Tag Archive for: attacks

Russia behind cyber attacks on Western utilities, security firm says | Yle News

/in


“It’s kind of an escalation in that we’re seeing more than just data collection, surveillance and intelligence gathering,” Mikko Hyppönen says.

Portrait of a man with glasses, a mustache and dark hair combed back into a ponytail, wearing a blue blazer.

Withsecure’s research director Mikko Hyppönen Image: Jari Kovalainen / Yle

Russia has used malware in cyber attacks on targets in Eastern European countries since at least mid-2022, according to Finnish cyber security firm Withsecure.

More specifically, the company has reported that a Russian military intelligence effort led to the breach of databases belonging to an Estonian logistics company.

Finland’s eastern neighbour also appears to have tampered with water utility data systems in the US, France and Poland, according to Mandiant, a data security firm and subsidiary of Google.

So far, the cyberattacks do not appear to have caused significant disruptions. For example, the attack in the US caused a water tank at a facility in Texas to overflow until the system was brought under control, according to CNN.

But according to Withsecure’s research director, Mikko Hyppönen, it is a serious matter if Russia has started carrying out cyber attacks on Nato countries’ utilities.

“It’s kind of an escalation in that we’re seeing more than just data collection, surveillance and intelligence gathering,” Hyppönen told Yle.

Hyppönen: Russia attacked Estonian firm

At the end of 2022 malicious code dubbed “Kapeka” helped hackers to breach a database belonging to an Estonian logistics firm. A recent study at Withsecure revealed who was behind the attack, according to Hyppönen.

“Our research linked the Kapeka malware directly to Russia’s Sandworm group, the country’s military cyber intelligence unit,” he explained.

The Sandworm group is known for having carried out several destructive attacks in Ukraine, including temporarily knocking out the war-torn country’s electricity grid.

“Kapeka’s development and deployment likely follow the ongoing Russia-Ukraine conflict, with Kapeka being likely used in targeted attacks of firms across Central and Eastern Europe since the illegal invasion of Ukraine in 2022,” a Withsecure brief on the matter explained.

According to Hyppönen, the Sandworm-delivered malware in Estonia caused disruptions at the…

Source…

CISA, Partners Warn Organizations of Akira Ransomware Attacks

/in


The Cybersecurity and Infrastructure Security Agency and its U.S. and international partners have released a joint cybersecurity advisory, or CSA, warning organizations against the Akira ransomware that has targeted critical infrastructure entities in North America, Europe and Australia.

The CSA outlines known tactics, techniques and procedures used by Akira ransomware operators and indicators of compromise to help organizations respond to ransomware attacks, CISA said Thursday.

According to the advisory, Akira threat actors have deployed a Linux variant targeting VMware ESXi virtual machines after initially focusing on Windows systems.

As of January, the ransomware group has targeted more than 250 organizations and gained approximately $42 million in ransomware proceeds.

In August 2023, Akira attacks started using Megazord, using Rust-based code, and Akira ransomware written in C++ and encrypted files.

CISA and its partners encourage organizations to implement the mitigations outlined in the CSA to reduce the impact of Akira ransomware attacks.

Source…

How Israel could strike Iran, from cyber attacks to assassinations

/in


The two states have been involved in a shadow war for decades, with Tehran funding terrorist groups around Israel and the latter responding with covert attacks

Published Apr 19, 2024  •  5 minute read

An Israeli flag flies on a hill overlooking Jerusalem
An Israeli flag flies on the Mount of Olives overlooking the city skyline in Jerusalem on April 19, 2024. Photo by AHMAD GHARABLI/AFP via Getty Images

For days, Iran was bracing for an Israeli retaliation.

On Thursday night, long-distance aircraft fired missiles on an Iranian airforce base, breaking the lull in the Islamic Republic’s Isfahan city, Israeli media reported. Two Israeli officials reportedly confirmed the country’s involvement in the attack.

Article content

Italian Foreign Minister Antonio Tajani said the U.S. told members of the G7 that it received “last minute” information from Israel about a drone strike in Iran, but added that the U.S. did not participate in the offensive.

Advertisement 2

Source…

Election campaigns in Kerala turn ugly: Cyber warfare, personal attacks and allegations galore – SPECIAL – GENERAL

/in


media

THIRUVANANTHAPURAM: In the midst of the parliamentary election campaign in the state, which will last only a week, the competition has turned to personal attacks and cyber warfare against candidates, intensifying the already fierce atmosphere.

Former minister and LDF candidate from Vadakara, KK Shailaja, once again came forward yesterday demanding action as cyber attacks escalated. Shailaja alleged in a complaint to the Central Election Commission and the Chief Minister that there is an organized attempt by a criminal gang in the UDF to personally smear her using morphed photos, with the alleged connivance of UDF candidate Shafi Parambil. PM State Secretary MV Govindan accused a section of the media of abetting this.

Meanwhile, Shafi Parambil approached the High Court seeking to halt the fake votes planned by the LDF in Vadakara. Alleging that most of the polling officers and policemen assigned to election duty are Left sympathizers, Shafi also blamed the Panoor bomb blast.

In a petition filed by sitting MP Adoor Prakash in the High Court, the demand is to remove about one and a half lakh double votes in the Attingal constituency. LDF candidate V Joy’s response is that he is being accused out of fear of failure.

BJP targets Tharoor

BJP is targeting Tharoor, citing Supreme Court lawyer Jai Anand’s revelation that Thiruvananthapuram sitting MP and Congress Working Committee member Shashi Tharoor behaved indecently with a woman in a Delhi hotel in October 2022. It was also alleged that media activist Karan Thapar tried to cover up the complaint. BJP IT cell chief Amit Malviya demanded answers from Tharoor and Thapar. Tharoor’s stance is that the allegation is timed before the election and if the woman has a complaint, she should come forward with proof.

CM responds to Modi

Prime Minister Narendra Modi, who has accused the Chief Minister and his daughter of corruption, has stated that the culprits will not be spared, which is being interpreted as an indication of internal drama ahead of the elections. Yesterday, the Chief Minister responded that there are clear records of the money transfer between the two companies and no…

Source…