Last week, Microsoft released a report with an assessment of the cyber lessons learned in Ukraine since the inception of the conflict. A collaboration between Microsoft threat intelligence and data science teams, the report’s goals and conclusions are described in an Editor’s Note as “sharpening our understanding of the threat landscape in the ongoing war in Ukraine; A series of lessons and conclusions resulting from the data gathered and analyzed; New information about Russian efforts including an increase in network penetration and espionage activities amongst allied governments, non-profits, and other organizations outside Ukraine; Details about sophisticated and widespread Russian foreign influence operations being used among other things, to undermine Western unity and bolster their war effort; and a call for a coordinated and comprehensive strategy to strengthen collective defenses – a task that will require the private sector, public sector, nonprofits, and civil society to come together.”
This assessment is brilliantly executed and contains actionable recommendations for organizations in any industry vertical concerned with the future cyber threat posed by Russia on a global scale. A synopsis and analysis of the report can be found here.
A Russian official threatened the West on Thursday, asserting that a “direct military clash” could result if Western governments continue to mount cyberattacks against its infrastructure. “The militarization of the information space by the West and attempts to turn it into an arena of interstate confrontation, have greatly increased the threat
Russia, probably more than any other leading power, launches cyberattacks against other countries as a matter of routine. Sometimes, Russian cyberattacks accompany military action, as in the current war in Ukraine. At other times, Moscow uses cyberattacks to disrupt or weaken societies, for instance during the 2016 US Presidential election.
The broadcast of the Football World Cup 2022 qualifier game between Wales and Ukraine on Sunday was interrupted in Ukraine by a cyberattack that targeted OLL.TV, a Ukrainian online broadcasting platform. Victor Zhora, deputy head of the State Service of Special Communications and Information Protection of Ukraine, or the SSSCIP, stated
Disruptive DDoS attacks against critical infrastructure and government targets have been increasingly prevalent since the beginning of Russia’s invasion of Ukraine. Infosec experts have observed a surge in global DDoS activity in recent months. The Cybersecurity and Infrastructure and Security Agency (CISA) issued a warning about these types of attacks
Russia is ‘failing’ in its mission to destabilize Ukraine’s networks after a series of thwarted cyber-attacks
Russia is failing in its mission to shake Ukraine’s cyber resilience as the country continues to successfully thwart cyber-attacks from its oppressor. That was the takeaway from WithSecure’s Sphere conference this week, as chief research officer Mikko Hyppönen told attendees that Putin’s regime is “largely failing”. During the event, held in Helsinki,
Dmytro Dubov, Head of the Information Security and Cyber Security Department of the National Institute for Strategic Studies in Kyiv, examines Russia’s methods of cyberattack against Ukraine’s critical infrastructure facilities, and their impact. He discusses the close coordination between Russia’s cyber and propaganda activities and highlights future challenges for Russia in
Policy circles in Washington are now debating how Vladimir Putin might respond to a major contraction of the Russian economy and clear signs that Moscow is losing the war in Ukraine. Some posit that a cornered president, furious and facing a near defeat, might indeed respond brutally—moving the proxy confrontation
NSA: Sanctions on Russia Having a Positive Effect on Ransomware Attacks, Attempts Down Due to Difficulty Collecting Ransom Payments
National Security Agency (NSA) director of cybersecurity Rob Joyce told attendees of a recent UK security conference that ransomware attacks are down in roughly the last two months, and that trend can be traced directly to sanctions placed on Russia. Criminals that operate out of the country are struggling to
The Conti ransomware operation has undergone some significant organizational structure changes in the past months after the brand became toxic due to its affiliation with the Russian government. The Conti operation has been highly successful, helping cybercriminals make billions of dollars after breaching the systems of hundreds of major organizations. While