Tuesday, March 22, 2022 // (IG): BB //Weekly Sponsor: DiyGarage SoCal
Elon Musk’s SpaceX is winning new customers from the war in Ukraine, as sanctions clip Russian rocket launches
FROM THE MEDIA: Satellite internet provider OneWeb has been forced to ask its competitor SpaceX for help launching its satellites into orbit after the British firm's previous launch partner—Russia's state-owned Roscosmos—tried to pressure the company into rebuking Ukraine war sanctions. Much like SpaceX's Starlink, OneWeb is launching a constellation of satellites to deploy a wireless internet connection service. But OneWeb's recent satellite launches have been suspended since early March after Roscosmos, the Russian space agency, demanded the company comply with certain demands to retaliate against U.K. sanctions. Days before a scheduled launch of 36 satellites on a Russian Soyuz rocket from the Baikonur Cosmodrome in Kazakhstan, Roscosmos director general Dmitry Rogozin demanded that OneWeb promise its satellites would not be used for military purposes.
READ THE STORY: Fortune
A QUICK LOOK:
"It's coming": President Biden warns of "evolving" Russian cyber threat to U.S.
FROM THE MEDIA: President Biden warned Monday that "evolving intelligence" suggests Russia is exploring options for potential cyber attacks targeting U.S. critical infrastructure. "The magnitude of Russia's cyber capacity is fairly consequential," Mr. Biden said, addressing the Business Roundtable, an association of some of the nation's largest corporations. "And it's coming." While there's no evidence of any specific cyber attack threat, Anne Neuberger, Mr. Biden's deputy national security adviser for cyber and emerging technology, told reporters Monday afternoon that U.S. officials have observed "preparatory work" linked to nation-state actors. Such activity could indicate increased levels of scanning websites and hunting for vulnerabilities among U.S. companies. Further details on U.S. intelligence remain unclear, but as Moscow could look for ways to retaliate against economic sanctions imposed following their invasion of Ukraine, potential targets include the U.S. financial sector, electric grid, water treatment plants and hospitals.
READ THE STORY: CBSNEWS
A QUICK LOOK:
The Cybersecurity Community Is on High Alert Over Russia. There Is Room for Optimism.
FROM THE MEDIA: As the crisis in Ukraine has devolved into a full invasion by the Russian military—and the United States alongside international partners have begun responding to this aggression—many are rightfully wondering what we might anticipate with respect to cyber attacks in this next phase of the conflict. Facing the prospect of a continued military campaign by Russia, what could escalation in cyberspace look like, and how ready is the private sector to deal with potential attacks? While Russia’s cyber capabilities are well known and should be taken seriously, the last several years of constant ransomware attacks have made the private sector more resilient to facing this crisis. In both the run-up to the invasion and in the early days of the conflict to date, we have witnessed suspected Russian disinformation campaigns and intrusions by cyber espionage groups against Ukrainian targets. There have also been more destructive attacks, such as the usage of wiper malware that can erase data and corrupt systems. Some of these attacks have been coupled with a psychological component designed to wear down a target’s resistance.
READ THE STORY: Barrons
A QUICK LOOK:
OpenSSL vulnerability can ‘definitely be weaponized,’ NSA cyber director says
FROM THE MEDIA: A cryptographic vulnerability in the Tonelli Shanks modular algorithm, which is used in popular cryptographic library OpenSSL, can lead to denial-of-service attacks and can “definitely be weaponized” in the current threat environment, according to an NSA official. The bug — discovered by two Google employees, security researcher Tavis Ormandy and software engineer David Benjamin, and is being tracked under CVE-2022-0778 — affects the BN_mod_sqrt() function in OpenSSL, which is used to compute the modular square root and parses certificates that use elliptic curve public key encryption. This process can be exploited if an attacker submits a certificate with broken curve parameters, thus triggering an infinite loop in the program and leading to a denial of service. “Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack,” OpenSSL said in a March 15 security advisory. “The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters.”
READ THE STORY: SCMagazine
A QUICK LOOK:
The Cyber-Delusion: Digital Threats Are Manageable, Not Existential
FROM THE MEDIA: When Russian forces launched their invasion of Ukraine last month, governments and experts worldwide warned about the danger of catastrophic cyberattacks. Indeed, in the days leading up to Moscow’s invasion, hackers defaced Ukrainian websites, unleashed malware on government systems, and targeted the country’s banking system—albeit with limited effect. Although no cyber-Armageddon has materialized, officials increasingly fear that Russia might eventually step up its efforts and even target the United States. Russia’s invasion is no doubt catastrophic. But in reacting to it and preparing for what comes next, leaders in Washington and elsewhere should eschew the alarmism that has long warped cybersecurity policy. Mike Mullen, then chairman of the Joint Chiefs of Staff, claimed in 2011 that “the single biggest existential threat out there, I think, is cyber.” The following year, his successor, Martin Dempsey, noted that “a cyberattack could stop our society in its tracks.” Former Defense Secretary Leon Panetta sternly warned in 2012 of an impending “digital Pearl Harbor.” Nicole Perlroth, a cybersecurity reporter at The New York Times, has routinely asked insiders when “a cyber-enabled cataclysmic boom will take us down” and has always been told “18 to 24 months.” She began her survey well over 100 months ago.
READ THE STORY: Foreignaffairs
A QUICK LOOK:
Colin McLean: Ukraine crisis brings new pressure to troubled global food supply system
FROM THE MEDIA: Inflation fears have recently focused on energy, but food may soon demand more attention. Even before the Ukraine war, supply in some key agricultural products was being squeezed, with soaring prices. Now, loss of supply from Ukraine and Russia has combined with price pressures on fertilizer and diesel to bring new challenge to Europe. Europe buys around 40 per cent of Ukraine’s agricultural exports. In many countries this will add to pressure on real incomes and to inequalities. Scotland could be forced to rethink food policy and accelerate moves to resilience and supply security. With a perfect climate and geology for agriculture, Ukraine was known as the “bread basket of Europe”. This combination of fertile plains and favourable climate made the country the leading global exporter of sunflower oil and in the top five for wheat, maize and rapeseed. Sunflower oil is an ingredient in many prepared foods, including baby food. Disruption to spring planting will hit this year’s crop with likely continuing consequences for future years. Ukraine’s grain exports from Black Sea ports are suspended. Key commodities prices have already risen by 30% or more, making UK food inflation likely to more than double the previously expected 5%.
READ THE STORY: The Herald // Bloomberg
A QUICK LOOK:
‘We strike at night, when the Russians sleep’ — How Ukraine is stalking Russian armor with drones
FROM THE MEDIA: It has been nearly a month since Russia launched its invasion of Ukraine. Russian troops remain outside Kharkiv and the capital of Kyiv. The past several weeks have seen heavy and brutal combat, cities under siege and civilian casualties, convoys ambushed, Russian tanks and trucks destroyed. But for a fleet of Ukrainian drones, it’s a target-rich environment. “We strike at night, when the Russians sleep,” said Yaroslav Honchar, commander of Aerorozvidka, a Ukrainian drone unit, in an interview with The Times of London on Friday. Russian troops are dispersing into towns and villages in an attempt to avoid artillery strikes, Honchar told The Times of London. However, that doesn’t protect them from Ukraine’s drone operators, who are piloting anything they can get their hands on, from consumer drones found at Wal-Mart, to the now-vaunted Bayraktar TB2 Turkish aircraft. Before the invasion, Ukraine reportedly had around 20 Bayraktar drones, but the country is now using everything up to and including cheap, commercially bought drones to drop munitions on Russian targets. “In the night it’s impossible to see our drones,” said an Aerorozvidka soldier to the Times of London. “We look specifically for the most valuable truck in the convoy and then we hit it precisely and we can do it really well with very low collateral damage — even in the villages it’s possible. You can get much closer at night.”
READ THE STORY: Taskandpurpose
A QUICK LOOK:
Spike In Cyberterrorism Opens The Door For CrowdStrike
FROM THE MEDIA: CrowdStrike has been riding the cyberthreat tailwind since 2011, when it was founded. The fast-growing Sunnyvale, Calif.-based company provides cybersecurity to 15 of the 20 largest banks, and 77 of the Fortune 100. Those private sector clients are especially worried about new threats in the aftermath of the Ukrainian invasion. State sponsored hacking groups out of Russia, China, and North Korea are using sophisticated tools to embed malware deep inside of the biggest networks. In many cases, malicious code can go undetected for months, infecting millions of computers. The Colonial pipeline was devastated in May 2021 by cyber terrorists. The 5,500-mile pipeline transports 100 million barrels per day of gasoline and other fuel products to the eastern United States. Attackers distributed malware through email, then demanded a ransom to restore services. Gasoline futures by spiked 3% and have remained above trend since that time, according to a report from Reuters. Two months later Jennifer Granholm, the Energy Secretary said that bad actors gained the ability to shut down the U.S. power grid. CrowdStrike’s cloud-based software collects threat data across all of the connected devices, analyses the information using artificial intelligence, then seamlessly updates all endpoints.
READ THE STORY: Forbes
A QUICK LOOK:
How Israel Became a Top Cyber Power
FROM THE MEDIA: The world’s second-largest cybersecurity cluster is Israel, with 12 percent of the 500 largest global cybersecurity firms, after 32 percent in San Francisco metropolitan area. A vibrant innovation ecosystem boasts dozens of large companies, 470 active cybersecurity start-ups, the most venture capital per capita, and a strong talent pool. Already in 2014, Israel’s civilian cybersecurity exports were three times higher than the target the United Kingdom set for 2016. Isolating a cybersecurity category serves investment analysts, but in reality, digital businesses embed cybersecurity. Since a typical Israeli start-up ends up acquired by an American firm or going public on the Nasdaq, Israeli-made innovation is even more prominent. Google and Microsoft were the most active corporate buyers of Israeli companies since 2014, acquiring ten and eight companies, respectively. Consider hardware: Apple, Broadcom, Qualcomm, Nvidia design their chips in Israel; Google and Amazon follow suit. Intel has been designing CPUs and other chips in Israel for decades.
READ THE STORY: National Interest
A QUICK LOOK:
Conti Ransomware V. 3, Including Decryptor, Leaked
FROM THE MEDIA: The latest is a fresher version of the ransomware pro-Ukraine researcher ContiLeaks already released, but it’s reportedly clunkier code. Pro-Ukraine security researcher @ContiLeaks yesterday uploaded a fresher version of Conti ransomware than they had previously released – specifically, the source code for Conti Ransomware V3.0 – to VirusTotal. ContiLeaks posted a link to the code on Twitter. The code includes a compiled locker and decryptor, according to vx-underground, which has been archiving the leaks. The archive is password-protected, but the password is easy to figure out, according to replies to ContiLeaks’ release. ContiLeaks followed up in a few hours by thumbing their nose at the pro-Russia law enforcement that the researcher said is looking for them in the UA – in other words, in Ukraine. “i can tell you good luck mf!” ContiLeaks tweeted, using another acronym that probably doesn’t need explaining.
READ THE STORY: Threatpost
A QUICK LOOK:
Items of interest
Ransomware attacks on U.S. supply chain are undermining national security, CBP bulletin warns(Article)
FROM THE MEDIA: Ransomware attacks on the supply chain are undermining national security, according to a U.S. Customs and Border Protection intelligence bulletin obtained by Yahoo News, and will cause further congestion at ports of entry and delays in shipping nationwide. Hackers and ransomware groups are targeting American logistics and shipping companies, the bulletin states, and the ongoing attacks threaten to cripple the already strained supply chain, limiting customs enforcement capabilities and undermining national security. “Cybercriminals are targeting multibillion-dollar industries, including the logistics supply chain to make a profit, disrupt international economies and trade, and cause social, economic and potentially political instability,” states the CBP bulletin, which is dated March 7. On Monday, President Biden announced new measures to defend against the threat of cyberattacks from Russia.
READ THE STORY: Modern diplomacy
A glitch that disrupted 80% of rail traffic in Poland(Video)
Polish authorities noticed disruption to the railway network early this morning, citing 'faults in control devices' in several local railway traffic management centers. The disruption caused delays, and some trips were canceled altogether, wpr24.pl reported. According to Andrzej Adamczyk, Poland's Minister of Infrastructure, a glitch in the traffic control system made by France's Alstom caused the disruption. "PKP PLK (train operator) is working tirelessly to minimize the effects of the outage, which affected around 80% of rail traffic in Poland," Adamczyk said in a tweet. Polish authorities report that the same failure disrupted train traffic in India, Thailand, Peru, Italy, Sweden, and the Netherlands. Alstom's general manager for Poland, Slawomir Cyza, told Reuters the outage was linked to a 'data encoding' problem. "Alstom is aware of a time formatting error which currently affects the availability of the rail network, and therefore rail transport in Poland," Cyza said. PKP PLK later stated that the problem was close to solving, and train services were being restored in 10 locations all over Poland. 'Device malfunction' was confirmed to be a key reason behind the disruption in train services.
Viasat chairman on recent hack: Can't confirm whether Russia was behind cyber attack(Video)
FROM THE MEDIA: Mark Dankberg, Viasat chairman, joins 'Squawk on the Street' to discuss the hack on the company's services, how companies fortify satellite operations and humanitarian assistance Viasat has done.
About this Product
These open source products are reviewed from analysts at InfoDom Securities and provide possible context about current media trends in regard to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not specifically endorse any third-party claims made in their original material or related links on their sites, and the opinions expressed by third parties are theirs alone. Contact InfoDom Securities at dominanceinformation@gmail.com