Monday, February 21, 2022 // (IG): BB //Weekly Sponsor: ISG
CYBERWAR
FROM THE MEDIA: In early January this year, Australian media lit up with claims that Israeli criminals based in Ukraine were running online investment scams and cryptocurrency cons built on fake social media posts about Australian celebrities. It is slightly ironic then that in February, with Ukraine on the verge of a war with neighboring Russia, Australia is offering its support to the beleaguered Eastern European nation. It is not giving it guns and ammunition but is looking to share using Australia’s rapidly developing cyber defense and offensive capabilities in a potential conflict which is already skirmishes in cyberspace. Over the last five years, Australia has significantly ramped up spending on cyber warfare. It claims to be a regional cyber power, with funding boosted by AUD1.35 billion over the next decade. The capability resides in the Australian Cyber Security Centre within the Australian Signals Directorate, an organization with its origins listening to Japanese radio traffic during World War II. Space is another frontier for cyber warfare as nations launch next-generation satellites, which is one factor behind the recent creation of the Australian Space Agency.
READ THE STORY: CDO Trends
A QUICK LOOK:
The Cyber Social Contract: How to Rebuild Trust in a Digital World
FROM THE MEDIA: In the spring of 2021, a Russia-based cybercrime group launched a ransomware attack against the largest fuel pipeline in the United States. According to the cybersecurity firm Mandiant, the subsequent shutdown and gas shortage across the East Coast likely originated from a single compromised password. That an individual misstep might disrupt critical services for millions illustrates just how vulnerable the United States’ digital ecosystem is in the twenty-first century. Although most participants in the cyber-ecosystem are aware of these growing risks, the responsibility for mitigating systemic hazards is poorly distributed. Cyber-professionals and policymakers are too often motivated more by a fear of risk than by an aspiration to realize cyberspace’s full potential. Exacerbating this dynamic is a decades-old tendency among the large and sophisticated actors who design, construct, and operate digital systems to devolve the cost and difficulty of risk mitigation onto users who often lack the resources and expertise to address them. Too often, this state of affairs produces digital ecosystems where private information is easily accessible, predatory technology is inexpensive, and momentary lapses in vigilance can snowball into a continent-wide catastrophe. Although individually oriented tools like multifactor authentication and password managers are critical to solving elements of this problem, they are inadequate on their own. A durable solution must involve moving away from the tendency to charge isolated individuals, small businesses, and local governments with shouldering absurd levels of risk.
READ THE STORY: Foreign Affairs
A QUICK LOOK:
Major Hack On Ukraine Infrastructure Highlights The Reality Of Modern Warfare
FROM THE MEDIA: The websites of the Ukrainian army, the defense ministry and major banks were knocked offline after a series of cyberattacks highlighting the nature of modern-day warfare. At least a dozen Ukrainian websites were unreachable for a few hours due to the attacks, including the defense, foreign and culture ministries and Ukraine’s two largest state banks. Customers of Privatbank and Oschadbank reported problems with online payments, ATM withdrawals and mobile apps. Even though Ukraine officials didn’t rush to blame Russia for the attack, like they did with a previous cyber attack, a Ukrainian Information Ministry statement suggests Russian involvement. “It is possible that the aggressor resorted to tactics of petty mischief, because his aggressive plans aren’t working overall,” the Ukrainian statement said. This is the second cyberattack on Ukrainian infrastructure this year. Last month, a massive cyber-attack knocked out key government websites, the foreign ministry, the cabinet of ministers and the security and defense council, among others. The hackers left a message on the Ukrainian Foreign Ministry website saying: “Ukrainians! … All information about you has become public. Be afraid and expect worse. It’s your past, present and future.” Authorities in Kyiv said they had uncovered clues that Russian security services could have been behind the cyber-attack. Unless some third party is trying to take advantage of openings amid an intensifying crisis between Ukraine and Russia, Russian hackers, either acting privately or state-sponsored, are likely behind this week’s attack.
READ THE STORY: Oil Price
A QUICK LOOK:
FBI Braces for Russian Cyber Attacks in US as Ukraine Tensions Rise
FROM THE MEDIA: An FBI report obtained by Newsweek has called on the U.S. private sector to be prepared for potential state-sponsored cyber attacks to be launched by Russia as tensions over Ukraine threaten to spill into an all-out conflict in Eastern Europe. The Liaison Information Report (LIR) was dated February 20 and attributed to the FBI Office of Private Sector. "The FBI Cyber Division, in coordination with the FBI's Office of Private Sector (OPS), prepared this LIR to inform the private sector about the threat of Russian state-sponsored advanced persistent threat (APT) cyber activities, while tensions with Russia are heightened," the report said. "The FBI is engaging in efforts to support the U.S. response and to secure the Homeland from any Russian actions; historically, Russian state-sponsored APT cyber activities increase when tensions are high with Russia," the report added. The report directly mentioned the deteriorating security situation on Ukraine's border in connection with the potential cyber threat. "Due to the increased threat of Russian military action, the security situation in Ukraine could deteriorate with little notice," the report said. "The United States, along with its Allies and partners, has underscored its readiness to impose significant costs on Russia if it takes further military action against Ukraine, potentially further increasing the volume/severity of Russian APT cyber activities."
READ THE STORY: Newsweek
A QUICK LOOK:
Iran-backed attacks are further driving UAE-Israeli defense tech development
FROM THE MEDIA: The United Arab Emirates and Israel are expected to boost security cooperation and further joint defense-industrial ventures in the wake of several attacks by Iranian proxy forces, experts have told Defense News. The UAE and Israel in September 2020 signed the Abraham Accords, which saw the two countries normalize diplomatic relations and enhance economic cooperation. Shared enmity of Iran and mutual fears over its nuclear program helped push the deal through after years of clandestine ties. And it was about a year ago that Emirati defense conglomerate Edge Group partnered with Israel Aerospace Industries to develop counter-drone systems, marking the first defense collaboration of its kind between the two countries. “While Israel was initially hesitant to actually share technological know-how and its technological edge with a new partner such as the UAE, I think escalation from Yemen, with Iranian proxy forces targeting the UAE directly with missiles and drones, has advanced these discussions between Israeli and UAE defense industr[ies] to share capability or jointly develop new capability,” Andreas Krieg, a conflict and security expert at King’s College London, told Defense News. While Israel is still concerned about maintaining a technological edge over its neighbors, Krieg said, this mostly applies to offensive weaponry.
READ THE STORY: Defense News
A QUICK LOOK:
Taiwan Introduces ‘Economic Espionage’ Law Aimed At Chinese Tech Thieves
FROM THE MEDIA: Taiwan has introduced harsh new national security laws aimed at punishing Chinese interests intent on poaching personnel and stealing tech industry secrets. Premier Su Tseng-chang said that officials have discovered Chinese nationals “utilizing various methods to lure high-tech talent from Taiwan and steal Taiwanese core technologies.” Taiwan says these bad actors hide their Chinese interests, and invest in Taiwanese tech companies through third parties, causing “considerable harm to the cyber security, economic interests, industry competitiveness and national security of Taiwan.” Under the new laws, charges of “economic espionage” and “extraterritorial use of national core technology trade secrets” will be met with prison sentence of 12 and 10 years, respectively. The laws also require workers at major tech companies, such as semiconductor leader TSMC, to be granted governmental approval before visiting mainland China. Tech companies will also be required to reveal if Chinese companies invest in their company using a proxy.
READ THE STORY: ChannelNews
A QUICK LOOK:
A Convoy Revved by Foreign Actors Spreading Lies
FROM THE MEDIA: Most Canadians probably think that the right-wing U.S. Fox News network has dominated global coverage of Canada’s so-called “Freedom Convoy.” But they’d be wrong. Russia Today, or RT, a state-owned agency set up by President Vladimir Putin in 2005 with an annual budget of $400-million, has offered nearly twice as many articles: some 1,200 stories. RT’s editor-in-chief has alternately described the agency as an unofficial “soft power” branch of the Russian Defense Ministry and as an “info weapon.” U.S. historian Timothy Snyder has written that RT “wished to convey that all media lied, but that only RT was honest by not pretending to be truthful.” With access to seven million Canadian households plus Quebec language TV, RT has been serving up a steady diet of anti-vaccine and anti-mask articles since the beginning of the pandemic as part of long-standing propaganda campaign to destabilize democracies by dividing their citizens. During the Ottawa occupation it offered one toxic editorial by Sputnik France (another Russian state agency) that described the Canadian state as “dictatorship” and the “first iteration of a Chinese-style social credit regime in the Western world.”
READ THE STORY: The Tyee
A QUICK LOOK:
NTT Docomo launches spam email exhibition
FROM THE MEDIA: Japanese telecom giant NTT Docomo is trying a novel approach to stopping spam email scams by sharing them with users. The company has launched a website that showcases malicious messages to warn people to be on guard. The site is called "junk e-mail exhibition," and it is formatted like an email inbox. It displays actual spam messages claiming to be from online retailers, credit card firms, mobile carriers and more. They warn of issues like payment problems and ask users to click links. The messages are phishing scams that aim to steal customer data.
NTT Docomo is also asking the public to help out with the exhibition. It has launched a Twitter account where people can share spam email they've received. The website will run through March 18 to coincide with cybersecurity month in Japan.
READ THE STORY: NHR // IphoneWired
A QUICK LOOK:
Hackers Exploiting Infected Android Devices to Register Disposable Accounts
FROM THE MEDIA: An analysis of SMS phone-verified account (PVA) services has led to the discovery of a rogue platform built atop a botnet involving thousands of infected Android phones, once again underscoring the flaws with relying on SMS for account validation. SMS PVA services, since gain prevalence in 2018, provide users with alternative mobile numbers that can be used to register for other online services and platforms, and help bypass SMS-based authentication and single sign-on (SSO) mechanisms put in place to verify new accounts. "This type of service can be used by malicious actors to register disposable accounts in bulk or create phone-verified accounts for conducting fraud and other criminal activities," Trend Micro researchers said in a report published last week. Telemetry data gathered by the company shows that most of the infections are located in Indonesia (47,357), followed by Russia (16,157), Thailand (11,196), India (8,109), and France (5,548), Peru (4,915), Morocco (4,822), South Africa (4,413), Ukraine (2,920), and Malaysia (2,779). A majority of affected devices are budget Android phones assembled by original equipment manufacturers such as Lava, ZTE, Mione, Meizu, Huawei, Oppo, and HTC.
READ THE STORY: THN
A QUICK LOOK:
BEC scammers impersonate CEOs on virtual meeting platforms
FROM THE MEDIA: The Federal Bureau of Investigation (FBI) warned this week that US organizations and individuals are being increasingly targeted in BEC (business email compromise) attacks on virtual meeting platforms. Business Email Compromise/Email Account Compromise (BEC/EAC) is a sophisticated scam that targets both entities and individuals who perform legitimate transfer-of-funds requests Cybercriminals are targeting organizations of any size and individuals, in BEC attack scenarios attackers pose as someone that the targets trust in, such as business partners, CEO, executives, and service providers. Scammers use to compromise legitimate business or personal email accounts through different means, such as social engineering or computer intrusion to conduct unauthorized transfers of funds. rooks started using virtual meeting platforms due to the popularity they have reached during the pandemic. The Public Service Announcement published by FBI warns of a new technique adopted by scammers that are using virtual meeting platforms to provide instructions to the victims to send unauthorized transfers of funds to fraudulent accounts.
READ THE STORY: Security Affairs
A QUICK LOOK:
Items of interest
Cybercrimes in Nigeria: Analysis, Detection and Prevention(Paper)
FROM THE MEDIA: Over the years, the alarming growth of the internet and its wide acceptance has led to increase in security threats. In Nigeria to- day, several internet assisted crimes known as cybercrimes are committed daily in various forms such as fraudulent electronic mails, pornography, identity theft, hacking, cyber harassment, spamming, Automated Teller Machine spoofing, piracy and phishing. Cybercrime is a threat against vari- ous institutions and people who are connected to the internet either through their computers or mobile technologies. The exponential increase of this crime in the society has become a strong issue that should not be overlooked. The impact of this kind of crime can be felt on the lives, economy and international reputation of a nation. Therefore, this paper focuses on the prominent cybercrimes carried out in the various sectorsin Nigeria and presents a brief analysis of cybercrimes in tertiary institutions in Ekiti-State. In conclusion, detection and prevention techniques are highlighted in order to combat cybercrimes in Nigeria.
READ THE STORY: Research Gate
Kim Dotcom: The Most Wanted Man Online(Video)
FROM THE MEDIA: Tech entrepreneur and owner of the popular file-sharing site, MegaUpload, Kim Dotcom arrived in New Zealand with his family in late 2010. Seeking peace and quiet, Dotcom rented the largest mansion in the land and settled down into an extravagant, luxurious life with his family. In January 2012, it all came crashing down. At the FBI's behest, 70 heavily armed officers stormed the mansion, arresting Dotcom and his coders on a range of charges relating to alleged copyright infringement by MegaUpload. Dotcom refused to be quieted. Once out on bail he continued to make waves, gathering around him an unexpected and contradictory group of bedfellows, throwing raves, starting political parties, provoking the powerful and fighting the charges against him every step of the way. People have an incredibly wide range of views: Is he a bit–stream pirate or a folk hero? An underdog taking on the US superpower or a thief? A wealthy businessman or a freedom–loving anarchist? All of the above?
The Bangladesh Bank Heist(Video)
FROM THE MEDIA: This film investigates one of the world’s biggest and most audacious cyberheists where hackers managed to compromise two of the most respected names in international banking, the SWIFT messaging system and the New York Federal Reserve, taking $81 million in the process. Following the trail of the stolen money from Dhaka, to Manila and New York, journalist Andrew Wilson is on a mission to uncover how the hackers did it and ultimately who they were.
About this Product
These open source products are reviewed from analysts at InfoDom Securities and provide possible context about current media trends in regard to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not specifically endorse any third-party claims made in their original material or related links on their sites, and the opinions expressed by third parties are theirs alone. Contact InfoDom Securities at dominanceinformation@gmail.com