to prevent an offensive - military or otherwise - in Ukraine," Le Drian said. 

On the night of January 14, the websites of the Ministry of Foreign Affairs of Ukraine, the Ministry of Education, the Ministry of Agrarian Policy and Food were subjected to massive cyberattacks. Hackers posted messages warning residents to "fear and expect the worst." In addition, Ukrainians were warned that the allegedly personal information of residents of the country, which was uploaded to the "common network," would be destroyed without the possibility of recovery. 

According to Deputy Secretary of the National Security and Defense Council of Ukraine Sergei Demedyuk, hackers associated with the intelligence services of Belarus are behind the cyber attack on Ukrainian departments. Later, a criminal case was opened on the fact of the cyber attack. 

White House Press Secretary Jen Psaki noted that the United States is in contact with Ukraine regarding the incident, and also offered its assistance in the investigation. According to her, the United States, its allies, and partners are "concerned about this cyberattack." 

NATO Secretary-General Jens Stoltenberg announced that the organization will sign an agreement with Ukraine on strengthening cyber cooperation. He condemned cyberattacks on the government of Ukraine. 
 
On December 21, the American newspaper New York Times reported that the United States and Great Britain secretly sent a group of cybersecurity specialists to Ukraine. As specified, the West wants to help Kiev to be ready for allegedly preparing cyber attacks.
Read more »
Russia
Cyber War Cyperspace war Russia

Russian Foreign Ministry calls action in cyberspace as the third world war

Military operations in cyberspace are underway on a full scale, this is already the Third World War. This was said on Thursday, December 16, by the Special Representative of the President of the Russian Federation for international cooperation in the field of information security, Director of the Department of the Ministry of Foreign Affairs of the Russian Federation, Andrey Krutskikh.

"The war is going on, and it is going on very intensively, and no matter how we try to say that all this is disguised. In fact, military operations in cyberspace are really taking place on a full scale. And in general, the media correctly say that this is already the third World War, only the question now is in calculating the damage" he said, speaking at the plenary session of the IX All-Russian Congress of Political Scientists "Russia and the political order in a changing world: values, institutions, prospects" at MGIMO.

In addition, Krutskikh said that negotiations with the United States on cybersecurity issues are very difficult. "Unfortunately, the negotiations are very difficult, and I will try to say a few words today about how we are trying to negotiate with the Americans and within the framework of the UN in order to somehow smooth out the possible consequences," he said.

Earlier, on December 10, presidential spokesman Dmitry Peskov said that Russia could not disclose details of cooperation with the United States in the field of cybersecurity. He called it a very sensitive topic and at the same time noted that Moscow positively assesses the implementation of the agreement between Russian President Vladimir Putin and the head of the White House Joe Biden.

Putin and Biden held talks behind closed doors via a secure video link on December 7. According to the President of the Russian Federation, the conversation was open and constructive, and dialogue was established on the issue of cybersecurity.

On December 6, the UN General Assembly adopted a resolution of Russia and the United States. The document states the need to resist the use of IT technologies for criminal and terrorist purposes.

Read more »
Poland Cyber Security
Cyber Attacks Cyber War Poland Poland Cyber Security

Polish Authorities Says Recent Hacker Attacks Connected with Special Services of The Russian Federation

On Tuesday, a spokesman for the minister coordinating Poland's intelligence services said the hacking attacks in the republic two weeks ago could allegedly be linked to Russian intelligence services.

According to the report, "the list of targets of the social engineering attack conducted by the hacker group UNC1151 included at least 4,350 email addresses belonging to Polish citizens or operating on Polish email services. The intelligence services have information indicating links between the aggressors with the activities of the Russian special services".

Moreover, the list of 4,350 hacked addresses includes more than 100 accounts used by persons performing state functions, such as members of the former and current government, deputies, senators, and local authorities.

"The list also included an email used by Minister Michal Dworczyk. The services responsible for cyber security recorded several unauthorized accesses to the mailbox used by Minister Dworczyk," the press service said in a statement.

Western countries have repeatedly made claims that Russia is involved in various cyber attacks, including against US government agencies and companies. The Russian side has consistently denied these accusations. In particular, Russian presidential spokesman Dmitry Peskov said earlier that Moscow is not involved in these hacker attacks. According to him, "any accusations of Russia's involvement are absolutely unfounded and are rather a continuation of Russophobia."

On June 9, the head of the office of the head of the Polish government, responsible for the implementation of the National Vaccination Program, Michal Dworczyk, said that he was attacked by hackers. E-mail and social media pages belonging to him and his wife were hacked. 

Read more »
Vladimir Putin
Cyber Attacks Cyber War Russia Russian Cyber Security United States Vladimir Putin

Putin called the accusations of launching a cyber war against the United States unsubstantiated

 Russian President Vladimir Putin said that the US accusations against Russia, including cyber attacks and election interference, are groundless, the US side has never provided any evidence.

"We are accused of a variety of things: interference in elections, cyber attacks, and so on. And they [the accusers] did not bother to provide any evidence. Just baseless accusations," he said, calling statements about Russia's involvement in cyber attacks in the United States a farce.

"The issue of cybersecurity is one of the most important today because all sorts of shutdowns of entire systems lead to very serious consequences, and this is possible," the Russian leader said in an interview with the program "Moscow. The Kremlin. Putin" of the Russia-1 TV channel.

According to Putin, the Russian Federation will be ready to extradite cybercriminals to the United States if the American side also extradites criminals to Russia.

He stressed that such agreements are expressed in the relevant interstate agreements, where the parties undertake certain obligations.

"And they are in the vast majority of cases equivalent. Both sides assume the same obligations," Putin explained.

On June 4, Putin called the accusations of cyber attacks on American companies made against Moscow ridiculous and suggested that the situation could have been provoked to increase disagreements in connection with the upcoming meeting with US President Joe Biden. The press secretary of the Russian leader Dmitry Peskov assured that Moscow will promptly consider the appeals of the American side in connection with the hacker attack on the JBS enterprises if such requests are received. He also stressed that Russia does not have data on the organizers of cyber attacks on JBS.

Putin did not rule out that Western intelligence services, including American ones, may conduct activities against Russia in the cyber sphere.

"I am not afraid of this, but I do not rule out that it may be so," the Russian leader said.

“What the US is afraid of may pose a threat to us. NATO has declared cyberspace a war zone. They are planning something, and this cannot but worry us," the Russian president added.

Read more »
Russian Hackers
Cyber Attacks Cyber War Russia Russian Cyber Security Russian Hackers

The Russian expert assessed the threat of the United States to launch "offensive cyber operations" against "Russian hackers"

"If the United States does carry out an "offensive operation", Russia will be able to both prevent it and respond symmetrically," said military expert Viktor Murakhovsky, commenting on reports about the US president's plans to instruct the US military to prepare "offensive cyber operations" against hackers based in Russia

"The US doctrinal documents say that in response to hacker attacks, they can use not only cyber weapons but also military means. However, I have little faith that the Americans, in response to an attack, would risk striking Russian territory with conventional weapons. Instead, they can carry out attacks on public networks and on local networks of Russian organizations," said Viktor Murakhovsky, a member of the expert council of the board of the Military-Industrial Commission of the Russian Federation.

In addition, according to him, the US authorities may declare some persons on the international wanted list and detain them on the territory of other states. "It is known that several Russian citizens have been charged by the US Department of Justice with participating in cyber attacks," the expert added.

"At the same time, it is extremely difficult to determine exactly where the attack was carried out. Therefore, such accusations are based on certain assumptions. However, if we talk about attacks on the cyber structure of foreign states, then DDOS attacks are used. Many Russian state information resources have already been subjected to such attacks," Murakhovsky said.

According to the expert, the problem lies in the fact that Russia proposes not to consider cyberspace, including social networks, as a battlefield. And the Americans do not agree with this view.

The expert suggests that if the United States does carry out an "offensive operation", then Russia will be able to both prevent it and respond symmetrically. "We have all the necessary technical means for this," he explained.

In addition, as Murakhovsky noted, Russia has specially trained cyber-military specialists under the control of the General Staff of the Russian Armed Forces.

On Friday, government sources told NBC that the President of the United States, Joe Biden, may instruct the US military to prepare "offensive cyber operations" against hackers based in Russia.

As the TV company points out, the head of the White House will resort to such measures if he fails to reach an understanding on the issue of hacking activity at the upcoming meeting with Russian President Vladimir Putin in Geneva on June 16.

Read more »
Information Security News
Check Point Cyber Attacks Cyber War Information Security News

Check Point: What to expect from hackers in 2021

The pandemic has made its own adjustments in all areas of modern life. The attackers changed the targets of their attacks, choosing new priority areas of hacking, including focusing on the medical industry. Founder and CEO of information security company Check Point Software Technologies Gil Shwed told how hacker attacks have changed in the pandemic and what to expect from cybercrime in the future.

Gil Shwed suggested that in 2021, first, since the coronavirus and the fight against it will continue to bother humanity, then pharmaceutical companies working on the development of vaccines and medicines will most likely be attacked.

Secondly, while schoolchildren and students study from home, most likely, hackers will be interested in distance learning systems as well.

Third, it can be expected that botnets will increasingly be used in attacks. Hackers have already transformed many existing malicious applications into botnets to create entire armies of infected computers for cyber attacks.

The fourth expected point is that cyberwarfare will be at the global level.

Mr. Shwed noted that attacks on hospitals, research laboratories, especially during the period of COVID-19 are an opportunity for attackers to get ransom or attention.

The goals of cybercriminals who attack medical institutions can be different - both obtaining financial gain, and causing harm, and gaining widespread publicity. For example, medical records are sold in Darkweb for up to $1,000 per record.

In addition, medical devices such as insulin injectors, heart monitors, and pacemakers can be targeted.  

Check Point researchers have demonstrated the ease with which an ultrasound machine running on an old Windows operating system can be hacked, revealing an entire database of patient images. Unsurprisingly, there has been a 75% increase in ransomware attacks on healthcare facilities in recent months.

Microsoft's researchers said that hackers from only three countries carried out 89% of national cyberattacks this year. Attacks were extremely common, and their target was events of various levels, from elections to the Olympic Games. And also in 2021, the active use of deepfakes is expected.

Earlier E Hacking News reported that Russian hackers gained access to the source codes of Microsoft programs and systems. The organization assured that there is no reason to believe that hackers gained access to services for maintenance of its products or to customer data.

Read more »
Information Security News
Cyber Security Cyber War Information Security Information Security News

Declaring War Against Cyber Negligence

Amidst perhaps the most widespread and impactful cyberattack in history, American businesses and government agencies alike must take a drastically different approach to cybersecurity. Unfortunately, many cybersecurity professionals have become complacent and have become far too dependent on a handful of well-marketed tools designed for yesterday’s threats that underperform against modern attacks.

It is far easier for cybersecurity manufacturers to deliver services from their own cloud. It may be less expensive for the vendor but relying on a “trusted 3rd party” for your security is a foundational vulnerability that has been proven to be disastrous for you as a customer.

We are currently in a state of cyber-warfare. Nation-states regularly use their practically limitless resources and technical sophistication to overpower companies and government agencies. Cybersecurity professionals need to shift their focus from “indicators of compromise” to data protection, which will limit how widespread these vicious digital attacks can have an impact.

Most cloud providers claim they alone provide the “best cloud protection” and brag billions spent on beefing up the many layers surrounding their server farms to reassure their clients that “everything will be alright.” But will it?

Vulnerabilities from security vendors will likely continue far into the future. While much of the industry has moved towards promoting “zero-trust” infrastructures, they often forget to remove themselves from the client’s circle of trust. Instead, everyone from individuals to multinationals should take security into their own hands. Firewalls, antivirus, and network monitoring tools indeed still have their place, but a shift must be taken to provide more independence between the owner of data and its protectors.

Active Cypher, a California-based cybersecurity startup led former-Microsoft/Cisco/U.S. intelligence with decades of experience protecting (and at times stealing data), has led the charge against what it calls “cyber-negligence”.

“IT organizations need to stay nimble, test and adopt new approaches quickly, and don’t be afraid to throw out solutions that were simply inherited,” says Active Cypher’s CEO, Mike Quinn.

Active Cypher has pioneered a unique, independent security infrastructure that provides its clients the automated tools, proprietary cryptography, and advanced anti-ransomware sensors to control their data with the utmost precision. Yet unlike the numerous SaaS applications which plague the market and create undue “man-in-the-Middle” vulnerabilities, Active Cypher deploys and operates its software directly within the client’s tenant. Cryptographic keys, the soft underbelly of security, are held not by Active Cypher, who knows well it may be a target of state actors and cybercriminals but by the client alone. Once deployed, the security solution uniquely runs alone without contact with any 3rd party home base.

While the solution Active Cypher provides is certainly not an end-all, it gives a much-needed last line of defence against increasingly menacing (and successful) threats. “We believe cybersecurity is a human right. Something that is sacrosanct and should be upheld with the highest degree. Yet, too many executives still see it as just another budget line within often ballooning IT budgets without considering what kind of impact a security breach will have on their brand, and ultimately their revenue,” explains Mike Quinn.

Based in Newport Beach, California, with partners and operations across the US and in Western Europe, Active Cypher and the rest of its industry saw an uptick in business when Covid-19 forced companies to rapidly extend its security frontier to its employee’s homes.

“It has become increasingly clear that the focus for cybersecurity needs to be on data protection. Once the perimeter is breached, and it will be, there’s nothing to stop them. We’ve built great systems to observe and record cyber theft in action but little to defend the data inside.” says Devin Jones, Active Cypher’s new Chief Product Officer and a veteran of both Cisco, Juniper Networks, and a variety of cyber-startups.

Active Cypher uncovered that many major companies had regulated the management of vital security infrastructures to the “back-office” of IT but often hadn’t evolved and updated systems, like the prolific Active Directory in years. The result was growing technical messes that left gaping holes in security. Active Cypher also encountered a level of defeatism; one company declined to expand and solidify its cybersecurity posture, choosing instead to continue to pay ransomware demands at the cost of an astounding $1million per month. In this firm’s view, it was easier to keep paying and therefore avoid the risk of negative press surrounding disclosures of data breaches.

“But thankfully, not all companies have been so lethargic. We are thrilled to be working with a variety of innovating clients ranging from state agencies, healthcare providers, and sports teams who understand that the success of their future protection should be in their own hands. Active Cypher provides them with the tools to own their own destiny,” says Devin Jones.

As IT organizations across the nation take time over the next few weeks to uncover the extent of their firm’s exposure to recent and still unfolding cyberattacks, one only hopes they seek to not simply install a short-lived patch but take a leap towards the zero-trust, zero-vendor contact future; only then can cyber-negligence be finally tackled.

Read more »
Russian Hackers
Cyber Security Cyber Security News Cyber War National Cyber Security Russia Russian Hackers

Expert: the image of a "Russian hacker" has become a means of information warfare with the Russian Federation


Experts commented on the release of the report of independent public organizations "Information fight against Russia: constructing the image of the enemy".

The director of the Center for Political Information, Alexei Mukhin, noted that the report analyzed how the image of the "Russian hacker" works. According to him, this image is replicated much less through the media than through social networks.

The image of a "Russian hacker", as Mukhin said, is mainly distributed via Twitter using similar hashtags, such as #Russianhacker. This is done to attract attention, to redirect the user to materials that demonstrate "horror and lawlessness".

This forms a "public opinion", with which not only politicians but also the military are already working. This is bad, because, in their hands, the information struggle turns into a hybrid war.

In different years, according to this scheme, Russia was accused of various outrages. In 2014, in the participation in the war in the Donbass, in 2016, in interference in the American elections.

It is characteristic that as soon as Russia requires to show evidence, it turns out that they are not.
Anna Shafran, a TV and radio host, believes that an open information war has already begun. 

According to her, recently, YouTube blocked without warning or explanation three popular Russian resources, including the TV company "Crimea-24". The Russian Foreign Ministry, of course, protested and rightly qualified the incident as an attack on Russian-language resources from the American Internet platform.

Sergei Sudakov, a Professor at the Military Academy of Sciences, said that the meme "Russian mafia" was created in the interests of the United States in the 1990s. It is outdated, replaced by a new meme "Russian hacker". It is fashionable to present Russia as an international information terrorist.
It is worth noting that in the Russian sector of the Internet, the meme “Russian hackers” is perceived approximately as “British scientists”. At the same time, in the foreign segment, the concept of "Russian hackers" is linked to such concepts as danger, interference, and more recently, incitement to riot.

Read more »
Russian Cyber Security
Cyber Attacks Cyber War National Cyber Security Russian Cyber Security

Germany threatened Russia with sanctions for a hacker attack on the Bundestag


German Foreign Ministry spokeswoman Maria Adebar on Friday confirmed that Germany in connection with the case of a hacker attack on the Bundestag introduces a sanctions regime,  which includes freezing accounts and restrictions on entry to the European Union.  Hackers linked to Russian intelligence are suspected of hacking emails. Moscow denies any involvement.

Adebar added that this sanctions regime allows freezing assets and restricting entry not only for individuals but also for organizations.

The day before, the State Secretary of the German Foreign Ministry Miguel Berger invited the Russian Ambassador to Germany Sergei Nechaev to Berlin in connection with the case of a hacker attack on the Bundestag. Berger, on behalf of his government, "strongly condemned" the attack.

He also reported on Germany's plans to use the EU's cyber sanctions regime against the Russians involved in this attack, including Dmitry Badin. The reason for this, he also called a warrant for the arrest of Badin, which was issued by the US Attorney General in May.

Recall, in early May, the German media reported that the Prosecutor General's office of Germany announced an international search for Dmitry Badin on suspicion of complicity in a cyberattack on the Bundestag network in 2015. It was noted that he was also wanted by the US Federal Bureau of Investigation (FBI).

Berlin believes that Baden is part of the hacker group Fancy Bear. He is accused of conducting secret intelligence and illegally extracting computer data.

A cyberattack on the Bundestag's resources occurred in April 2015. German members of Parliament received similar emails, allegedly related to the UN, in which there was a link to malicious spyware. According to official data, hackers stole at least 16 gigabytes of data. It is assumed that the attackers copied two mailboxes with correspondence from the parliamentary office of German Chancellor Angela Merkel from 2012 to 2015.

The German side believes that Russia is not sufficiently involved in the investigation of the crime.
Read more »
Russia
Canada cyber attack Cyber Attacks Cyber War Russia

Russia has responded to Canada's accusations of cyberattacks on Georgian websites


The international community, following Georgia, the UK and the US, continues to publish statements condemning the cyberattack allegedly committed by Russia on the websites of Georgian government agencies, non-governmental organizations and the media. The relevant statements are published in Georgian by the Georgian Foreign Ministry.

Foreign Ministry of Australia, the Ministry of Foreign Affairs of Ukraine, and the foreign ministries of Canada, the Netherlands, Romania, and Montenegro condemned the actions of the Russian GRU. And the Icelandic Foreign Minister on his behalf published a short statement on Twitter.
The Ministry of Foreign Affairs of Ukraine not only condemns Russia but also calls on the international community to "bring to justice those who deliberately organize and carry out cyberattacks".

The authors of all statements regard the report of a cyberattack on Georgian websites as a "violation by Russia of the sovereignty and territorial integrity of Georgia and disrespect for the norms and principles of international law".

However, the Russian Embassy in Canada on Twitter stated that Russia is not involved in cyberattacks on Georgian government websites.

"Another fragment of Russophobic lies and fakes," the Russian mission responded to the accusations from Canada. The diplomats called the Canadian policy towards Russia extremely deplorable and reprehensible, and stressed that it further worsens the weakened relations between the two countries.
Prior to this, the accusations of cyberattacks on Georgia were denied by the Deputy head of the

Russian Foreign Ministry, Andrey Rudenko. According to him, Russia did not intend and is not going to interfere in the internal affairs of the neighboring country.

Recall, on February 20, US Secretary of State Michael Pompeo accused Russia of attacking Georgia. They allegedly occurred in October 2019. According to him, because of this, the work of the country's government, several private websites and two major television stations was disrupted. Representatives of the Georgian government made the same statements. The cyberattack was allegedly indicated by the results of the investigation, which Tbilisi conducted "together with other partners."
Read more »
Cyber War
Cyber Attacks Cyber Cold War Cyber War

Cyber Security Company Predicts Cyber Cold War Will Escalate In 2020


A new Cold War will begin in the world in 2020, it will break out in cyberspace. Fake news before the elections will become an Internet trend in politics, and companies and ordinary people need to be wary of old threats - phishing and ransomware viruses. This forecast was made by Check Point IT company in a study available to the Russian Agency for International Information RIA Novosti.

According to experts, cyber attacks will increasingly be used as indirect conflicts between small states, which are supported and financed by large countries seeking to expand their spheres of influence.

In addition, they predict an increase in the number of cyber attacks on utility and other critical infrastructures, explaining this by the fact that in many cases outdated technologies are used in the field of electricity and water supply.

In 2020, an increase in the number of targeted attacks on authorities, specific enterprises and healthcare organizations through mobile malware and ransomware is projected. According to the study, "new versions of malware are available to anyone willing to pay developers".

Companies Check Point predicts more phishing against their employees. "Despite the fact that email remains the main attack vector, cybercriminals now use many other attack vectors. Phishing increasingly includes SMS attacks on mobile phones or the use of messages on social networks and gaming platforms," said experts.

Another trend in 2020, according to the IT company, will be fake news during election campaigns. "In 2016, before the US presidential election, the distribution of fake news based on artificial intelligence began. Political opponents were successful by creating special teams that created and spread false stories," said IT company.
Read more »
Cyber War
China Cyber Attacks Cyber War

Cyber-War Exercise held between US and Taiwan


In a cyber-war event that has been going for a week now, the Taiwanese executives are getting hit by phony emails and messages as a part of it. The event is said to be one of its kind. As a part of the cyber-war training between Taiwan and America, the local authority (of Taiwan) is co-directing the cyber drill with the American Institute in Taiwan (AIT), which also represents the US interests in Taiwan. "The foremost is attention is on threats professed by 'North Korea and other countries' that are responsible for the attack," says AIT in a statement.


On the contrary, Taiwan says that a vast number of cyber-attacks that it suffers come from China. "It is like fighting combat when we are dealing with attacks like these," said a Taiwanese official earlier this month. The cyber-war drills are to take place on Friday, which will try to break into the administration servers and websites by duping the workers in receiving misleading messages. "Taiwan considers China as the main offender for these cyberattacks threats on the island," said Veerle Nouwens, Royal United Services Institute for Defence and Security Studies, UK.

"Taiwanese administration's systems suffer around 30 million cyberattacks every month, and China is responsible for half of it," says the administrator general of Cyber Security Agency, Taiwan. He further adds, "But, no matter where the origin of the attacks happen, building a robust cyber-security system is the first priority for every government and private-sector corporations."

 Risks involved- 
The cyber-war exercises were formally started by Raymond Greene, Director, AIT, at a Microsoft event. "It is a start of new opportunities between the two nations in the cybersecurity field," says Raymond regarding the tests. "The concern today is not any physical violence in any country but rather an invasion of cyber-security by corrupt criminals that is capable of stirring the society from the inside." "But in the end, these attacks are a concern for us all in numerous ways." This is a matter of serious concern as the cyberattacks are trying to influence the elections, economy, and infrastructure of the victim country.
Read more »
IoT
Cyber Security cyber threat Cyber War IoT

New report says IoT adoption heightens cybersecurity threat

A new report by Navigant Research says that due to the increasing adoption of Internet of Things (IoT) devices and systems, threats to cybersecurity are also increasing as attackers are given more numbers of “vectors and surfaces” to target.

The report looks at the state of IoT as a whole, not just its utilities, and addresses questions such as common vulnerabilities present in IoT settings, strategies for cybersecurity, global revenue forecast on IoT security, etc. It also examines regulatory frameworks shaping the market and steps that can be taken to minimize risk.

Oracle Chairman, Larry Ellison, says that companies are losing this cyber war and that, “Make no mistake, it’s a war.”

“The mushrooming number of IoT devices being deployed by utilities and other enterprises carries an obvious and growing security risk,” said Neil Strother, principal research analyst with Navigant Research. “Smart managers need a comprehensive strategy to stay ahead of potentially devastating threats to IoT assets.”

He added that managers can no longer rely on the “old-school reactive” approach but must instead adopt “latest proactive and predictive tools and methodologies to keep devices and systems safe.”

The report itself is aimed at utility security managers, enterprises, IoT cybersecurity solution vendors, investor groups, regulators, and other stakeholders.
Read more »
National Security
Breaking News Chinese Hackers Cyber War IT Security News National Security

Chinese Huawei allegedly hacked into Indian state-owned Telecoms company BSNL

Parliament of India was informed on Wednesday that the State-owned Telecoms Company Bharat Sanchar Nigam Limited(BSNL)'s network was allegedly hacked by a Chinese Telecom equipment maker Huawei.

"The government has constituted an inter-ministerial team to investigate the matter."Killi Kruparani, Minister of State for Communications and IT, told the Lok Sabha.

According to reports,  the engineers of Huawei allegedly hacked a BSNL's mobile tower in Coastal area of Andhra Pradesh in October 2013.

India has launched an investigation, the investigation team is comprise of top officials from National Security council Secretariat, Intelligence Bureau, Union home ministry and BSNL.

It is worth to note that BSNL has offered a major part of its network expansion tender to another Chinese company ZTE in 2012.  The goverment suspects it might be the "inter-corporate rivalry" between these two chinese companies.

Huawei India denies allegations of hacking BSNL's network, said it will continue to work with Indian customers and Government and ready to help in addressing any network security issues.
Read more »
Pakistan Haxors CREW
Cyber War hacker news HaXor Hasnain Pakistan Hackers Pakistan Haxors CREW

Indian Public Health Engineering Department website hacked by Pakistan Hackers


West Bengal Branch of Indian Public Health Engineering Department website(www.wbphed.gov.in) has been breached by a hacker from Pakistan.

A hacker with handle H4$N4!N H4XOR from Pakistan Haxors CREW has has uploaded a defacement page in the "Uploads" directory of the site (http://www.wbphed.gov.in/applications/GO/uploads/index.html).

When we asked about the vulnerability responsible for the breach, the hacker said that the website is vulnerable to SQL Injection vulnerability.

"Security Breach!Free Kashmir. Free Syria. Stop Spying On US. Stop Killing Muslims. We Have All Your Data. Don't Try To Catch Us" The defacement message reads.

The hackers said the defacement is revenge for hacking Pakistan websites.  He also claimed to have compromised the database from the server.

In the last two days, the group hacked into Indian Railways website and Official website of Assam Rifles.
Read more »
Subscribe to: Posts (Atom)