Security News
It has been interesting to notice how unimportant and ineffective cyber operations have been in the Russia-Ukraine war. Russia launched a wiper against Ukraine at the beginning, but it was found...
The Treasury Department's Financial Crimes Enforcement Network warned U.S. financial institutions this week to keep an eye out for attempts to evade sanctions and US-imposed restrictions following Russia's invasion of Ukraine. FinCEN said [PDF] that it's critical to "Identify and quickly report suspicious activity associated with potential sanctions evasion, and conduct appropriate risk-based customer due diligence or, where required, enhanced due diligence."
Lumen Technologies, the internet backbone provider formerly known as CenturyLink, has quit Russia. Other tech firms that have quit Russia have also cited opposition to the invasion as a prime reason for withdrawing services, sales, and other operations.
The findings of the report take into account security events occurring across more than 120,000 user accounts during the period of January 1st to December 31st, 2021 and shows that the vast majority of attacks on top SaaS platforms such as Microsoft 365, Google Workspace, Slack and Dropbox are originating from the countries of Russia and China. Over the last several weeks, there has been a sharp rise in activity from countries with consistently high levels of both attempted and successful attacks originating within their borders - Russia and China.
To protect client data during the ongoing conflicts, Cloudflare has removed all customer encryption keys from data centers located in Ukraine, Russia, and Belarus, and deployed its "Keyless SSL" technology. The second measure is the addition of a forceful configuration on all servers located in Ukraine, Belarus, and Russia, to automatically brick in the case of a power loss or internet connection disruption.
Google says Russian, Belarusian, and Chinese threat actors targeted Ukrainian and European government and military organizations, as well as individuals, in sweeping phishing campaigns and DDoS attacks. The Computer Emergency Response Team of Ukraine and Facebook previously warned of other phishing campaigns against Ukrainian officials and military personnel, also attributed Ghostwriter hackers.
As Russia's invasion of Ukraine rolls through its second week, a United Nations committee has begun hearings on a proposed new cybercrime treaty Russia has been pushing. "Russia has long turned not only a blind eye to cyber criminals operating in its borders, but has openly and actively support it. It's hard to see how Russia could engage in negotiations for a legally-binding cybercrime treaty in good faith. It's harder still to see how it can negotiate at the United Nations for a treaty based on upholding state sovereignty while simultaneously invading a sovereign nation state."
The Russian authorities are drafting a set of measures to support the country's economy against the pressure of foreign sanctions, and when it comes to software licensing, the proposal greenlights a form of piracy. This special process will be eligible for cases where the copyright holder is from a country that has supported sanctions against Russia and only for products with no available Russian alternatives.
Four top global consultancies, all with big IT practices, have quit Russia. PwC on Sunday decided that Russia's invasion of Ukraine means it "Should not have a member firm in Russia and consequently PwC Russia will leave the network."
Cyber criminals and hacktivist groups are increasingly using the Telegram messaging app for their activities, as the Russia-Ukraine conflict enters its eighth day. A new analysis by Israeli cybersecurity company Check Point Research has found that "User volume grew a hundred folds daily on Telegram related groups, peaking at 200,000 per group."