Security News

The websites of the Ukrainian military and at least two of the nation's biggest banks were knocked offline in a cyberattack today. On social media, it reported "Technical works on restoration of regular functioning" are underway after it was "Probably attacked by DDoS: an excessive number of requests per second was recorded." Other military sites are also apparently suffering outages.

A distributed denial-of-service cyber-attack today took down Ukrainian defense military websites - and at least two of the nation's biggest banks were knocked offline, too. Ukraine's Ministry of Defense website is still unavailable at time of publication.

The Ukrainian Ministry of Defense, whose site has been taken down following the attacks, said that its "Website was probably attacked by DDoS: an excessive number of requests per second was recorded." "Starting from the afternoon of February 15, 2022, there is a powerful DDOS attack on a number of information resources of Ukraine," Ukraine's State Service for Special Communication and Information Protection added.

The Ukrainian Ministry of Defense, whose site has been taken down following the attacks, said that its "Website was probably attacked by DDoS: an excessive number of requests per second was recorded. Technical works on restoration of regular functioning are carried out." While the Ukrainian defense ministry site has been knocked out, Oschadbank's website is still accessible although customers cannot log in to their online banking accounts.

The Reserve Bank of India has warned the nation's finance sector that outsourcing information technology jobs could "Expose them to significant financial, operational and reputational risks." A quick reminder: since the late 1990s, India has championed outsourcing IT services and profited mightily as a result.

Spain's National Police Agency, the Policía Nacional, said last week it dismantled an unnamed cybercriminal organization and arrested eight individuals in connection with a series of SIM swapping attacks that were carried out with the goal of financial fraud. The suspects of the crime ring masqueraded as trustworthy representatives of banks and other organizations and used traditional phishing and smishing techniques to obtain personal information and bank data of victims before draining money from their accounts.

Spanish National Police has arrested eight suspects allegedly part of a crime ring who drained bank accounts in a series of SIM swapping attacks. The first case of fraud attributed to this particular SIM swapping gang is from March 2021, when the police received two complaints about fraudulent transfers not performed by the account holders.

A research released by Computer Services suggests growing concerns among bank executives around recruiting and retaining talent as well as fighting cybercrime threats. In the survey, which collected responses from 279 executives from financial institutions across the nation, bankers ranked cybersecurity threats and recruiting/retaining employees as their top issues in 2022.

Bank Indonesia, the central bank of the Republic of Indonesia, has confirmed today that a ransomware attack hit its networks last month. During the incident, the attackers stole "Non-critical data" belonging to Bank Indonesia employees before deploying ransomware payloads on over a dozen systems on the bank's network, as CNN Indonesia reported.

A widespread phishing operation targeting Southeast Asia's second-largest bank - Oversea-Chinese Banking Corporation - has prompted the Monetary Authority of Singapore to introduce regulations for internet banking that include use of an SMS Sender ID registry. Singapore banks have two weeks to remove clickable links in text messages or e-mails sent to retail customers.