More than three weeks after Russia’s war of choice against Ukraine, fear of cyber attacks on the country’s vital infrastructure has been replaced by death, destruction, and devastating upheaval across the country. United Nations estimate 6.5 million people have been displaced, in addition to 3.2 million who have left Ukraine. Mariupol, once a prosperous city of 430,000 people along the country’s southern coast, has been reduced to ruins. Russia has kill more than 100 children in its attack so far.
When war broke out, we investigate One of the weapons Russia appears to have deployed recently against Ukraine: an AI-powered “suicide drone”. Russia’s use of KUB-BLA drones has raised the specter of automated weapons systems that decide who dies in war. This week also saw what could be first time using deepfake to spread misinformation during wartime. The poignant claim of a cyborg Volodymyr Zelensky calling for the Ukrainians to surrender to Russia is completely unconvincing. Ukraine’s president quickly denied its authenticity, while Facebook, Twitter and YouTube raced to remove the video from their platforms, potentially providing guidance on how to deal with sophisticated disinformation in the future. future.
While we have yet to see Russia carry out damaging cyberattacks against Ukraine’s critical infrastructure since the country’s invasion of the country in late February, the malware used by Russian government hacker group Sandworms, dubbed Cyclops Blink, was more widespread than was previously known. Researchers at TrendMicro discovered that a version of malware could infect Asus routers.
Speaking of hackers with Russia links, we’ve drilled into about 60,000 pages of leaked chats and files scanned from the Conti ransomware group. Our findings reveal machinery inside of the gang’s strange business hierarchy, it has a plan launch a crypto payment platform and a social network (with dreams of starting an online casino), and what its links to Russian military hackers really looks like.
Meanwhile, the Lapsus$ collective is adding “chaotic energy” to the cybercrime world. Equal we found when diving into the group’s activities—Which includes targeting well-known companies like Samsung and Nvidia — its tactics differ from ransomware gangs like Conti, which use phishing and data-stealing attacks to extort victims instead of coding their system and asking for payment. And while the team claims it’s not politically motivated, some experts are still uncertain about Lapsus$’s ultimate goal.
Finally, we look at Big Tech’s grand plans to finally (finally!) kill the password. After a decade of working to solve this problem, the FIDO Alliance – whose members include Amazon, Meta, Google, Apple, etc. – believe they have discovered the missing piece to help us remove the secret. easy password.
Of course, that’s not all. For all the big security stories we didn’t get a chance to cover this week, click on the headlines below. (And yes, a lot of it involves Russia.)
The Transportation Security Administration is not only in charge of Airport security. The agency is also tasked with protecting America’s oil and gas pipelines — and it’s not going well. Due to staffing shortages and stringent federal requirements, TSA is said to be having a hard time meeting its pipeline security mandate. TSA focuses on securing this critical infrastructure beyond May 2021 Attack on Colonial Pipelinebut its mission becomes all the more important as the specter of worst-case attacks perpetrated by Russia or other state-states.
Google Threat Analysis Team (TAG) on Thursday speak it discovered a new group of “financially motivated” attackers that it believes break into targeted systems and then sell that access to other malicious actors, including Russian cybercrime groups such as ransomware gangs Sorcerer Spider (also known as UNC 1878) and Conti. Dubbed the Weird Lily by Google researchers, the group appears to be located in Central Europe and targets a wide range of victims, with a focus on cybersecurity, healthcare, and IT companies. To deceive these targets, members of Exotic Lily use phishing attacks that are masked through fake domains, fake email addresses, and fake profiles on social networks and other platforms, by TAG.
Hackers are wary shed tears against Russian targets since the earliest days of Vladimir Putin’s war against Ukraine. But it was the newly revived hacktivist Anonymous collective that caused the most commotion. This weekend, Anonymous announced it had stolen 79GB of emails from Transneft, a Russian state-controlled pipeline company. Apparently a bit amusing, the Anonymous hacktivists dedicated their infiltration to Hillary Clinton, who seems to call for Anonymous to attack Russian targets during a February 25 appearance on MSNBC.
Acting with extreme caution, Germany’s Federal Office for Information Security (BSI), has warned local companies against using Kaspersky’s anti-virus software on the grounds that the company must User tracking for Kremlin. Make a splash for the US government murky background to ban Kaspersky products In 2017, BSI’s warning did not appear to be based on any specific intelligence, and the company asserted as much in response to BSI’s warning. “We believe that peaceful dialogue is the only possible tool for conflict resolution,” the company said in a statement. “War is not good for anyone.”
Stories with WIRED are more amazing
