Connect with us

Internet

Ukraine Says Russia Behind Cyberattack in ‘Hybrid War’ Move

Published

on

By Associated Press | Updated: 17 January 2022

Ukraine said Sunday that Russia was behind a cyberattack that defaced its government websites and alleged that Russia is engaged in an increasing “hybrid war” against its neighbor.

The statement from the Ministry of Digital Development came a day after Microsoft said dozens of computer systems at an unspecified number of Ukrainian government agencies had been infected with destructive malware disguised as ransomware. That disclosure suggested the attention-grabbing defacement attack on official websites last week was a diversion.

“All evidence indicates that Russia is behind the cyberattack. Moscow continues to wage a hybrid war and is actively building up its forces in the information and cyberspaces,” the ministry statement said.

The attack comes as the threat of a Russian invasion of Ukraine looms and diplomatic talks to resolve the tense standoff appear stalled.

Microsoft said in a short blog post Saturday that it first detected the malware on Thursday. That would coincide with the attack that simultaneously took some 70 Ukrainian government websites temporarily offline.

Microsoft said in a different, technical post that the affected systems “span multiple government, non-profit, and information technology organisations.” It said it did not know how many more organisations in Ukraine or elsewhere might be affected but said it expected to learn of more infections.

On Sunday, US national security adviser Jake Sullivan said US and private-sector companies were still working to determine the source of the attacks. He said the United States has warned for months about the possibility of cyberattacks from Russia and has been working with Ukraine to improve that country’s defenses.

“This is part of the Russian playbook,” he said on CBS television’s “Face the Nation” programme.

A top private sector cybersecurity executive in Kyiv, Oleh Derevianko, told The Associated Press that the intruders penetrated the government networks through a shared software supplier in a supply-chain attack like the 2020 SolarWinds Russian cyberespionage campaign that targeted the US government.

In 2017, Russia targeted Ukraine with one of the most damaging cyberattacks on record with the NotPetya virus, causing more than $10 billion (roughly Rs. 74,150 crore) in damage globally. That virus, also disguised as ransomware, was a so-called “wiper” that erased entire networks.

In Friday’s mass web defacement, a message left by the attackers claimed they had destroyed data and placed it online, which Ukrainian authorities said had not happened.

The message told Ukrainians to “be afraid and expect the worst.”

Internet

Facebook, Twitter, Google, Other Tech Firms Ask US Supreme Court to Block Texas Social Media Law

Published

on

By Reuters | Updated: 14 May 2022

Lobbying groups representing Facebook, Twitter, Google and other tech companies filed an emergency request with the US Supreme Court on Friday, seeking to block a Texas law that prohibits large social media platforms from banning users based on their political views.

The Texas law went into effect on Wednesday when the 5th US Circuit Court of Appeals granted the state’s request for a stay of a district judge’s injunction blocking the law.

The law forbids social media companies with more than 50 million active users per month from banning members based on their political views and requires them to publicly disclose how they moderate content.

It was signed into law by Texas Governor Greg Abbott, a Republican, in September.

Internet lobbying groups NetChoice and the Computer & Communications Industry Association filed a lawsuit against the measure, and US District Judge Robert Pitman in Austin, Texas, issued a preliminary injunction in December.

Pitman had found that the law would harm social media companies’ free speech rights under the First Amendment of the US Constitution.

The tech groups, in their emergency request, asked the Supreme Court to “allow the District Court’s careful reasoning to remain in effect while an orderly appellate process plays out.”

© Thomson Reuters 2022

Continue Reading

Internet

Cyberattacks Grown in Last 2 Years During Pandemic, Global Cost Topped $6 Billion in 2021: Italian Defence Firm

Published

on

By Agencies | Updated: 11 May 2022

The global cost of cybercrime topped $6 trillion (roughly Rs. 4,63,52,100 crore) last year, as the coronavirus pandemic caused online activity to soar, the head of Italian defence, security and aerospace giant Leonardo said Tuesday.

“New cybersecurity threats over the last two years have been a ‘collateral damage’ of the COVID-19 pandemic and the acceleration of digitalisation it induced,” Alessandro Profumo said at the opening of the Cybertech Europe 2022 conference in Rome.”

Cyberattacks have grown in number, sophistication and impact — in 2021 the global cost of cybercrime exceeded $6 trillion. “The figures came from Clusit, the Italian association for information security, and compare to an estimate of losses of $1 trillion (roughly Rs. 77,25,550 crore) in 2020.

One fifth of the total attacks was directed at Europe, Profumo said, but the continent lacked at least 200,000 cybersecurity professionals.

Speaking to foreign journalists in Rome last month, he said cybersecurity issues had increased following Russia’s invasion of Ukraine. “We are noticing additional pressure,” said the boss of Leonardo, which has a specialised branch dedicated to cybersecurity.

The statement from Italian defence firm comes a day after the European Union (EU), the UK and the US accused Russia to be behind a series of cyberattacks linked with its conflict with Ukraine earlier this year with wide-ranging impact across Europe.

The western allies said the most recent attack was on the communications company Viasat in Ukraine, which had a wider impact across the European continent, disrupting wind farms and internet users in central Europe. The UK’s National Cyber Security Centre (NCSC) assesses that the Russian Military Intelligence was “almost certainly” involved in the January 13 defacements of Ukrainian government websites and the deployment of a destructive malware called Whispergate.

“This is clear and shocking evidence of a deliberate and malicious attack by Russia against Ukraine which had significant consequences on ordinary people and businesses in Ukraine and across Europe,” said UK Foreign Secretary Liz Truss.

Continue Reading

Internet

EU, US, UK Accuse Russia of Cyberattacks Amid Invasion of Ukraine; Blame It for Deployment of Whispergate

Published

on

By Press Trust of India | Updated: 10 May 2022

Russia has been behind a series of cyberattacks linked with its conflict with Ukraine earlier this year with wide-ranging impact across Europe, the European Union (EU), the UK and the US said on Tuesday. The western allies said the most recent attack was on the communications company Viasat in Ukraine, which had a wider impact across the European continent, disrupting wind farms and internet users in central Europe.

The UK’s National Cyber Security Centre (NCSC) assesses that the Russian Military Intelligence was “almost certainly” involved in the January 13 defacements of Ukrainian government websites and the deployment of a destructive malware called Whispergate.

“This is clear and shocking evidence of a deliberate and malicious attack by Russia against Ukraine which had significant consequences on ordinary people and businesses in Ukraine and across Europe,” said UK Foreign Secretary Liz Truss.

“We will continue to call out Russia’s malign behaviour and unprovoked aggression across land, sea and cyberspace, and ensure it faces severe consequences,” she said.

The NCSC said it also assesses that it is “almost certain” Russia was responsible for the subsequent cyberattack impacting Viasat on February 24.

At the time, a cyberattack against Viasat began approximately one hour before Russia launched its major invasion of Ukraine. Although the primary target is believed to have been the Ukrainian military, other customers were affected, including personal and commercial internet users. Wind farms in central Europe and internet users were also affected.

Viasat has said that “tens of thousands of terminals have been damaged, made inoperable and cannot be repaired”.

The announcement this week comes as cybersecurity leaders from the Five Eyes intelligence alliance – comprising Australia, Canada, New Zealand, the United Kingdom and the United States – the EU and others are meeting at the NCSC’s Cyber UK conference in Newport to discuss the cyber threats facing the world.

The UK government highlighted that it has already sanctioned the Russian Intelligence network GRU after their poisoning incidents in the city of Salisbury, and has frozen more than GBP 940 billion (roughly Rs. 89,38,530 crore) worth of bank assets and GBP 117 billion (roughly Rs. 11,12,613 crore) in personal net worth from oligarchs and their family members who back Russian President Vladimir Putin.

Continue Reading

Internet

Russia’s RuTube Knocked Out for Second Day by Victory Day Cyberattack

Published

on

By Reuters | Updated: 10 May 2022

RuTube, Russia’s answer to YouTube, was crippled for a second day on Tuesday by a cyber attack whose timing it linked to this week’s anniversary celebrations of victory over Nazi Germany in World War Two.

Usually packed with video content, RuTube’s site is currently black, with a short message reading: “Attention! The site is undergoing technical work. The site was attacked. At the moment the situation is under control. User data has been saved.”

The attack began on Monday, a major national holiday when Russia commemorated the Soviet victory over Adolf Hitler and President Vladimir Putin delivered a speech likening that struggle to the current war in Ukraine.

“Someone really wanted to prevent RuTube from showing the Victory Day parade and celebratory fireworks,” RuTube said. “It is not a sin to remember the battles our guys won. The battle for RuTube continues.”

It described the cyberattack as the worst in the site’s history.

In a separate incident on Monday, Russian satellite television menus were hacked to show viewers in Moscow messages about events in Ukraine, including “You have blood on your hands”, according to screenshots obtained by Reuters.

The websites of state-owned companies and news websites have fallen under sporadic hacking efforts since Russia invaded Ukraine on February 24, often to show information that is at odds with Moscow’s official line on what it calls a “special military operation”.

RuTube said a large team was working to restore the service, and denied reports it had lost the website’s source code.

The long outage goes some way to explaining why Russia has not yet blocked Alphabet’s YouTube, despite repeatedly fining and warning the US service over its removal of some state-backed Russian channels and for failing to delete content Moscow deems illegal.

Russia restricted access to Twitter and Meta Platform’s Facebook and Instagram in early March.

Critics have previously told Reuters that RuTube, despite its weekly user numbers jumping in early March as other foreign social media were forced out of the Russian market, still has a long way to go to rival Google’s video product.

© Thomson Reuters 2022

Continue Reading

Internet

US Offers $15 Million Reward for Information on Conti Ransomware Group

Published

on

By Reuters | Updated: 7 May 2022

The US on Friday offered a reward of up to $15 million (roughly Rs. 115 crore) for information on the Russia-based Conti ransomware group, which has been blamed for cyber extortion attacks worldwide, State Department spokesman Ned Price said.

The FBI estimates that more than 1,000 victims of the Conti group have paid a total in excess of $150 million (roughly Rs. 1,154 crore) in ransomware payments, Price said in a statement.

“In offering this reward, the United States demonstrates its commitment to protecting potential ransomware victims around the world from exploitation by cyber criminals,” he said.

The reward comprises $10 million (roughly Rs. 77 crore) for the identification or the location of leaders of the group, and $5 million (roughly Rs. 38 crore) for information that results in the arrest of anyone conspiring with Conti.

Last year, the FBI said Conti was responsible for striking 16 medical and first responder networks in the US.

Price noted that Conti was blamed for an attack in April on Costa Rica’s tax and customs platforms, impacting the Central American country’s foreign trade.

In February, the Conti group vowed to attack enemies of the Kremlin if they respond to Russia’s invasion of Ukraine.

© Thomson Reuters 2022

Continue Reading

Internet

AGCO Ransomware Attack Disrupts Tractor Sales During US Planting Season

Published

on

By Reuters | Updated: 7 May 2022

AGCO did not disclose the names of the facilities or if any data was stolen, but said it was still probing the extent of the attack that occurred on Thursday and working to repair its systems.

Tim Brannon, president and owner of B&G Equipment in Tennessee, told Reuters he has not been able to access AGCO’s website for ordering and looking up parts since Thursday morning.

“We just have to trust that it will be over as soon as possible because we are coming into our busiest time of the year and it will be very damaging to our business and customers,” Brannon said.

AGCO, which competes with larger rival Deere & Co, sells tractors and combines, manufactures and assembles products in 42 locations worldwide with 1,810 dealerships in North America.

Dealers are now struggling to keep up with orders that were already backlogged.

The company told dealers that it was “prioritising” the most business critical systems in an e-mail read to Reuters by a dealer who declined to be identified.

“I’ve got about nine orders that I need to place right now,” said the dealer.

He said AGCO told him “digital systems” had been impacted worldwide.

AGCO did not respond to requests for additional comment.

AGCO’s shares were down 6 percent at $125.55 (roughly Rs. 9,600) in late afternoon trading.

Ransomware attacks have targeted food and fuel companies in the United States in recent years, including the Colonial Pipeline’s oil network and meat processing company JBS. Last autumn, at least three grain handlers in the Midwest were hit with ransomware attacks.

© Thomson Reuters 2022

Continue Reading

Trending