Security News

White House Press Secretary Jen Psaki says that the US will take action against cybercriminal groups from Russia if the Russian government refuses to do so. She also said that high-level US and Russian officials will meet again next week to address the recent attacks that have targeted US organizations this year.

U.S. and U.K. authorities are warning that the APT28 advanced-threat actor - a.k.a. Fancy Bear or Strontium, among other names - has been using a Kubernetes cluster in a widespread campaign of brute-force password-spraying attacks against hundreds of government and private sector targets worldwide. The attackers are after the passwords of people who work at sensitive jobs in hundreds of organizations worldwide, including government and military agencies in the U.S. and Europe, defense contractors, think tanks, law firms, media outlets, universities and more.

Russia's telecommunications and media regulator Roskomnadzor on Thursday introduced restrictions on the operation of VyprVPN and Opera VPN services in the country. "In accordance with the regulation on responding to threats to circumvent restrictions on access to child pornography, suicidal, pro-narcotic and other prohibited content, restrictions on the use of VPN services VyprVPN and Opera VPN will be introduced from June 17, 2021," the state agency said in a statement.

Poland's deputy prime minister Jaros?aw Kaczy?ski says last week's breach of multiple Polish officials' private email accounts was carried out from servers within the Russian Federation. "After reading the information provided to me by the Internal Security Agency and the Military Counterintelligence Service, I inform you that the most important Polish officials, ministers, and deputies of various political options were subject to a cyber attack," Kaczy?ski said in a statement published today.

Roskomnadzor, Russia's telecommunications watchdog, has banned the use of Opera VPN and VyprVPN after classifying them as threats according to current Russian law. "In accordance with the regulation on responding to threats to circumvent restrictions on access to child pornography, suicidal, pro-narcotic and other prohibited content, restrictions on the use of VPN services VyprVPN and Opera VPN will be introduced from June 17, 2021," the Roskomnadzor said.

The G7 summit of western countries has called upon Russia to "Identify, disrupt, and hold to account those within its borders who conduct ransomware attacks, abuse virtual currency to launder ransoms, and other cybercrimes." Coming after an 18-month period where ransomware gangs mostly operating out of Russia and Russian-allied countries have wrought havoc on the West, the statement is part of an increasing willingness to confront Russia's inaction over criminal gangs based on its turf.

G7 leaders have asked Russia to urgently disrupt ransomware gangs believed to be operating within its borders, following a stream of attacks targeting organizations from critical sectors worldwide. "We call on all states to urgently identify and disrupt ransomware criminal networks operating from within their borders, and hold those networks accountable for their actions," the G7 leaders said at the G7 Cornwall Summit.

At the latest Group of Seven summit, held June 11-13 in the UK, Western leaders called on Russia to take action against those who conduct ransomware attacks and other cybercrimes from within its borders. In a communiqué issued after the conclusion of the summit, G7 countries vowed to work together to "Further a common understanding of how existing international law applies to cyberspace" and collaborate to "Urgently address the escalating shared threat from criminal ransomware networks."

Italy has created a national cybersecurity agency following warnings by Prime Minister Mario Draghi that Europe needed to protect itself from Russian "Interference." The new agency was approved in a cabinet meeting late on Thursday.

US President Joe Biden said Wednesday he is "Looking" at possible retaliation after the White House linked Russia to a cyberattack against global meat processing giant JBS. Asked by a reporter if he would take action against President Vladimir Putin, whom he will meet for a summit in Geneva later this month, Biden said: "We're looking closely at that issue." The ransomware attack on a US subsidiary of Brazilian-owned JBS has again prompted accusations that Russia is at least harboring cybercriminals.