Security News

Australian police are investigating a ransomware attack at the facilities of JBS Foods - one of the largest producers of meat in the world - as the White House fingers Russia-based cybercriminals. The attack has forced the Brazilian-owned business, which operates 47 facilities across Australia, with others located in Brazil, the US, and Canada, to stop production in some units.

The term "Hacker" has almost become synonymous with Russia. Russia has for decades been a breeding ground for computer experts.

A threat actor believed to be working on behalf of Chinese state-sponsored interests was recently observed targeting a Russia-based defense contractor involved in designing nuclear submarines for the naval arm of the Russian Armed Forces. Rubin Design Bureau is a submarine design center located in Saint Petersburg, accounting for the design of over 85% of submarines in the Soviet and Russian Navy since its origins in 1901, including several generations of strategic missile cruiser submarines.

A widespread disinformation campaign dubbed Ghostwriter is believed to be the work of a state-sponsored cyber-espionage group, cybersecurity firm FireEye reported on Wednesday. Between October 2020 and January 2021, FireEye's researchers identified five new Ghostwriter operations conducted in both Polish and English, but which were not aligned with previous activity that relied on compromised websites, spoofed emails, fake personas, and NATO-themed content.

Following attribution of the SolarWinds supply chain attack to Russia's APT29, the US CISA infosec agency has published a list of the spies' known tactics - including a penchant for using a naughtily named email provider. APT29* is the Western infosec world's codename for what we now know is the Russian Foreign Intelligence Service, known by its Russian acronym SVR. As well as publishing a list of things US counterintelligence know about their Russian offensive counterparts, CISA has also added some advice on how to avoid these common Russian intelligence compromise tactics.

It's fairly clear that since then Russia is taking the necessary legal legislative steps and actions to start carving it's self out of the "All roads lead to Rome" or more correctly Washington of the Internet. I've spent more than two decades warning about what is happening and the most likely out come.

The United Kingdom, Canada, the European Union and NATO have expressed support for the United States in blaming Russia for the cyberattack on IT management company SolarWinds, which impacted organizations worldwide. The announcements were made the same day that the United States expelled 10 Russian diplomats and sanctioned dozens of companies and people in an attempt to punish Russia, which is believed to have orchestrated last year both interference with the US presidential elections and the SolarWinds breach.

"Russia's pattern of malign behaviour around the world - whether in cyberspace, in election interference or in the aggressive operations of their intelligence services - demonstrates that Russia remains the most acute threat to the U.K.'s national and collective security," the U.K. government said in a statement. To that effect, the U.S. Department of the Treasury has imposed sweeping sanctions against Russia for "Undermining the conduct of free and fair elections and democratic institutions" in the U.S. and for its role in facilitating the sprawling SolarWinds hack, while also barring six technology companies in the country that provide support to the cyber program run by Russian Intelligence Services.

Russia's infamous APT 29, aka Cozy Bear, was behind the SolarWinds Orion attack, the US and UK governments said today as America slapped sanctions on Russian infosec companies as well as expelling diplomats from that country's US embassy. "The Russian Intelligence Services' third arm, the SVR, is responsible for the 2020 exploit of the SolarWinds Orion platform and other information technology infrastructures. This intrusion compromised thousands of US government and private sector networks," said the US Treasury.

The Biden administration is preparing to announce sanctions in response to a massive Russian hacking campaign that breached vital federal agencies, as well as for election interference, a senior administration official said. U.S. officials last month alleged that Russian President Vladimir Putin authorized influence operations to help Donald Trump in his unsuccessful bid for reelection as president, though there's no evidence Russia or anyone else changed votes or manipulated the outcome.