Security News
Lumen Technologies, the internet backbone provider formerly known as CenturyLink, has quit Russia. Other tech firms that have quit Russia have also cited opposition to the invasion as a prime reason for withdrawing services, sales, and other operations.
The findings of the report take into account security events occurring across more than 120,000 user accounts during the period of January 1st to December 31st, 2021 and shows that the vast majority of attacks on top SaaS platforms such as Microsoft 365, Google Workspace, Slack and Dropbox are originating from the countries of Russia and China. Over the last several weeks, there has been a sharp rise in activity from countries with consistently high levels of both attempted and successful attacks originating within their borders - Russia and China.
To protect client data during the ongoing conflicts, Cloudflare has removed all customer encryption keys from data centers located in Ukraine, Russia, and Belarus, and deployed its "Keyless SSL" technology. The second measure is the addition of a forceful configuration on all servers located in Ukraine, Belarus, and Russia, to automatically brick in the case of a power loss or internet connection disruption.
Google says Russian, Belarusian, and Chinese threat actors targeted Ukrainian and European government and military organizations, as well as individuals, in sweeping phishing campaigns and DDoS attacks. The Computer Emergency Response Team of Ukraine and Facebook previously warned of other phishing campaigns against Ukrainian officials and military personnel, also attributed Ghostwriter hackers.
As Russia's invasion of Ukraine rolls through its second week, a United Nations committee has begun hearings on a proposed new cybercrime treaty Russia has been pushing. "Russia has long turned not only a blind eye to cyber criminals operating in its borders, but has openly and actively support it. It's hard to see how Russia could engage in negotiations for a legally-binding cybercrime treaty in good faith. It's harder still to see how it can negotiate at the United Nations for a treaty based on upholding state sovereignty while simultaneously invading a sovereign nation state."
The Russian authorities are drafting a set of measures to support the country's economy against the pressure of foreign sanctions, and when it comes to software licensing, the proposal greenlights a form of piracy. This special process will be eligible for cases where the copyright holder is from a country that has supported sanctions against Russia and only for products with no available Russian alternatives.
Four top global consultancies, all with big IT practices, have quit Russia. PwC on Sunday decided that Russia's invasion of Ukraine means it "Should not have a member firm in Russia and consequently PwC Russia will leave the network."
Cyber criminals and hacktivist groups are increasingly using the Telegram messaging app for their activities, as the Russia-Ukraine conflict enters its eighth day. A new analysis by Israeli cybersecurity company Check Point Research has found that "User volume grew a hundred folds daily on Telegram related groups, peaking at 200,000 per group."
The Russian government shared a list of 17,576 IP addresses allegedly used to launch distributed denial-of-service attacks targeting Russian organizations and their networks. "The National Coordinating Center for Computer Incidents in the context of massive computer attacks on Russian information resources recommends taking measures to counter threats to information security," the Russian government agency said in a notice.
Russia's invasion of Ukraine, and the possibility that the Kremlin may escalate its cyberespionage against the West after being heavily sanctioned, has convinced the US Senate to unanimously pass a bipartisan cybersecurity bill. The Strengthening American Cybersecurity Act of 2022, which now goes to the House, would put into law some of the regulations the Biden Administration and some members of Congress have been advocating for since the onslaught of high-profile ransomware attacks last year, including those on such companies as Colonial Pipeline and meat processor JBS Foods.