Recent ransomware attacks by identified Russian organized cybercrime groups like Vice Society and Ryuk have shed light on the critical need for companies to revamp security protocols, particularly within critical infrastructures such as healthcare, energy, and public services.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
The Russia-Ukraine conflict is having a substantial impact on how businesses view their defenses. 64% believe that their organizations have either been targeted or impacted by nation-state attacks.
Russian hackers have reportedly accessed surveillance cameras in apartment buildings and parking facilities, and are most interested in those that are near critical infrastructure or air defense systems and can have their viewing angles changed remotely.
TLS certificates enable a website to offer an encrypted https:// connection to visitors. Many Russian businesses have found themselves placed on sanctions lists due to the sweeping actions taken by Western nations and cannot renew them.
Russian darknet market Hydra emerged as the hotspot for illegal transactions within three years, earning $1.37 billion in cryptocurrency transactions.
Russian firm of uncertain backing called Operation Zero appears to be shaking up the zero-day exploit market, offering up to $20 million if hackers and researchers come to them first. Company claims that the market is undervalued.
The Russian hackers call themselves "Killnet" and first made the news in April with declarations of intent to conduct cyber attacks on critical infrastructure in other countries. The group has been linked to prior DDoS campaigns.
Major anti-malware vendors, Symantec, McAfee, and Trend Micro, allegedly had their source code stolen by Russian hackers. The full set of data including access to the companies' networks are now going on sale for $300,000.
Russian hackers had access to Ukraine's biggest telecoms provider for most of 2023, and likely had "full access" for at least the months of November and December.
Pan-European air traffic control agency Eurocontrol confirms that a cyber attack by pro-Russian hackers Killnet interrupted its website and web availability, making operations “difficult.”