Ukraine accuses Russian networks of massive cyber attacks

Ukraine accuses Russian networks of massive cyber attacks

Ukraine on Monday accused Russian internet networks of massive attacks on Ukrainian security and defence sites, but did not provide details about any damage or say who believed it was behind the attack. Kyiv has accused Moscow of orchestrating major cyber attacks as part of a “hybrid war” against Ukraine, contradicting Russia’s denial.
However, a declaration by the National Security and Defence Council of Ukraine did not show who it believed that had organised the attacks or give any details of the effect that the intrusions had on Ukrainian cybersecurity.

The attacks began on 18 February and were aimed at websites of the Ukrainian Security Service, the Council itself and some other state institutions and strategic companies, it said in a statement. “It was shown that the addresses of certain Russian transport networks were the source of these coordinated attacks,” the Council said. The Council added that the attacks attempted to infect the government’s vulnerable web servers with a virus that added them to a bot-net used for DDoS attacks against other resources.
A DDoS attack is a cyber attack where hackers try to flood a network with unusually high traffic volumes to paralyze it.

Ukraine’s and Russia’s relations have been very problematic since the Russian annexation of Crimea in Ukraine in 2014 and participation in a conflict in the eastern Donbass region of Ukraine, which, according to Kiev, has killed 14000 people.

This month, the Ukrainian army said that five of their staff were killed last week in the east of the country, despite a ceasefire with pro-Russian separatists. On Monday, the military informed another dead soldier who had been killed by a rocket propelled grenade.

France identifies hackers connected to Russia in a large cyberattack

France identifies hackers connected to Russia in the big cyberattack

The hackers breached the software company that listed by Airbus, Orange and the French Ministry of Justice as their clients.

France’s ANSSI cybersecurity agency on Monday said that “several French entities” had been attacked, and linked the attacks to a group of Russian hackers who are thought to be behind some of the most devastating cyberattacks in recent years.

The agency said that it had identified “an intrusion campaign” in which hackers, linked to the Russian military intelligence agency GRU, committed the French software firm Centreon to install two pieces of malware on their clients’ networks. The “support chain attack” is similar to the recently discovered commitment of U.S. business software SolarWinds which breached several US government agencies and many others.

The intrusion campaign began in late 2017 and lasted until 2020, ANSSI said, adding that “it most affected information technology providers, especially web hosting providers.”

Centreon said in a statement that “he has taken note of the information,” adding that “it has not been shown at this stage that the identified vulnerability refers to a commercial version provided by Centreon during the period in question.”

The company lists Airbus, Air France, Thales, ArcelorMittal, Electricité de France (EDF) and the signature of Orange telecommunications among its clients, as well as the French Ministry of Justice. It is not clear how many or what organizations were penetrated through the software hack.

ANSSI said that the campaign “shares several similarities with previous campaigns attributed to the established intrusion called Sandworm,” which “is known to lead consecutive intrusion campaigns before focusing on specific goals that fit their strategic interests within the victim pool.”

The hacker group Sandworm has been linked to GRU by cybersecurity authorities and experts. The group is believed to be behind some of the most damaging cyberattacks in recent history, including the NotPetya ransomware outbreak in 2017 and the attacks on the Winter Olympic Games in South Korea.

European diplomats imposed sanctions on several officers of the Russian intelligence unit linked to Sandworm in relation to cyberattacks. The U.S. authorities also accused the hackers belonging to the same group and said the group was suspected to be behind the 2017 cyberattack at the then president of the Emmanuel Macron La République En Marche party.

The public mention of Sandworm by the French authorities is rare, as the country has traditionally been hesitant to attribute cyberattacks.

Cyberpunk 2077 developer, CD Projekt, hit by cyber attack

Cyberpunk 2077 developer, CD Projekt, hit by cyber attack

CD Projekt has been hit by a cyber attack, which compromised some of its internal systems including the source code to its flagship Cyberpunk 2077 game, dealing another blow for the Polish video game maker.

“An unidentified actor gained unauthorized access to our internal network, collected certain data belonging to CD PROJEKT capital group, and left a ransom note,” the company said on Twitter on Tuesday, adding it would not negotiate with the actor.

CD Projekt has been in the limelight recently amid the troubled roll-out of Cyberpunk 2077, leading Sony to pull the game from its PlayStation Store after just a week.

The cyber attacker gained access to source codes to Cyberpunk 2077, Wither 3, card game Gwent and an as yet unreleased version of Witcher 3, CD Projekt said.

The company’s shares were down 3% at 276 zlotys by 0948 GMT after dropping as much as 6.3%.

CD Projekt said its backup systems remained intact and it was still investigating the incident but to the best of its knowledge, the compromised systems did not contain any personal data of its players or users of its services.

VTB Capital analyst Vladimir Bespalov said the most immediate negative effect would be the need to allocate resources to repair the damage, which might slow down somewhat the company’s work on fixing Cyberpunk 2077.

“It is possible that since CD Projekt informed about the attack on its Twitter account and not via a regulatory filing, it is not worried that the attack has caused significant negative effect or the data might be irrelevant,” said Kacper Kopron, an analyst at Trigon DM.

Kopron saw the main risk for CD Projekt would be further losing trust among customers after the disappointing premiere of Cyberpunk 2077.

CD Projekt said it would not comment beyond the statement published on its social media account.

Shares in the company plunged at the end of last year amid the Cyberpunk roll-out problems, from a record high of 464.2 zlotys. They recovered losses after the recent Reddit-fueled retail frenzy caused short sellers to close their positions.

Are You Ready to Handle a Cyberattack?

Are You Ready to Handle a Cyberattack?

A cyberattack is a major threat to any individual or business. Gaps between the company and the security team can result in cyberattacks, halting all business activities. It is no doubt the security team’s job to ensure that cyber attacks are prevented or taken care of. However, enterprises also have to take part in planning a comprehensive strategy to take on cyber-attacks. These attacks are expected to cost $6 trillion by 2021 annually, double the loss incurred by these attacks in 2015.

Is your company ready to take on a cyberattack? Let us find out how you can avoid it.

A cyber attack is an assault by cybercriminals or group that use one or more computers to target single or multiple computers on a network. This attack may be against an individual, company, or even the government. Cyberattacks damage data, leading to stolen money, lost productivity, stolen intellectual property, or personal and financial data.

The World Wide Web was invented in 1989, and there are more than 4.66 billion internet users worldwide today (more than half the total population of 7.8 billion). With IoT devices emerging, the number of active users and devices on the internet will only increase. Similar to how street crime grew in relation to population growth, we are witnessing such a trend in cybercrime.

With various malicious software and programs on the internet, there are also software programs that can help prevent cyberattacks. Most of the time, the motive of any cyberattack is to steal or corrupt data. With increasing data being generated every day, there is an increasing need to protect data. There are also corners of the internet known as the Dark Web that conceals and promote such cyberattacks.

The top cyberattacks include phishing and malware. Phishing is a fraudulent method to obtain confidential data such as usernames, passwords, or bank details by disguising oneself as a popular individual or entity. On the other hand, malware attacks are performed using malicious software and programs installed on a user’s computer without their knowledge.

Ransomware is a type of malware that affects computers and restricts access to files. Every 40 seconds, a business falls victim to such attacks. To get out of such attacks, companies have to pay a considerable ransom.

The origins of such attacks may be unknown most of the time. However, organizations fear hacking groups the most, as they are the most likely source. They don’t generally fear nations as a possible origin of cyberattacks.

Also, preventing cyberattacks only works for previously known vulnerabilities and malicious programs. A day-zero attack is quite challenging to prevent. This leaves them waiting for attacks or breaches and can act only to mitigate the damage.

Enterprises, as well as their employees, must join hands to combat cyberattacks and ultimately prevent them.

How to Prevent Cyberattacks?

The main concern of any business that operates on the internet should be to protect data rather than just harvest it. Security should become the utmost priority. However, companies lack security awareness.

Organizations need to boost cyber protection with security software, vulnerability management, and employee training to take on any cyberattack. Even with companies doing their best to prevent such attacks, they will never be 100 percent secure.

Companies can check whether they are safe from cyberattacks with simulations in a secure environment. Various security companies specialize in such simulations and can help conduct one without harming your network and data. This will provide a better perspective to businesses regarding their current security policies and can help them identify their flaws.

These results can also mitigate any detected vulnerability and allow organizations to make the necessary changes to prevent future cyberattacks.

Cybersecurity awareness training also goes a long way in preventing cyberattacks. With organizations training their employees on security and developing a more robust version of the ongoing program, employees’ negligence will no longer be the cause of an attack. Companies are spending more on preventing such cyberattacks, and many third-party organizations are working to help prevent them.

Are you Ready to Deal with the Next Cyber Attack?

An OTA report revealed that over 90 percent of the breaches could be prevented and that 29 percent of them were caused due to employees – maliciously or accidentally. Another report from FireEye found that just under half (49 percent) of all organizations feel that they are ready for a full-fledged cyberattack.

To know if your enterprise is truly ready to deal with a cyberattack, ask yourself the following questions:

  • Do the employees know not to click on malicious links?
  • Is there any manual procedure to keep the business going in case of an attack?
  • Do you have a communication tool in place to alert and forward instructions to the business in case of a cyberattack?
  • When was your business last tested for security responders, IT recovery teams, and users?
  • Do you have cyberattack responders in place?
  • Do you know which business applications are critical?
  • What is your plan to handle the damage of such attacks?
  • Do you have a disaster recovery (DR) team with a DR plan? Is your disaster management automated or orchestrated?

If you can answer these questions with clarity, your business has a plan to deal with incoming cyberattacks. Although you can never prevent 100 percent of the cyberattacks, you can avoid a great deal of them.

Conclusion

To prevent cyber attacks, organizations need to be vigilant, have proper security measures, and have a disaster recovery plan in place. IT analysts cannot keep up with the rise in cybercrime, ransomware, and the shift of malware from PCs and laptops to smartphones and tablets.

With regular cyber-attack simulations and security awareness training, any organization can take on a cyberattack. Even if prevention is not an option, you can work to mitigate the damages. Businesses have to be more transparent about their data-handling and shoulder the responsibility in any security breach.