CISA Insights Bulletin Urges U.S. Preparation for Data Wiping Attacks
Recent data-wiping attacks, targeting Ukrainian government agencies and businesses, prompted the release of a CISA Insights Bulletin urging U.S. organizations to strengthen their cybersecurity defenses. In what felt like coordinated attacks last Friday, the data-wiping malware (masquerading as ransomware) hit Ukrainian government organizations and was quickly followed by an aggressive unattributed cyber attack on Ukrainian government sites.
Want more insight? Log in for the full report
Already a member? Sign in to your account.
OODA Loop provides actionable intelligence, analysis, and insight on global security, technology, and business issues. Our members are global leaders, technologists, and intelligence and security professionals looking to inform their decision making process to understand and navigate global risks and opportunities.
You can chose to be an OODA Loop Subscriber or an OODA Network Member. Subscribers get access to all site content, while Members get all site content plus additional Member benefits such as participation in our Monthly meetings, exclusive OODA Unlocked Discounts, discounted training and conference attendance, job opportunities, our Weekly Research Report, and other great benefits. Join Here.
For more information please click here. Thanks!
Already a member? Sign in to your account.
Resources for the C-Suite and Crisis Management Team:
Twitter List For Tactical Information: This Twitter list of vetted resources that have reported accurately on tactical moves in the Ukrainian theater can be used to quickly capture the gist of a dynamic military situation.
C-Suite Guide: Improving Cybersecurity Posture Before Russia Invades Ukraine: The capabilities of Russia to conduct cyber espionage and cyber attack have been battle tested and are hard to thwart even during daily “peacetime” operations. They include well resourced capabilities of the military and intelligence services and also deep technical expertise in the Russian business ecosystem and in organized crime which operates as part of Russian national power. Proof points of Russian capabilities include the massive and sophisticated Solar Winds attacks which leveraged low and slow, well thought out plans to achieve access to multiple well-protected targets. Ransomware successes by Russian based criminal networks are also instructive as to the capability of Russian cyber threat actors. The use of malicious self replicating code (worms/virus/trojan) to spread malicious code into infrastructure is also well proven with decades of practice including fielding software that replicates from unclassified to classified systems in the military and spreads throughout critical infrastructure. This post goes beyond an articulation of the threat into recommendations leaders seeking to mitigate cyber threats from Russia including threats before, during and after a Ukraine invasion.
What The C-Suite Needs To Know About The Threat To Space Based Systems (and what to do about it): OODA recently updated the analysis below on threats to space based assets (with a focus on what the C-Suite needs to know) because of tensions with Russia and continued testing of satellite destruction capabilities the most recent of which (Nov 2021) caused significant increases in dangerous space debris. We recommend this be read in conjunction with our report on what the C-Suite needs to know about the cybersecurity threats due to the coming Russian invasion of Ukraine, see links in the document for more.
Will China Replicate Russia’s Cyber Offensives in a Taiwan Reunification?: The current situation in the Ukraine has garnered the world’s attention with stakeholders watching attentively as the crisis unfolds. Such regional hotspots have the potential of spilling over into neighboring countries and pulling in governments from all over the world in some capacity. The threat of armed conflict escalating into a major global engagement is always a possibility. China and Taiwan are eagerly watching the crisis as well, but largely for different reasons. While Taiwan is interested to see how friendly governments come to Ukraine’s aid, China is observing how Russia may go about reclaiming territory of the former Soviet Union, in the attempts of gaining insight into how such an act can be accomplished successfully, should Moscow do just that.
A Warning for the U.S. Chip Industry: Russian Retaliation Could Hit Supply of Key Materials: Russia may retaliate against the U.S. threat of trade sanctions and export curbs by blocking access to key materials like neon and palladium. Ukraine supplies over 90% of U.S. semiconductor-grade neon. This type of supply chain-based retaliation has become a priority concern for the White House, which is encouraging a broad diversification of the supply chain in the event Russia limits access to these key materials.
In 2022, the Strategic Impact of Global Intermodal Supply Chain Gridlock on IT Supply Chain Remains High: The OODA Loop Research Team has been tracking the impact on supply chains from the onset of the pandemic.
Russia’s Long Game, Leadership Lessons, and Learning from Failure: In February of 2021, Matt Devost spoke to Rob Richer, a highly regarded advisor to international executives and global government leaders including several heads of state. Rob has a well-informed perspective on international risks and opportunities and an ability to analyze and distill observations in a way that is meaningful for your decision-making process. In light of the conditions in Europe, this portion of their initial OODAcast conversation is timely and includes a discussion of Richer’s time as the head of CIA Russian Operations, his perspective on U.S./Russian relations (especially the role of cyber), leadership, the role of failure, and decision-making.
Charity Wright on China’s Digital Colonialism: Charity Wright is a Cyber Threat Intelligence Analyst with over 15 years of experience at the US Army and the National Security Agency, where she translated Mandarin Chinese. Charity now specializes in dark web cyber threat intelligence, counter-disinformation, and strategic intelligence at Recorded Future. Her analysis has provided deep insights into a variety of incidents, activities and strategic moves by well resourced adversaries, primarily actors operating in China.
The January 2022 OODA Network Member Meeting: Putin, Russia, Gray Zone Conflict Capabilities and The Future of Europe: To help members optimize opportunities and reduce risk, OODA hosts a monthly video call to discuss items of common interest to our membership. These highly collaborative sessions are always a great way for our members to meet and interact with each other while talking about topics like global risks, emerging technologies, cybersecurity, and current or future events impacting their organizations. We also use these sessions to help better focus our research and better understand member needs.
CISA Insights Bulletin Urges U.S. Preparation for Data Wiping Attacks :In what felt like coordinated attacks last Friday, data-wiping malware (masquerading as ransomware) hit Ukrainian government organizations and was quickly followed by an aggressive unattributed cyber attack on Ukrainian government sites. The attacks prompted the release of a CISA Insights Bulletin urging U.S. organizations to strengthen their cybersecurity defenses.
Additional Context on OODA Reporting on Russia’s Military-Technical Maneuvers in Europe: We are conscious of our need to keep our usual variety of News Brief and OODA Analysis, but for obvious reasons, this week is top-heavy with Russian, NATO, and Ukrainian coverage. We intend on keeping our focus on providing context you need vice the blow by blow of major moves. Like in other domains we endeavor to provide the “So What?” and “What’s Next?” you need to help drive your decisions.
OODA Research Report- The Russian Threat: This special report captures insights into the capabilities and intent of the Russian Threat, with a special focus on the cyber domain. Our objective: provide insights that are actionable for business and government leaders seeking to mitigate risks through informed decisions.