Security News

Italy has created a national cybersecurity agency following warnings by Prime Minister Mario Draghi that Europe needed to protect itself from Russian "Interference." The new agency was approved in a cabinet meeting late on Thursday.

US President Joe Biden said Wednesday he is "Looking" at possible retaliation after the White House linked Russia to a cyberattack against global meat processing giant JBS. Asked by a reporter if he would take action against President Vladimir Putin, whom he will meet for a summit in Geneva later this month, Biden said: "We're looking closely at that issue." The ransomware attack on a US subsidiary of Brazilian-owned JBS has again prompted accusations that Russia is at least harboring cybercriminals.

Australian police are investigating a ransomware attack at the facilities of JBS Foods - one of the largest producers of meat in the world - as the White House fingers Russia-based cybercriminals. The attack has forced the Brazilian-owned business, which operates 47 facilities across Australia, with others located in Brazil, the US, and Canada, to stop production in some units.

The term "Hacker" has almost become synonymous with Russia. Russia has for decades been a breeding ground for computer experts.

A threat actor believed to be working on behalf of Chinese state-sponsored interests was recently observed targeting a Russia-based defense contractor involved in designing nuclear submarines for the naval arm of the Russian Armed Forces. Rubin Design Bureau is a submarine design center located in Saint Petersburg, accounting for the design of over 85% of submarines in the Soviet and Russian Navy since its origins in 1901, including several generations of strategic missile cruiser submarines.

A widespread disinformation campaign dubbed Ghostwriter is believed to be the work of a state-sponsored cyber-espionage group, cybersecurity firm FireEye reported on Wednesday. Between October 2020 and January 2021, FireEye's researchers identified five new Ghostwriter operations conducted in both Polish and English, but which were not aligned with previous activity that relied on compromised websites, spoofed emails, fake personas, and NATO-themed content.

Following attribution of the SolarWinds supply chain attack to Russia's APT29, the US CISA infosec agency has published a list of the spies' known tactics - including a penchant for using a naughtily named email provider. APT29* is the Western infosec world's codename for what we now know is the Russian Foreign Intelligence Service, known by its Russian acronym SVR. As well as publishing a list of things US counterintelligence know about their Russian offensive counterparts, CISA has also added some advice on how to avoid these common Russian intelligence compromise tactics.

It's fairly clear that since then Russia is taking the necessary legal legislative steps and actions to start carving it's self out of the "All roads lead to Rome" or more correctly Washington of the Internet. I've spent more than two decades warning about what is happening and the most likely out come.

The United Kingdom, Canada, the European Union and NATO have expressed support for the United States in blaming Russia for the cyberattack on IT management company SolarWinds, which impacted organizations worldwide. The announcements were made the same day that the United States expelled 10 Russian diplomats and sanctioned dozens of companies and people in an attempt to punish Russia, which is believed to have orchestrated last year both interference with the US presidential elections and the SolarWinds breach.

"Russia's pattern of malign behaviour around the world - whether in cyberspace, in election interference or in the aggressive operations of their intelligence services - demonstrates that Russia remains the most acute threat to the U.K.'s national and collective security," the U.K. government said in a statement. To that effect, the U.S. Department of the Treasury has imposed sweeping sanctions against Russia for "Undermining the conduct of free and fair elections and democratic institutions" in the U.S. and for its role in facilitating the sprawling SolarWinds hack, while also barring six technology companies in the country that provide support to the cyber program run by Russian Intelligence Services.