Saturday, February 19, 2022 // (IG): BB //Weekly Sponsor: ISG
Experts warn that China outpaces the U.S. in cyberwarfare weapons
China views social media networks as tools for cyberwarfare and America does not have the defenses to fight off China in the long term, according to experts on China and cybersecurity. Targets of Beijing’s sophisticated cyberwarfare techniques include financial, energy and transportation networks, as well as national and military decision-makers, according to People’s Liberation Army writings analyzed by Dean Cheng, a Heritage Foundation scholar of Chinese military capabilities. Mr. Cheng and Winnona DeSombre, a cyber statecraft expert at the Atlantic Council, sounded the alarm about China’s cyberwarfare capabilities in testimony to the U.S.-China and Economic Security Review Commission. Mr. Cheng said China’s work in what it terms the ‘three warfares’ of psychological warfare, public opinion warfare, and legal warfare poses a threat in the cyber domain. China’s practice of integrated network and electronic warfare involves more than computers and can extend into civilian information systems and seek to wreak havoc even in peacetime. “It is not simply zeroes and ones, it is not simply computers, it is the human element of interpreting what is on the screen,” Mr. Cheng said. “Do you believe the emails on your screen? Do you believe that your email went to the right place, and conversely that the tweet, the Instagram, the TikTok actually is a reflection of reality?”
READ THE STORY: Washington Times
A QUICK LOOK:
DOJ Tells Cybercriminals, “If You Continue to Come for Us We Will Come for You” and Warns Companies to Keep Their “Cyber Shields Up”
FROM THE MEDIA: The U.S. Department of Justice (DOJ) recently announced new efforts to combat constantly evolving cyber threats including the “explosion of ransomware and the abuse of cryptocurrency” and issued a warning to companies, advising them to heighten their defenses against cybercriminals and ransomware. During the keynote speech at the Munich Cyber Security Conference, on February 17, 2022, DOJ Deputy Attorney General Lisa Monaco, noted that “cybersecurity is global security” and that we are facing an “unprecedented threat” as she announced the formation of a new FBI Unit and a new initiative focused on abuses of cryptocurrencies and related cybercrimes. As part of the federal government’s broad effort to disrupt ransomware operators and other cybercrime groups, the FBI’s Virtual Asset Exploitation Unit (VAXU), will investigate abuses of cryptocurrencies. The DOJ’s International Virtual Currency Initiative will work with law enforcement, prosecutors, and cryptocurrency platforms to trace ransom payments, develop regulations and anti-money laundering legislation, and facilitate joint global law enforcement collaboration.
READ THE STORY: National Law Review // USA Today
A QUICK LOOK:
How cyber attackers used Bond film ‘No Time to Die’ to exploit fans
FROM THE MEDIA: Spam and phishing attacks soared in 2021 as cyber criminals lured users by focusing on topics related to lucrative investments, online streaming of box-office hits including the James Bond film No Time to Die, and themes related to the pandemic, the latest annual report by Kaspersky found. Cyber attack risks have risen sharply with fraudsters moonlighting as reputable individuals and entities, in line with the increased adoption of digitization, the Moscow-based cyber security firm said. “The equation here is very simple: the more things are connected to the internet, the bigger the opportunity for exploitation, and larger the attack surface,” Amir Kanaan, managing director for the Middle East, Turkey and Africa at Kaspersky, told The National. “As we continue to push the boundaries of what technology can do, cyber security should always be a top priority for innovators and remain at the forefront of any new technology. However, most of the time, it is overlooked.” The average financial impact of a ransomware attack in the Middle East, Turkey and Africa region reached about $882,000 in 2021, Mr Kanaan said.
READ THE STORY: The National News
A QUICK LOOK:
CISA Releases New Insight to Help Critical Infrastructure Owners Prepare for and Mitigate Foreign Influence Operations.
FROM THE MEDIA: The Cybersecurity and Infrastructure Security Agency (CISA) released a new CISA Insight today, Preparing for and Mitigating Foreign Influence Operations Targeting Critical Infrastructure, which provides critical infrastructure owners and operators with guidance on how to identify and mitigate the risks of influence operations that use mis-, dis-, and malinformation (MDM) narratives. Recently observed foreign influence operations abroad demonstrate that foreign governments and actors can quickly employ sophisticated influence techniques to target American audiences with the goal of disrupting U.S. critical infrastructure and undermining U.S. interests. This CISA Insight is intended to raise awareness amongst critical infrastructure owners and operators on the risks of such influence operations. The document also outlines steps organizations can take to mitigate the effects of MDM, such as ensuring swift coordination in information sharing and communicating accurate and trusted information to bolster resilience. “We need to be prepared for the potential of foreign influence operations to negatively impact various aspects of our critical infrastructure with the ongoing Russia-Ukraine geopolitical tensions,” said CISA Director Jen Easterly. “We encourage leaders at every organization to take proactive steps to assess their risks from information manipulation and mitigate the impact of potential foreign influence operations.”
READ THE STORY: CISA
A QUICK LOOK:
The Cybersecurity Risks of an Escalating Russia-Ukraine Conflict
FROM THE MEDIA: As warnings of an imminent Russian attack on Ukraine proliferate, news networks and social media have featured clips of Russian armed forces training, exercising, and preparing to fight. Less visible are Russia’s formidable cyber forces that would be preparing to unleash a new wave of cyber-attacks on Ukrainian and western energy, finance, and communications infrastructure. Whether an invasion occurs now or not, tensions will remain high, and the cyber threat will likely wax, not wane. The implications for business of conflict in Ukraine — whether conventional, cyber, or hybrid — will be felt far beyond the region’s borders. As a business leader, you’ve likely already assessed whether you have people at risk, operations that might be affected, or supply chains that might be interrupted. The White House recently warned of the supply-chain vulnerabilities stemming from the U.S. chip industry’s reliance on Ukrainian-sourced neon. And Russia also exports a number of elements critical to the manufacturing of semiconductors, jet engines, automobiles, agriculture, and medicines, as detailed in a Twitter thread by former Crowdstrike CTO, Dmitri Alperovitch. Given the existing pressure on U.S. supply chains from the Covid-19 pandemic, adding further shock to the system is worrisome. But if you are just now evaluating your cyber posture, you are probably too late. Effective cyber defense is a long game requiring sustained strategic investment, not a last-minute bolt on. Conflict in Ukraine presents perhaps the most acute cyber risk U.S. and western corporations have ever faced. Invasion by Russia would lead to the most comprehensive and dramatic sanctions ever imposed on Russia, which views such measures as economic warfare. Russia will not stand by, but will instead respond asymmetrically using its considerable cyber capability.
READ THE STORY: Harvard Business Review
A QUICK LOOK:
Russia rejects claims it was responsible for cyberattack on Ukraine
FROM THE MEDIA: Russia on Saturday rejected U.S. allegations that it was responsible for cyberattacks on Ukrainian banking and government websites as baseless, the Russian embassy in the United States said on Twitter. "We categorically reject these baseless statements of the administration and note that Russia has nothing to do with the mentioned events and in principle has never conducted and does not conduct any 'malicious' operations in cyberspace," it said. U.S. Deputy National Security Advisor Anne Neuberger said on Friday that Russian military intelligence was behind the recent spate of distributed denial of service (DDoS) attacks that briefly knocked Ukrainian banking and government websites offline.
READ THE STORY: Reuters // Business Today // Cyber-Report
A QUICK LOOK:
Critical vulnerabilities in Zabbix Web Frontend allow authentication bypass, code execution on servers
FROM THE MEDIA: Footage of opposition leaders calling for the assassination of Iran’s Supreme Leader ran on several of the nation’s state-run TV channels in late January after a state-sponsored cyber-attack on Iranian state broadcaster IRIB. The incident – one of a series of politically motivated attacks in Iran that have occurred in the last year – included the use of a wiper that potentially ties it to a previous high-profile attack on Iran’s national transportation networks in July, according to researchers from Check Point Research. However, though the earlier attacks have been attributed to Iran state-sponsored actor Indra, researchers believe a copycat actor was behind the IRIB attack based on the malware and tools used in the attack, they said in a report published Friday. “Among the tools used in the attack, we identified malware that takes screenshots of the victims’ screens, several custom-made backdoors, and related batch scripts and configuration files used to install and configure the malicious executables,” researchers wrote in the report. “We could not find any evidence that these tools were used previously, or attribute them to a specific threat actor.”
READ THE STORY: Portswinger
A QUICK LOOK:
Fixing Spectrum Warfare Won’t Be Quick—Creativity Needed
FROM THE MEDIA: Long neglect of electronic warfare and electromagnetic spectrum operations won’t be reversed quickly, especially without funding priority—and creative approaches are needed to get back in the game, experts said. However, there is top-down urgency to find solutions. “I think we’re all in agreement: We’re not moving fast enough,” said Maj. Gen. Daniel L. Simpson, Air Force assistant deputy chief of staff for intelligence, surveillance, and reconnaissance, during an AFA Mitchell Institute for Aerospace Studies event Feb. 17. “So now the question is: What do you do? What do you go after to bring additional credibility to an integrated deterrence” while working under an interim national security strategy? Simpson said Air Force Secretary Frank Kendall has rejected the Air Force’s draft electromagnetic spectrum, or EMS, operating concept—the implementation plan for the EMS strategy. Kendall is “not shy about giving feedback” and said the implementation plan “looked too much like a strategy” and lacked “hard impact, quantitative things to be able to do it. So the team is going back” with a new version, Simpson said. It’s “in draft and is working through all the widgets right now.” Fixing EMS operations will require boosting the number of people working in the field, Simpson said.
READ THE STORY: AFMAG
A QUICK LOOK:
FCC proposes $45 million fine for health insurance Robocaller
FROM THE MEDIA: The US Federal Communications Commission (FCC) today proposed the largest-ever fine against a robocaller for Telephone Consumer Protection Act violations. The Commission wants to hit Florida-based lead generator Interstate Brokers with a $45 million TCPA fine for making more than 500,000 unlawful robocalls without an emergency purpose or the consumers’ prior express consent. The company allegedly used false claims about the COVID-19 pandemic to convince people to purchase health insurance products and offered health plans that included telemedicine services. Consumers contacted in this illegal robocall campaign received pre-recorded voice messages on phone numbers collected while they were looking for health insurance quotes online or from third-party vendors. If they answered the call, the automated system transferred them to call centers and were offered health insurance products from several insurance companies that had hired Interstate Brokers’ services.
READ THE STORY: Cyber-reports
A QUICK LOOK:
Deep dive into hack against Iranian state TV yields wiper malware, other custom tools
FROM THE MEDIA: The Jan. 27 hack of Iranian state broadcaster IRIB — which ran a message of support for opposition leaders and called for the assassination of Iran’s supreme leader — came with previously unidentified wiper malware, according to research that suggests the incident was more destructive than initially assumed. Researchers with Check Point, a Tel Aviv-based cybersecurity company, published the findings Friday based on what it said were files and other forensic evidence connected to the hack. Iranian officials acknowledged the attack at the time, saying that “disruptions” also occurred on another television channel and two radio stations, and called the hack “complex.” The breach occurred the day before Iran began its multi-day celebration of the 1979 revolution. “We could not find any evidence that these tools were used previously, or attribute them to a specific threat actor,” the researchers wrote. The files found and analyzed by Check Point include the wiper; the software used to play the video; malware that takes screenshots of target screens; evidence of custom-made backdoors; and files for installing and configuring malicious executables. Check Point didn’t speculate on what else those tools might have been used for, or how the hackers gained initial access to the networks.
READ THE STORY: Cyberscoop // Threatpost
A QUICK LOOK:
Items of interest
A guide to Russian propaganda. Part 5: Reflexive Control(Article)
FROM THE MEDIA: While fake news and disinformation receive lots of attention nowadays, they are only part of Russia’s hybrid war, which is based on a Soviet secret technique of reflexive control. Using disinformation, cyber attacks, blackmail, provocations, fabrications, military deceptions, and other active measures, Russia creates a virtual reality that prompts its victims into making the political decisions Russia wants without suspecting they are being manipulated. Fake news and disinformation receive most of the attention of western security institutions when it comes to examining Russian meddling in democratic countries. What escapes the attention of many an analyst is that disinformation is only a small part of Russia’s toolbox of hybrid war, one of the manifestations of Active Measures, by which Russia seeks to rebuild its former empire and gain dominance over the West.
READ THE STORY: EuroMaidanPress
A guide to Russian propaganda 1-6. (Video)
FROM THE MEDIA: The Russian propaganda machine produces endless streams of fakes and manipulative stories. While at times they may seem outrageous or silly, they are far from being random. Russian propaganda for both domestic and foreign audiences follows techniques that stem from Goebbel’s times. Ultimately, it is a weapon of war. In our series A guide to Russian propaganda, we examine how propaganda works, and how one can avoid falling for it. In our first series, Propaganda prepares Russia for war, we use Kseniya Kirillova’s classification of strategies of Russian propaganda for Russians, and illustrate it with disinformation episodes gathered by EU Stratcom’s Disinformation Review (we would like to thank Oleksandr Nykonorov, Pavlo Spirin, East StratCom Network, StopFake, and others for their excellent work in monitoring Kremlin disinformation.) Russian propaganda for Russians has a very different tone than the stuff the Russian state serves up to foreigners. This is partially because they serve very different purposes. The Russian state lacks the ability to coerce foreign populations (well, outside of occupied territories) and therefore propaganda is mainly a tool of division. Russia tries to persuade western audiences about Russia’s reasonableness, create grassroots or even political lobbies for pro-Russian positions, or sometimes just confuse people and muddy the waters about key issues.
Influence without entanglement? China’s evolving role in the Middle East(Video)
FROM THE MEDIA: A conversation featuring Jonathan Fulton, Lina Benabdallah and David O. Shullman to discuss China–Middle East Relations and a newly launched handbook on the topic.
About this Product
These open source products are reviewed from analysts at InfoDom Securities and provide possible context about current media trends in regard to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not specifically endorse any third-party claims made in their original material or related links on their sites, and the opinions expressed by third parties are theirs alone. Contact InfoDom Securities at dominanceinformation@gmail.com