Security News

The Russian government is exploring "Options for potential cyberattacks" on critical infrastructure in the U.S., the White House warned on Monday, in retaliation for sanctions and other punishments as the war in Ukraine grinds on. "The current conflict has put cybersecurity initiatives in hyperdrive, and today, industry leaders aren't just concerned about adversaries breaching critical infrastructure but losing access and control to them," Saket Modi, co-founder and CEO at Safe Security, said via email.

The White House has issued its starkest warning that Russia may be planning cyberattacks against critical-sector U.S. companies amid the Ukraine invasion. Context: The alert comes after Russia has lobbed a series of digital attacks at the Ukrainian government and critical industry sectors.

US President Joe Biden has urged companies in critical infrastructure sectors to shore up their defenses against potential cyberattacks. "Most of America's critical infrastructure is owned and operated by the private sector and critical infrastructure owners and operators must accelerate efforts to lock their digital doors," he noted, and advised those that have not yet done it to harden their cyber defenses by implementing security best practices delineated earlier this year.

United States President Joe Biden has revealed "Evolving intelligence that the Russian Government is exploring options for potential cyber attacks" and that the risks posed to critical infrastructure are so significant that hundreds of US organizations have been given classified briefings on the matter. Biden nonetheless urged the private sector to get its cyber security house in order - ASAP. We're seeing potential cyberattacks on critical infrastructure.

FBI warns of cyberattacks using AvosLocker ransomware. The FBI and US Treasury are advising organizations to beware of a specific strain of ransomware aimed at critical infrastructure sectors in the United States.

Israel's Nation Cyber Directorate confirmed in a tweet on Monday that a denial-of-service attack against a telecommunications provider took down several government sites, as well as others not affiliated with the government. Internet tracker NetBlocks reported that the attacks were launched against Israeli telecom providers Bezeq and Cellcom.

As many as 722 ransomware attacks were observed during the fourth quarter of 2021, with LockBit 2.0, Conti, PYSA, Hive, and Grief emerging as the most prevalent strains, according to new research published by Intel 471. The attacks mark an increase of 110 and 129 attacks from the third and second quarters of 2021, respectively.

As Russian ground forces closed in on key Ukrainian cities including capital Kyiv, and airstrikes hit military bases near the western city of Lviv, the expected cyber-onslaught by Russia has largely failed to become reality. Until last week, when it emerged that Western spy agencies were investigating a large-scale satellite broadband outage affecting satellite communications provider Viasat, which began on 24 February - the day Russia invaded Ukraine.

Palo Alto Networks has rolled out a new supply chain security system that the cybersecurity vendor claims can identify vulnerabilities and misconfigurations across the lifecycle of cloud native applications. It's called Prisma Cloud Supply Chain Security, and it scans for any issues in code - such as version control system and CI pipeline misconfigs - across open-source packages, infrastructure-as-code files and delivery pipelines, according to the security shop.

Revenge and inflation are key drivers behind an 800 percent increase in cyberattacks seen by a managed services provider since the days before the onset of Russia's invasion of Ukraine last month, according to the company's top executive. The attacks are coming not only from groups inside of Russia but also from within the region as well from Russia allies like North Korea and Iran, historically sources of global cyber-threats, Emil Sayegh, president and CEO of Ntirety, an MSP that focuses on security, told The Register.