Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label National Cyber Security. Show all posts
Russian Hackers
Cyber Crime Cyber Crime Report Hackers Arrested National Cyber Security Russian Hackers

Russian hacker arrested in US who may have information about Russian interference in American elections

According to Bloomberg sources in the Russian and American security and intelligence agencies, Klyushin is a Kremlin insider and even a year and a half ago received a state award from Putin, the Order of Honor.

They added that Klyushin has access to documents that relate to the Russian campaign to hack the servers of the Democratic Party during the US elections in 2016. According to them, these documents confirm that the hacking was carried out by a group of hackers from the GRU, which is known under the names Fancy Bear and APT28. In addition, some sources expressed the opinion that Klyushin has access to secret records of other high-ranking GRU operations abroad. All this can make Klyushin a useful source of information for the US authorities, especially if he asks the court for leniency.

Another argument that Klyushin has this valuable information for the U.S. is that his subordinate at M13 was former ex-GRU operative Ivan Yermakov. In 2018, he was one of the defendants accused of hacking into the computer systems of the Democratic Party.

Recall that on December 19, Switzerland extradited Klyushin to the United States. He is suspected of illegal trading in securities worth tens of millions of dollars. Klyushin is the head of the M13 company, which has developed the Katyusha media monitoring system for the Ministry of Defense and the Presidential Administration.

In 2017, The Insider managed to prove that the Fancy Bear group consists of employees of the military unit 26165 GRU. A year later, this data was confirmed by the US Department of Justice, officially bringing charges against a group of hackers. The most famous operation APT28 was the hacking of the servers of the Democratic Party in 2016, designed to help Donald Trump defeat Hillary Clinton in the presidential election.

Read more »
United States Cyber Security
China Cyber Security Cyber Security National Cyber Security Russian Cyber Security United States Cyber Security

The US did not invite Russia and China to an online conference on combating cybercrime

The US National Security Council organized virtual meetings this week to discuss countering ransomware operators. In total, 30 countries were invited to the conference, including Ukraine, Mexico, Israel, Germany, and the UK, however, Russia and China were not invited to the discussion.

The cyber threat posed by ransomware is increasingly worrying people at the highest level. The ransoms have already reached over $400 million in 2020 and $81 million in the first quarter of 2021.

US President Joe Biden announced in early October that representatives from more than 30 countries will work together to fight back against cybercriminals distributing ransomware. This initiative was the result of very dangerous and large-scale attacks by ransomware operators that recently hit Colonial Pipeline and Kaseya.

It is interesting to note that recently Russian Deputy Foreign Minister Sergei Ryabkov made it clear that Moscow is interested in discussing the problem of ransomware viruses with Washington, but does not want contacts to be limited only to this topic. “American colleagues are still trying to focus all their work on what interests them,” he complained at the time.

Despite the previously announced cooperation in the field of cybersecurity between Moscow and Washington, no one expected Russian official representatives at the meetings. The organizers of the meetings did not invite China and Russia.

Perhaps the reason lies in a misunderstanding that arose at a certain stage. The United States has repeatedly asked Russia to take measures against ransomware operators located in the country. White House Press Secretary Jen Psaki even promised that Washington itself would deal with these cyber groups if the Kremlin could not.

Read more »
Vulnerabilities and Exploits
National Cyber Security Russia Russian Cyber Security Vulnerabilities and Exploits

Half of the Russian websites of small and medium-sized enterprises have vulnerabilities

According to Tinkoff, almost half (46%) of online resources for SMEs in Russia have cybersecurity issues.

The most critical of the most common errors is the weak protection of cloud storage, threatening data leakage (identified in more than a quarter of organizations).

These disappointing statistics are based on the analysis of more than 40 thousand sites and databases of small companies / individual entrepreneurs. The most vulnerable areas in terms of information security were areas such as consulting, retail, and IT (44% of the problems found).

Most often (in 33% of cases) SMEs make domain verification errors. Such mistakes provoke the capture of a resource through data substitution.

The second place in the rating is taken by the threat of confidential information leakage arising from open access to the database or from the use of a weak password (27%). The ability to obtain a key by a simple brute-force attack allows an attacker to obtain personal data of customers and company employees, trade secrets, source codes of programs, etc.

The third most frequent cybersecurity error, according to Tinkoff, is SSL Unknown subject (15%). Such a problem during SSL-certificate verification threatens with interception and disclosure of data (MITM attack).

The researchers also found that the resources of SMEs are poorly protected from attacks by cryptographers (9%).

The top five problems also included another common error — an expired SSL certificate (7%). When the browser shows that the certificate is invalid, the site may fall out of access; as a result, the company loses potential customers.

“Unfortunately, cybersecurity is poorly developed in Russia and business does not realize how important it is to protect data. Firstly, the services of good and competent specialists are very expensive; secondly, after the crisis, companies direct working capital primarily for the purchase of goods and current needs,” comments Pavel Segal, First Vice President of “OPORA Russia”.

Read more »
Russia
Cyber Security Japan Japan Cyber Security National Cyber Security Russia

Japan mentioned Russia in its new cybersecurity strategy

The Japanese government on Tuesday officially approved a new three-year cybersecurity strategy, where Russia, China and North Korea are mentioned for the first time as potential sources of hacker attacks. The document is published on the website of the Cyber Strategic Headquarters of Japan.

Japanese Foreign Minister Toshimitsu Motegi said at a press conference in Tokyo that the sphere related to security guarantees is expanding. The importance of such areas such as cyberspace and space security is growing.

According to him, the security situation around Japan is becoming increasingly severe. It is believed that China, Russia and North Korea are strengthening their potential in cyberspace, and the instability of the world order is also increasing.

He added that Japan, based on the adopted strategy, will increase its capabilities to counter attacks by foreign hackers.

The document claims that China conducts cyber attacks in order to obtain military and other advanced technologies, and Russia allegedly to achieve beneficial military and political goals in other countries. According to the approved strategy, to strengthen the cyber potential, Japan intends to work closely with the participants of the Quadrilateral Security Dialogue, which also includes Australia, India and the United States.

It should be noted that in Japan, more than 4 thousand attempts of illegal penetration into various computer networks and systems are recorded annually. In particular, large electrical engineering corporations NEC and Mitsubishi Electric have become victims of intruders in recent years.

Western countries have repeatedly made allegations that Russia is involved in various cyber attacks, including against US government agencies and companies. The Russian side has consistently denied these accusations. In particular, the press secretary of the President of the Russian Federation Dmitry Peskov said earlier that Moscow is not involved in such hacker attacks.

Read more »
National Cyber Security
Cyber Attacks National Cyber Security

Hackers hacked the accounts of employees of government agencies in Russia and more than ten other neighboring countries

The British company Cyjax discovered a large-scale attack against employees of state agencies in Russia and neighboring countries. Attackers create websites that simulate e-mail access for officials, and this data can be used to further attack agencies or sell access in the shadow market. Experts give different versions of the direction of the attacks, from political provocations to banal data phishing.

Among the attacked organizations are the Russian Academy of Sciences (RAS), the mail service Mail.ru as well as state structures of more than a dozen countries, including Armenia, Azerbaijan, China, Kyrgyzstan, Georgia, Belarus, Ukraine, Turkey, Turkmenistan and Uzbekistan.

According to Cyjax, 15 sites are currently active that simulate e-mail login page for employees of the ministries of Foreign Affairs, finance or energy of various countries.

Mail.ru said that they monitor the appearance of phishing sites and fraudulent emails and “respond in a timely manner to such incidents.” They added that they have an anti-spam system that adapts to new spam scenarios, including phishing.

Cyjax believes that the purpose of the attack is to collect usernames and passwords to access the mailboxes of government officials. Moreover, a certain pro-state group may be behind this, since there is no financial benefit from the attack and the Russian Federation and neighboring countries have become targets of attacks.

“The motive of the campaign may be a provocation against Russia on the theme that Russia itself is hacking its neighbors,” says Yuri Drugach, co— founder of the StopPhish project. The provocation is indicated by the fact that some of the domains were registered in July and the servers are hosted in Russia.

Yuri Drugach suggested that several groups of scammers are behind the attacks. For example, the Russian Academy of Sciences has six fake sites where attackers engage in phishing and install malicious add-ons in the browser.

Read more »
United States
Cyber Security National Cyber Security Russia United States

Presidential Press Secretary Said Moscow Not Involved in The Cyber Attacks on the Republican National Committee of US

On Wednesday, the press secretary of the President of the Russian Federation Dmitry Peskov told reporters that the cyber attack on the cloud networks of the US Republican National Committee had nothing to do with Moscow.

"We don't know what exactly was there, but it has nothing to do with Moscow," a Kremlin spokesman told reporters.

He stressed that the Russian side "does not have any detailed information on this matter." At the same time, Peskov noted that recently there have been a lot of publications, which appear literally every day, concerning various cyberattacks and their alleged connection to Russia.

On Tuesday, Bloomberg reported that the cloud networks of the National Committee of the Republican Party of the United States, maintained by Microsoft, were subjected to a cyber attack. As noted by journalists, it was hackers from a cybercriminal group known as APT 29 or Cozy Bear.

On July 6, it became known that expert contacts between Moscow and Washington on cybersecurity were continuing after a meeting between Vladimir Putin and Joe Biden. According to White House spokeswoman Jen Psaki, the U.S. side expects a new meeting of experts next week.

During the summit in Geneva on June 16, Putin and Biden agreed to start consultations on cybersecurity. The Russian leader drew attention to the fact that, even according to American sources, the majority of cyberattacks in the world are committed from the United States, as well as from Canada and the United Kingdom.

Putin stressed that Moscow and Washington can agree on rules of conduct in the areas of strategic stability, cybersecurity and regional conflicts. Biden, on the other hand, said that he gave his Russian colleague a list of 16 types of infrastructure facilities, attacks on which should be stopped immediately in the most effective way.


Read more »
United States
Cyber Security National Cyber Security Russia United States

Russian Foreign Ministry accused the United States of trying to win back the summit agreements on cybersecurity

According to the Russian Foreign Ministry, the words of White House spokesman Jen Psaki that the United States does not intend to warn Moscow about retaliatory cyber attacks are perplexing.

On Monday Psaki said that at the summit in Geneva, the US president Joe Biden mentioned hacking attacks on American facilities, which are blamed on Russia.

As Russian Foreign Ministry spokeswoman Maria Zakharova noted, Psaki's statement is surprising in the context of the Geneva talks, after which the sides announced their intention to begin consultations on cybersecurity.

"It seems that the United States is still trying to retain the right to launch cyber attacks based on fake Russian accusations of cyber attacks," Zakharova stressed at the briefing.

According to her, if Washington commits a cyber attack without warning, it will be an unannounced attack first.

"We really want Washington to take these words seriously," the Foreign Ministry representative added.

Zakharova recalled that before the meeting in Geneva, the United States had made it clear that the topic of international information security had become strategic for them.

"In this context, we hope that the understanding of the need for a direct, professional and responsible conversation with Russia will prevail. We expect Washington to take appropriate steps," the diplomat concluded.

Russia-US summit was held in Geneva on June 16. Summing up the negotiations, Vladimir Putin said that the sides will start consultations on cybersecurity. The president recalled that Moscow had previously provided all the information on the U.S. requests for cyberattacks, but had received nothing in response from the U.S. intelligence agencies. Putin noted that most of the cyber attacks in the world come from the U.S. and that anti-Russian insinuation must be stopped.

Read more »
Russian Cyber Security
Cyber Security National Cyber Security Russia Russian Cyber Security

The white hat hacker has estimated the probability of a hacker attack on the websites of Internet giants

There is no need to worry about the security of Russian systems after a global failure in the work of world sites, since the servers of all state institutions are located on the territory of Russia

Information security expert Denis Batrankov explained that the problem of modern systems is that many companies do not have the opportunity to create their own office to host their servers there. As a result, they order servers from other hosting providers where they host their product. All responsibility in this case falls on the hosting provider, but the risk of failures increases significantly.

Vakulin illustrated his opinion with an example of Amazon Web Services hosting.

"Many sites are hosted by Amazon Web Services, including small and medium — sized businesses. Since there was a large and large-scale failure, then all the sites that were generally hosted on this platform go down after it", the hacker said.

The expert believes that, despite the recent attacks on the American pipeline company Colonial Pipeline and World’s Biggest Meat Supplier JBS, Russia should not worry too much about industrial safety.

"As for government agencies, their servers are located in Russia. The data is stored in our country. From a security point of view, everything has been done to prevent third parties from accessing this data", the expert said.

The programmer also drew attention to the fact that the State Duma was going to oblige foreign IT companies with an audience of more than 500 thousand people a day to open branches in Russia.

"This law can still be finalized to the point that all data will be stored on Russian servers," Vakulin said.

In conclusion, the programmer shared his vision of the future in the IT field. He believes that neural networks will control the servers.

"I carefully monitor how our technologies and knowledge of artificial intelligence and neural networks are improving," Vakulin said. " Most likely, neural networks will simply monitor everything in the future: they will be engaged in tracking the site. In 20 years, programmers and cryptographers will simply observe the work of artificial intelligence, somehow refine it, and it will already do the work for them."

Earlier, Internet users reported a global failure in the work of the sites of a number of media outlets, companies and social networks around the world. Problems were observed, for example, at CNN, Twitter, Guardian, Amazon, Reddit, New York Times. The problems occurred due to a failure in the work of the American cloud service provider Fastly. Within an hour, the problems were fixed.

Read more »
Subscribe to: Posts (Atom)