Daily Drop (121)
5-1-22
Sunday, May 01, 2022 // (IG): BB //Weekly Sponsor: Unsafe Waters
‘Yo-Yo’ DDoS Cyber Attacks; What they Are and How You Can Beat Them
FROM THE MEDIA: ‘Yo-Yo’ DDoS cyberattacks might sound like a bad video game or science fiction movie, but in reality, they’re a type of innovative distributed denial-of-service (DDoS) attack.
Typically, DDoS (Distributed Denial of Service) attacks use massive traffic such as HTTP, DNS, TCP, and other methods to allow attackers to disrupt even the most well-defended networks or servers. But Yo-Yo DDoS is an entirely different animal.
They are a much more innovative way to attack public cloud infrastructure resources. In today's cloud architecture, almost every resource can scale quickly. It could be nodes, Kubernetes Pods, load balancers, etc. You have unlimited resources when it comes to scaling in the public cloud. The cyber attackers use those cloud auto-scaling capabilities against you and hurt you financially. It literally could destroy small organizations that have limited cloud budgets. This article will shed more light on these types of attacks to help you increase your cyber readiness.
READ THE STORY: Geektime
The race against hackers to secure EV cyber-grid
FROM THE MEDIA: Lost in the shuffle of EV usage, bright expectations, and plans to keep their battery full, is a challenge familiar to many pieces of developing tech: EV charging station cybersecurity.
Earlier this year, a 19-year-old tech security specialist used a third-party software app to hack into 25 Tesla vehicles in countries all over the world. It was the first reported incident of a third-party app being used to hack and obtain full access to vehicle data and controls. Cybersecurity is a deadly serious issue for Tesla, yet hackers still found a way to compromise their systems. As EVs continue to grow and take over the road, thousands of potentially unprotected EV charging stations across the country are an inviting target for cyber attackers. Without a strong emphasis on cyber security, these stations could become a hacker superhighway.
EV charging stations can be vulnerable to hackers if they do not come equipped with agile, thorough cyber security measures. Essentially, EV charging infrastructure is a device that waits for another device to connect and begin communicating without a third party firewall or other cybersecurity devices to act as protection, so cybersecurity tech must be built directly into the charging station itself.
READ THE STORY: Betanews
How to defend NYC’s critical infrastructure today
FROM THE MEDIA: Big congratulations to Gov. Hochul are in order. She recently announced that the New York State Energy Research and Development Authority (NYSERDA) has finalized two major projects to deliver clean, renewable solar, wind and hydroelectric power from upstate New York and Canada to New York City. This is a big deal because these renewable energy and transmission projects will not only deliver substantial greenhouse gas reductions and air-quality improvements, but more than $8 billion in economic development across the state, including investments in disadvantaged communities.
If you’ve been following the news, you know that today, like at no other time before, big public projects like these are at real risk of a cyberattack that renders them inoperable. The federal government has recently discovered Russian malware or “botnets” that could be used for anything from mere surveillance to actual attacks that destroy critical infrastructure in the United States, including financial firms, pipelines and the electric grid, just like the new powerlines Hochul just announced.
READ THE STORY: NY Daily News
Boris Johnson targeted by cyber soldiers as part of Kremlin’s disinformation campaign
FROM THE MEDIA: BORIS Johnson is being targeted by cyber soldiers as part of a large-scale Kremlin disinformation campaign, it has emerged. A Russian troll factory plaguing social media with lies has been exposed with the possibility operatives could be delivering the propaganda from Britain. Masterminds are working out of an old factory in St Petersburg in a bid to manipulate public opinion of the illegitimate war in Ukraine, expert research shows. Their supporters target senior UK ministers spamming them with pro-Putin and pro-war messages in the comment sections of social media platforms.
Foreign Secretary Liz Truss said: “We cannot allow the Kremlin and its shady troll farms to invade our online spaces with their lies about Putin’s illegal war. “The UK Government has alerted international partners and will continue to work closely with allies and media platforms to undermine Russian information operations.”
Activity has been detected across Twitter, Facebook, Telegram, Instagram, YouTube and TikTok. Influencers on TikTok are being paid to amplify the propaganda. Tactics are similar to those used by terror group ISIS and political conspirators QAnon to in a large-scale effort to sway public opinion.
READ THE STORY: The Sun
China drone giant grounds Russia, Ukraine sales
FROM THE MEDIA: In the latest move in China’s delicate balancing act over Russia’s invasion of Ukraine, Chinese drone maker DJI has suspended its operations in both warring nations. The Shenzhen-based company is the world’s largest drone manufacturer. This move makes DJI the first major Chinese company to stop business in both countries amid a conflict that the West has condemned and sanctioned but China has so far stood mostly on the sidelines despite its alliance with Moscow.
In an April 26 statement, DJI announced that it will suspend all of its business activities in Russia and Ukraine, pending an internal assessment of compliance requirements in various regions. In another statement, DJI said that it does not sell products to customers who clearly plan to use them for military purposes or help to modify them for military use, and will never accept any use of its products to cause harm.
Moreover, in a separate statement, DJI Europe spokesperson Barbara Stelzner said that the company’s position is “not to make a statement about any country, but to make a statement about our principles.”
READ THE STORY: Asian Times
Hacktivists Are Sharing Russian State Secrets With the World
FROM THE MEDIA: The war in Ukraine has spurred a dramatic rise in hacktivism, or hacking by private individuals for a socially or politically motivated purpose, as groups mobilize to support their side in the conflict. Hacktivists have targeted Russian networks—in some cases coordinated by Ukrainian government officials through Telegram and other social media networks—and in other cases, they have acted without outside direction. Hackers have launched wiper attacks against Russian companies, which seek to overwrite critical data and thus render computers unusable, as well as distributed denial of service (DDoS) attacks, which aim to flood a network or website with so much traffic that it cannot function properly. Even ransomware gangs have gotten in on the action, with one group, NB65, using stolen Russian ransomware source code to encrypt data on Russian networks and demand payment for a decryption key. Ukraine has leveraged a groundswell of international support to create formidable offensive cyber capabilities virtually overnight.
READ THE STORY: National Interest
Hacking Russia was off-limits. The Ukraine war made it a free-for-all.
FROM THE MEDIA: For more than a decade, U.S. cybersecurity experts have warned about Russian hacking that increasingly uses the labor power of financially motivated criminal gangs to achieve political goals, such as strategically leaking campaign emails.
Prolific ransomware groups in the last year and a half have shut down pandemic-battered hospitals, the key fuel conduit Colonial Pipeline and schools; published sensitive documents from corporate victims; and, in one case, pledged to step up attacks on American infrastructure if Russian technology were hobbled in retribution for the invasion of Ukraine.
Yet the third month of war finds Russia, not the United States, struggling under an unprecedented hacking wave that entwines government activity, political voluntarism and criminal action.
READ THE STORY: Washington Post
Russia using troll factory to target Kremlin critics
FROM THE MEDIA: Russia has turned an old factory in Saint Petersburg into a so-called troll farm to spread disinformation and target Kremlin critics, including world leaders, according to UK government-funded research disclosed Sunday.
The site in the Russian city is allegedly being used to “spread lies” on social media and in comment sections of popular websites, Britain’s foreign ministry said in a statement detailing what it called a “sick” operation.
The ministry, which will share the research with social media platforms, claimed it found paid employees of the troll factory were targeting politicians as well as musicians and bands, in countries including Britain, South Africa, and India.
They use online platforms to recruit and coordinate new sympathizers who then target the social media profiles of Kremlin critics, spamming them with comments backing Russian President Vladimir Putin and the war in Ukraine, it added.
READ THE STORY: The Guardian
'Right to be forgotten': Israel firm promises to purge digital footprint
FROM THE MEDIA: Three young Israelis formerly serving in military cyber units have figured out how to locate your digital footprint -- and give you the tools to delete it. The company Mine, co-founded by Gal Ringel, Gal Golan and Kobi Nissan, says it uses artificial intelligence to show users where their information is being stored -- like whether an online shoe store kept your data after a sneaker purchase three years ago.
Ringel said Mine's technology has already been used by one million people worldwide, with over 10 million "right to be forgotten" requests sent to companies using the firm's platform.
Mine launched after the European Union's General Data Protection Regulation (GDPR) -- now an international reference point -- set out key rights for users, including the deletion of personal data that was shared with a site for a limited purpose.
READ THE STORY: Yahoo News
One of the Most Powerful DDoS Attacks Ever Hits a Crypto Platform
FROM THE MEDIA: A CRYPTOCURRENCY PLATFORM was recently on the receiving end of one of the biggest distributed denial of service attacks ever recorded, after threat actors bombarded it with 15.3 million requests, the content-delivery network Cloudflare said.
This story originally appeared on Ars Technica, a trusted source for technology news, tech policy analysis, reviews, and more. Ars is owned by WIRED's parent company, Condé Nast.
DDoS attacks can be measured in several ways, including by the volume of data, the number of packets, or the number of requests sent each second. The current records are 3.4 terabits per second for volumetric DDoS's—which attempt to consume all bandwidth available to the target—and 809 million packets per second, and 17.2 million requests per second. The latter two records measure the power of application-layer attacks, which attempt to exhaust the computing resources of a target’s infrastructure.
READ THE STORY: Wired
Ethereum's L2 Team May Have Interviewed North Korean Hacker While Hiring
FROM THE MEDIA: Infamous North Korean hackers are a nightmare for the DeFi segment and crypto as a whole. Yesterday, Aztec Network's growth lead shared how he most likely interviewed one of them for a job.
Mr. Wu has taken to Twitter to share his story about a job interview with a "Solidity developer" that definitely went wrong. He found a candidate through the Greenhouse platform; the applicant claimed he is a skilled Solidity engineer with 6+ years of experience.
The CV of this candidate included the phrase "the world will see the great result from my hands." This looked a bit too villain-style for Mr. Wu. However, he proceed to Zoom interview with the eccentric applicant who pretended to be an Ontario-based engineer.
READ THE STORY: U Today
Hackers offering confidential Coca-Cola data for $64,000
FROM THE MEDIA: A group of hackers dubbed Stormous is claiming to have caused a data breach at Coca-Cola Co. and is offering confidential data for the equivalent of about $64,000 in bitcoin but cybersecurity experts are casting doubt on the claim.
Coca-Cola is aware of the claim and is cooperating with law enforcement.
Stormous has a reputation for claiming to have "hacked" data that has previously been made available on the dark web by others, according to experts. According to one source, fraudsters frequently misrepresent the scope of their attacks to coerce victims into paying.
The group claims to be operating on behalf of Russia in revenge for Coca-decision Cola's to leave the nation following the invasion of Ukraine. Other hackers, ostensibly acting on behalf of Ukraine, have targeted companies that have chosen to remain in Russia.
READ THE STORY: Econotimes
FBI Conducted Almost 2 Million Warrantless Search of US Data, According to an Intel Report
FROM THE MEDIA: The Federal Bureau of Investigations (FBI) conducted up to 3.4 million warrantless searches of Americans' electronic data in 2021. The search included 1.9 million related to a cyber threat from Russia, according to an annual transparency report released by the Office of the Director of National Intelligence on Friday, Apr. 29. The transparency report is the first time that the US intelligence community has disclosed an approximate number of the FBI's searches of American data using the 1978 Foreign Intelligence Surveillance Act, according to CNN.
The law focuses on threats coming from outside of the United States. It also follows the FBI, the Central Intelligence Agency or the CIA, and others to search data for Americans' Information, providing a validly predicated foreign intelligence purpose.
The transparency report also does not suggest that the FBI acted improperly. Instead, it highlights the big trove of intelligence data that the bureau can use in pursuing terrorists, spies, and hackers.
READ THE STORY: Techtimes
Elon Musk’s Decision To Add End-To-End Encryption To Twitter DMs Sparks Major Concern
FROM THE MEDIA: With a new Twitter owner in place, change was inevitable and now we’re seeing some of Elon Musk’s ideas pave the way for a mega transition.
Recently, the billionaire announced some of his big plans for the platform, and this included adding end-to-end encryption such as Signal to direct messages (DMs) on Twitter. An important point to note here is that Twitter, back in 2018, internally tested the encryption for DMs, however, it appears that project somehow never got the chance to see the light of the day. In 2022, after Musk's takeover, the hope for that feature to come into existence is skyrocketing.
While the deal is yet to be followed through, many are raising their concerns on the matter. Yes, it would surely be an addedly level of privacy. But wait, that’s not all.
The decision could potentially open up a box full of opportunities that give rise to more criminal misuse of the app.
Musk revealed through a recent tweet how he wished the added feature could soon be implemented to prevent others from spying or even hacking your texts. This would be similar to what WhatsApp has, which has definitely done the app some good, not to mention increase its selling point.
With end-to-end encryption, all messages are jumbled after they leave the sender's phone and enter into the recipient’s. Therefore, any third party wishing to access it, simply cannot.
Studies have proven how a leading number of apps that use this format have greatly benefited. Common examples include Telegram and Signal, as well as WhatsApp. The feature has played a pivotal role in breaking down authoritarian regimes. Similarly, it put a halt to any uprisings that could come into play from different parts of the world.
READ THE STORY: Digital Information World
Items of interest
Strategic adaptability shapes outcome of modern wars
FROM THE MEDIA: There is a great degree of focus on Ukrainian defense but little on Russian recalibrations during the war. Both need to be studied carefully to assess the outcome of the ongoing conflict.
Even as a bizarre sense of global ineptitude has run into Russian President Vladimir Putin’s obstinacy in the ongoing attack on Ukraine, there is a settling fear that the war will continue longer than initially expected. If the Ukrainian crisis has taught the world anything, it is that any definitive pre-assessment of modern wars could be misleading, even when the two sides are asymmetrically distinctive in their supposed capabilities. Clearly, this has been on display in the Russia-Ukraine war on both sides. Whether it was the exaggerated nature of Ukrainian expectations from the West coming to its assistance against Russia, or the Russian expectation that Ukrainian defense might crumble in the face of the sheer weight of the Russian defense paraphernalia, both have depicted that modern wars require a great degree of adaptability in strategic planning, force deployment, modes of warfare, use of intelligence and above all the information war.
In modern wars, the unpredictability factor looms large. Small nations could inflict tremendous costs on relatively larger powers, which could in turn change the course of the war very quickly — often through the use of capabilities enhancing asymmetric power like drones, artificial intelligence, cyber attacks, space capabilities, use of social media and ability to put out information. All this requires a great degree of adaptability even as the war is going on, often reflecting poorly on the larger player in the conflict.
READ THE STORY: Daily Pioneer
The Dawn of a Cyber Warfare: Analyzing the Surge of Cyberattacks in the Russia-Ukraine Conflict (Video)
FROM THE MEDIA: As Russian military operations continue against Ukraine since February 24, 2022, Ukrainian national security officials are also keeping an eye on different battlefields. Ukrainian Deputy Prime Minister, Mykhailo Fedorov, reported cyberattacks against Ukrainian government websites regulated by Russia. Meanwhile, The Anonymous, an independent hacker group, also carried out cyberattacks against Russia by targeting 1,500 Russian websites. Since it’s happening in an infinite-invisible world, are they actually behind this cyber warfare?
Americans need to put this at the front of their daily thought (Video)
FROM THE MEDIA: In this special episode, we sat down with John Mills—retired colonel, former director of cybersecurity at the Defense Department, senior fellow with the Center for Security Policy, and part of the Spectrum Consulting Group. We also hear from Casey Fleming, CEO of BlackOps Partners. They talk about the growing importance of the cyber realm in modern warfare, what China might be learning from Russia's invasion of Ukraine, and what this means for Taiwan and the United States going forward.
About this Product
These open source products are reviewed from analysts at InfoDom Securities and provide possible context about current media trends in regard to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not specifically endorse any third-party claims made in their original material or related links on their sites, and the opinions expressed by third parties are theirs alone. Contact InfoDom Securities at dominanceinformation@gmail.com