Category: Russia

Cyberwar predictions for 2019: The stakes have been raised

Before the internet era, geopolitical tensions drove traditional espionage, and periodically erupted into warfare. Nowadays, cyberspace not only houses a treasure-trove of commercially and politically sensitive information, but can also provide access to control systems for critical civil and military infrastructure.

It’s therefore no surprise to find nation-state cyber activity high on the agendas of governments. In 2019, nation-state cyber activity is expected to increase to unprecedented levels.

Read more about the predictions for nation-state cyber activity in 2019 on ZDNet.

The Most Dangerous People on the Internet in 2018

This year thankfully avoided any world-breaking ransomware attacks like NotPetya. It even had some small victories, like GitHub beating back the biggest DDoS attack in history. Still, online threats are manifold, lurking and evolving, making the internet a more hostile place than ever.

The biggest threats online continued to mirror the biggest threats in the real world, with nation states fighting proxy battles and civilians bearing the brunt of the assault. In many cases, the most dangerous people online are also the most dangerous in the real world. The distinction has never mattered less.

Read the list of most dangerous people on the Internet for 2018 on Wired.

US Treasury sanctions Russians for hacking and election meddling

The US government isn’t done taking action against Russians accused of hacking and interference campaigns. The Treasury Department has leveled sanctions against 16 current and former GRU intelligence officers (some of whom were targeted in earlier indictments) for their involvement in multiple campaigns against the US, including the Democratic National Committee hacks, World Anti-Doping Agency hacks and election meddling efforts.

The targets include Elena Khusyaynova, the primary accountant for the Project Lakhta influence campaign that included the Internet Research Agency. The sanctions also target associated entities like the Federal News Agency.

Read more about the US Treasury sanctions against Russians on Engadget.

Russian Cyberspies Build ‘Go’ Version of Their Trojan

The Russian-linked cyber-espionage group Sofacy has developed a new version of their Zebrocy tool using the Go programming language, Palo Alto Networks security researchers warn. The first-stage malware was initially analyzed in April this year, and has been observed in numerous attacks in October and November. Last month, however, the researchers also observed a new Trojan being used in the group’s attacks.

Also known as APT28, Fancy Bear, Pawn Storm, Sednit and Strontium, the state-sponsored actor has been active for several years, focusing on cyber-espionage and believed to have orchestrated the attacks targeting the 2016 presidential election in the United States.

Read more about the new malware used by Sofacy on SecurityWeek.

How Russia’s online influence campaign engaged with millions for years

Russian efforts to influence U.S. politics and sway public opinion were consistent and, as far as engaging with target audiences, largely successful, according to a new report from Oxford’s Computational Propaganda Project. Based on data provided to Congress by Facebook, Instagram, Google and Twitter, the study paints a portrait of the years-long campaign that’s less than flattering to the companies.

The report summarizes the work of the Internet Research Agency, Moscow’s online influence factory and troll farm. The data cover various periods for different companies, but 2016 and 2017 showed by far the most activity.

Read more about the findings of the insightful report on TechCrunch.

Russia-Linked Phishing Attacks Hit Government Agencies on Four Continents

A recent campaign attributed to the Russian cyber-espionage group Sofacy hit government agencies in four continents in an attempt to infect them with malware, Palo Alto Networks security researchers say.

Also known as APT28, Fancy Bear, Pawn Storm, Sednit and Strontium, the Russian state-sponsored hacking group has been focusing on Ukraine and NATO countries in recent years, and the new attacks are no different. The actor is also believed to have targeted the 2016 presidential election in the United States. Palo Alto Networks has shared new information on the latest campaign, which was carried out from mid-October through mid-November.

Read more about the latest campaign by Sofacy on SecurityWeek.

Why Microsoft is fighting to stop a cyber world war

Two days last year finally woke the world up to the dangers of cyberwarfare, according to Microsoft’s President Brad Smith: 12 May and 26 June. On 12 May the WannaCry ransomware attack created havoc by encrypting PCs across the world and costing billions to repair the damage. Just over a month later on 16 June the NotPetya malware caused more damage, again costing billions to fix. Western governments have blamed WannaCry on North Korea, and NotPetya on Russia — it probably was designed as an attack on Ukraine which then got out of hand.

Smith draws a parallel between the run-up to the First World War and the burgeoning cyberwar arms race today. “I’m not here to say the next world war is imminent but I am here to say that there are lessons from a century ago we can learn and apply, that we need to apply, to our own future,” said Smith.

Read more about Microsoft’s efforts to stop a cyber world war on ZDNet.

Ukraine Accuses Russia of Cyberattack on Judiciary Systems

Ukraine has once again accused Russian intelligence services of launching cyberattacks against one of its government organizations. Ukrainian security service SBU announced that its employees blocked an attempt by Russian special services to breach information and telecommunications systems used by the country’s judiciary.

According to the SBU, the attack started with a malicious email purporting to deliver accounting documents. The documents hid a piece of malware that could have been used to disrupt judicial information systems and steal data.

Read more about the cyberattack attributed to Russia on SecurityWeek.

NATO Practicing Cyber-Warfare Games

To address the growing concern of cyber-warfare, NATO has launched the “Cyber Coalition 2018” in Estonia. The exercise is a “War Game” focused on defense and counter-attack in the arena of digital battle.

The activity is taking place just 50 kilometres (30 miles) from the border with Russia, seen by the West as the biggest cyber threat after a string of attacks blamed on the Kremlin. Targets have included world sports bodies, the US Democratic Party and the world chemical weapons watchdog in the Netherlands. NATO says such assaults are becoming more “frequent, complex, destructive and coercive”, and are launched not just by state actors like Russia, China and North Korea but also by criminal gangs intent on extortion and “hacktivists” looking to embarrass big organisations.

Read more about the NATO cyber war games on The New American.

The state of cyberwarfare: 2 things you need to know

Cybersecurity headlines in recent years have been dominated by companies losing money by being hacked and leaking the data of millions of customers. But today, cybersecurity is moving beyond the financial impact to concerns over public safety, national security, and even cyberwarfare.

To understand the state of cyberwar and its potential impact, we should all keep in mind two things:

  1. The proliferation of cyberweapons is already happening
  2. Arms control of cyberweapons hasn’t caught up

Read more about the current state of cyberwarfare on ZDNet.