Update on the Cyber War & Ransomware Stories

It was a tough week given all the news from Ukraine and Russia. Our hearts and prayers go out to those suffering. To our friends and colleagues who are impacted directly and indirectly by recent events, we hope and pray for peace.

On another note, this Cyber Weekly is one of the most overwhelming in terms of the number of attacks that I read through. The number of articles helping businesses and individuals also seems to be on the rise. I went through dozens of articles to bring you this week’s news. I will look out for updates or any stories that I missed.

Update on the Cyber War

The hacking group called Anonymous announced last week that they are officially in cyber war against the Russian government. Just 30 minutes later, they announced that they took down the Kremlin-backed TV channel RT that has been heavily criticized for its coverage. This announcement suggests that Russian critical infrastructure would be targeted in the following days. We are still on the lookout to see if this will happen. Many people reacted positively to the hacking group attacking Russia responding to their Tweet saying “Thank You.” (Daily Mail)

But the cyberattacks aren’t one sided. Ransomware group Conti, said they would attack critical infrastructure in response to any attacks on Russia. This Tweet came after Vice Prime Minister of Ukraine announced the formation of an IT Army that amassed 120,000 volunteers in one day.

The Vice Prime Minister’s Tweet only came after the attack on their critical infrastructure. “In this war of cyberattacks, waves of phishing emails hit Ukraine’s military personnel, allegedly originating with a Belarussian hacking crew. Distributed denial of service attacks, or DDoS, which flood websites with traffic until they collapse, continue to inundate government targets. Wiping malware spreads across the nation, capable of destroying a computer’s memory in seconds.” (Forbes)

As we can see, there’s a lot of going back and forth in this cyber war and many countries are likely to get caught in the middle. As countries outside of Ukraine and Russia get involved -for example, Canada putting sanctions on Russia - they become a target. The Canadian government (cp24) AND the US government (MSNBC) warn their respective countries about an increase in cyberattacks on local businesses.

Here is a helpful article that goes into more detail about malware and how to prevent malware attacks from Global News.

Here is a list of hacking groups and which side there are taking. (The Record)

Ransomware Attack on Nvidia

Last Friday, there was a ransomware attack on computer systems designs services company, Nvidia. They admitted to the attack but are not fully aware of the extent of the attack. They admitted they don’t believe it’s related to the war between Ukraine and Russia. As of Friday, their stock price actually went up 1.72%. (PCGamer)

Cyberattack on Ethics Watchdog

Over the weekend, the Joint Commission on Public Ethics in Albany was targeted by a cyberattack. The agency regulates lobbying at the State Capitol. Their systems were deliberately disabled as a precaution. It is not known who is behind the attack nor the extent of the attack. (NYPost)

Raidforums.com Seized By Authorities

Raidforums.com is one of the largest Clearnet hacking forums. It other words, it offers stolen databases, login credentials, adult content and hacking tools for free download. The cybercrime marketplace and hacking forum is known for leaking LinkedIn’s scraped databases and Facebook’s users database from 106 countries.

They started having connectivity issues at the beginning of the year and even remained offline for a whole week. The administrators of the marketplace are helping users redirect to a new website. Meanwhile, no one knows which authority brought them down. (Hackread)

Darktrace Acquires Cybersprint for $54 million

Darktrace is a British cybersecurity firm that positions themselves as cybersecurity AI leader. They offer technology to prevent ransomware, cloud and SaaS attacks. They expect to close the acquisition of the surface management firm in March 2022 and expect to use their data to enrich their products. The deal is comprised of 75% cash and 25% quity totalling 12.5 times CyberSprint’s annual recurring revenue. (TheRecord)

How Cyber Criminals Are Ensuring a Pay Day

Cyber criminals are learning how businesses are protecting themselves – through backups. Companies won’t pay any ransom if they have a backup of their data. Therefore, hackers are resorting to double and even triple extortion to secure their pay day. What does this mean? Venafi’s worldwide survey reveal that 83% of successful ransomware attacks now involve more than one extortion method.

“For example, using stolen data to extort customers (38%), leaking data to the dark web (35%), and informing customers that their data has been compromised (32%). A mere 17% of attacks merely ask for money for a decryption key.”

Unfortunately, 18% of victims had their data leaked despite paying, according to the same survey. Hackers are evolving their methods before most businesses can even adapt. (ComputerWeekly)

Story links:

• The most common passwords have been leaked on the dark web (CNBC)
• Tips to find out if you Google Account has been hacked. (Times of India)
• Colonial Pipeline hires former Equifax cyber executive as CISO (TheRecord)
• America’s National Security Agency’s Hacking Operation is accused of targeting over 200 nations, including India (News18)
• What to do if your Instagram Gets hacked (Bustle)
• Nigerian police arrest 29 in online fraud crackdown (TheRecord)
• What to do if your Facebook Gets Hacked (TechCrunch)
• How this ransomware group is exploiting Microsoft Exchange to Hack U.S and Canadian Businesses (BleepingComputer)
• New Ransomware Strain Spotted (ITWorldCanada)

‍

__________________________________

Access The Untold Stories of IT Professionals.

Assurance IT launched IT Spotlight - an email series putting the spotlight on IT professionals. Get the inside scoop on their careers, their predictions in the industry and more. Once a week, every week, find out what other IT professionals are up to. Learn more here.

‍

‍