Security News
U.S. and U.K. officials are blaming the Russian military for launching an October 2019 cyberattack on the country of Georgia that crippled at least 2,000 government, news media and court websites over the course of one day. A few hours after the U.S. and U.K. released their statements about Georgia on Thursday, the New York Times reported that U.S. intelligence officials had recently warned U.S. lawmakers that Russia has already taken steps to interfere in the U.S. presidential election.
Georgian authorities on Thursday accused Russia's military intelligence of launching a large-scale cyberattack that targeted the government and private organizations with the goal of destabilizing the ex-Soviet nation. Georgia's Foreign Ministry said the Oct. 28 cyberattack was "Targeted at Georgia's national security and intended to harm Georgian citizens and government structures by disrupting and paralyzing the functionality of various organizations, causing anxiety among the general public."
The Council later confirmed that it had been hit with a cyberattack affecting its internal and external-facing IT systems, with the notable exception of property tax payments. The Council is back to working from pen and paper and able to field only urgent emails and telephone enquiries.
Iran repelled a cyberattack on Saturday that disrupted the country's internet services for an hour, a telecommunications ministry official said. "At 11:44 a distributed denial-of-service attack disrupted the internet services of some mobile and fixed operators for an hour," tweeted Sajad Bonabi.
In 2019, security teams made progress in the adoption of perimeter-less security while hackers increased the use of fileless malware and IoT malware. The 2020 SonicWall Cyber Threat Report highlights tactics hackers are using to get unauthorized access to data as well as what security teams are doing to protect it.
Gov. John Bel Edwards called on Louisiana's local government leaders Wednesday to protect their data, reminding them of recent cyberattacks across the state and saying they're likely to face such a strike in the future. "You may not have been hit yet in your town or in your city. But it's a question of when, not if," the Democratic governor told a luncheon crowd of the Louisiana Municipal Association.
Beyond these high-profile instances, various journalists and human rights activists have been targeted globally after a WhatsApp zero-day vulnerability was exploited by attackers who were able to inject spyware onto victims' phones. Vanunu, head of products vulnerability research at Check Point research, has seen his share of WhatsApp vulnerabilities - the researcher at Black Hat 2019 demoed several flaws in the messaging platform could be used to manipulate chats, for instance.
Attacks against endpoints have become more costly, up more than $2 million since 2018. With the rise in BYOD and employees working from home or remotely, endpoints have become more prevalent.
Many executives either don't know what their company's cyber defense is, lack budget, or spend too much time analyzing rather than taking action. In a new poll of 2,800 cyber security practitioners and C-suite executives, 65% cite destructive cyber attacks like NotPetya as a top cyber security concern.
The Greek government said Friday that the official state websites of the prime minister, the national police and fire service and several important ministries were briefly disabled by a cyberattack but have been restored. Government spokesman Stelios Petsas said early Friday that the distributed denial-of-service or DDoS attack "Led to the malfunction of certain websites." He said "Countermeasures" had been successfully implemented, but gave no further details.