Cyber war – TC Mech Wars http://tcmechwars.com/ Mon, 16 May 2022 10:26:12 +0000 en-US hourly 1 https://wordpress.org/?v=5.9.3 https://tcmechwars.com/wp-content/uploads/2021/09/tc.png Cyber war – TC Mech Wars http://tcmechwars.com/ 32 32 Tech company behind NHS covid data system moves security operations to UK amid fears of Kremlin cyberattacks https://tcmechwars.com/tech-company-behind-nhs-covid-data-system-moves-security-operations-to-uk-amid-fears-of-kremlin-cyberattacks/ Mon, 16 May 2022 09:43:20 +0000 https://tcmechwars.com/tech-company-behind-nhs-covid-data-system-moves-security-operations-to-uk-amid-fears-of-kremlin-cyberattacks/ Monday, May 16, 2022 9:44 a.m. NHS Fears of a Russian cyberattack have forced the company behind the NHS vaccine rollout to relocate permanently to Britain. Palantir is shifting its security operations from the US to the UK amid concerns over the Kremlin launching an attack on cables laid under the Atlantic Ocean, according to […]]]>

Monday, May 16, 2022 9:44 a.m.

NHS

Fears of a Russian cyberattack have forced the company behind the NHS vaccine rollout to relocate permanently to Britain.

Palantir is shifting its security operations from the US to the UK amid concerns over the Kremlin launching an attack on cables laid under the Atlantic Ocean, according to the Telegraph.

The firm, which works with the Ministry of Defense and helped develop the NHS’s covid data system to track the spread of the virus, is believed to be the biggest company of its kind to establish a base in the UK.

Palantir’s UK director, Louis Mosley, told The Telegraph that “protecting the UK’s most vital public and private organizations has never been more important”.

Since the start of the war in Ukraine, the Kremlin has been accused of launching cyberattacks against Ukrainian and European targets, as well as deceiving British government departments and ministries.

Last week, Palantir reported revenue growth of over 30% for the first three months of 2022.

]]>
NATO moves in Finland and Sweden raise fears of Russian cyberattacks https://tcmechwars.com/nato-moves-in-finland-and-sweden-raise-fears-of-russian-cyberattacks/ Sat, 14 May 2022 17:52:00 +0000 https://tcmechwars.com/nato-moves-in-finland-and-sweden-raise-fears-of-russian-cyberattacks/ Finland and Sweden’s decision to join NATO has raised concerns about possible cyber-retaliation from Russia, which views the alliance’s expansion as a direct threat. Although it is too early to judge how Russia might try to use its cyber capabilities against Finland, Sweden or other NATO members, including the United States, experts said it would […]]]>

Finland and Sweden’s decision to join NATO has raised concerns about possible cyber-retaliation from Russia, which views the alliance’s expansion as a direct threat.

Although it is too early to judge how Russia might try to use its cyber capabilities against Finland, Sweden or other NATO members, including the United States, experts said it would launch probably unsophisticated, small-scale cyberattacks as a form of protest against expansion.

Such attacks would not have the severity of cyber efforts launched by Moscow against Ukraine amid the Russian invasion of that country.

“I think Russia is unlikely to launch the kinds of cyberattacks against Finland and Sweden as they did with Ukraine, mainly because the objectives are different,” said Jason Blessing, a member of the the American Enterprise Institute.

Blessing said that since Russia has no intention, at least for now, of invading Finland or Sweden, it could use different cyber tactics than it used with Ukraine to get his message across.

He added that it is likely that Russia will launch unsophisticated types of attacks including website defacement and distributed denial of service (DDoS) attacks to disrupt enemy networks rather than start a cyber war. in large scale.

“[Attacks] which essentially represent a protest against their application for NATO membership,” Blessing said.

Russia is unhappy with the prospect of Russia and Sweden joining NATO, and earlier this week pledged to take ‘retaliatory action’ if Finland considered joining the military organization of the 30 nations.

Russian President Vladimir Putin sees NATO enlargement as a direct threat. Ukraine’s talk of NATO membership was part of Moscow’s justification for its invasion.

The fact that Finland is now considering NATO membership is also an illustration of how Moscow’s war has gone wrong.

The United States has expressed support for Finland and Sweden joining NATO, and President Biden spoke with the leaders of the two Nordic countries on Friday.

Secretary of State Antony Blinken is also due to meet the foreign ministers of Sweden and Finland and NATO members in Berlin on Saturday, where officials are expected to map out the roadmap for the countries to join the alliance. .

The process would likely move much faster than previous offers in the alliance, as NATO Secretary General Jens Stoltenberg said last month that both nations would be welcome in the organization if they decided to join and could quickly become members.

Potential additions to NATO would be significant as the two countries have long avoided military alliances and sought neutrality.

Finland, which shares an 830-mile border with Russia, last fought the Kremlin in 1944 when it was the Soviet Union. And Sweden has not had a military alliance for over 200 years, choosing instead to cooperate with NATO.

The prospect of retaliation is a real concern for Finland and Sweden.

On Friday, a Finnish transmission system operator announced that a Russian energy company would cut its electricity imports to Finland from Saturday.

Finnish politicians have also warned that Moscow could quickly cut gas to the country, Reuters reported, citing local media. The Kremlin employed such tactics in Poland and Bulgaria last month in response to Western sanctions.

In April, Finland was hit by a denial of service attack that temporarily shut down the websites of the country’s foreign and defense ministries. The attack happened while Ukrainian President Volodymyr Zelensky was addressing the Finnish parliament.

Josephine Wolff, associate professor of cybersecurity policy at Tufts University Fletcher School, said the attack was “a relatively unimpressive, small-scale cyberattack that required no great technological expertise and only resulted in short-term disruption. term”.

“If this kind of [attack] is the extent of cyber capabilities that Russia currently has, so I think it is unlikely that it will be successful in using cyber attacks to retaliate against Finland and Sweden.

Blessing also said that since Russia is already busy fighting Ukraine, it may not have the bandwidth right now to carry out destructive cyberattacks against the two Scandinavian countries and NATO members.

Experts added that Finland and Sweden have much more robust cyber capabilities than Ukraine and would be better placed to defend against Russian cyberattacks.

In fact, Finland recently won a NATO cyber defense competition this year. The annual wargame, held in Estonia, provides technical training for cyber teams from NATO members and allies. Teams compete in a simulation to help them understand how to best defend their networks against cyberattacks.

“It’s a pretty good indication that they have the talent and the ability,” Blessing said.

Still, the United States and other NATO member countries can help the two Nordic countries if they determine they need help in cyberspace. Blessing said it wouldn’t surprise him if the US sent one of its “forward hunting” teams with US Cyber ​​Command to help Finland and Sweden like it had with Ukraine before. the invasion.

Wolff added that it is possible but highly unlikely that such assistance from the United States and other NATO countries could induce Russia to launch destructive cyberattacks against those countries.

“I think it’s unlikely that assisting Finland and Norway would expose the United States – or any other NATO country – to much greater cyberattacks than the assistance already provided to Ukraine,” Wolff said.

For the time being, it is a matter of ensuring that each of the 30 member state governments ratifies Finland and Sweden’s membership in NATO, a precondition for the enlargement of the alliance.

This can be tricky, however, with Turkish President Recep Tayyip Erdoğan expressing his opposition to the expansion of the organization on Friday.

]]>
Costa Rica declares state of emergency in ongoing cyberattack | app https://tcmechwars.com/costa-rica-declares-state-of-emergency-in-ongoing-cyberattack-app/ Thu, 12 May 2022 17:06:14 +0000 https://tcmechwars.com/costa-rica-declares-state-of-emergency-in-ongoing-cyberattack-app/ SAN JOSE, Costa Rica (AP) — After a month of crippling ransomware attacks, Costa Rica has declared a state of emergency. In theory, the measure usually reserved for dealing with natural disasters or the COVID-19 pandemic would free up the government to respond more nimbly to the crisis. President Rodrigo Chaves, who was sworn in […]]]>

SAN JOSE, Costa Rica (AP) — After a month of crippling ransomware attacks, Costa Rica has declared a state of emergency. In theory, the measure usually reserved for dealing with natural disasters or the COVID-19 pandemic would free up the government to respond more nimbly to the crisis.

President Rodrigo Chaves, who was sworn in on Sunday, made the emergency declaration one of his first acts. It was released on Wednesday, but Chaves did not name the members of the National Emergency Commission.

This page requires JavaScript.

Javascript is required for you to play premium content. Please enable it in your browser settings.

kAm%96 564=2C2E:@? C676CD E@ E96 2EE24< r@DE2 #:42 :D DF776C:?8 2E E96 92?5D @7 “4J36C4C:>:?2=D” 2?5 “4J36CE6CC@C:DED]”k^Am

kAm%96 #FDD:2?DA62<:?8 r@?E: 82?8 925 4=2:>65 C6DA@?D:3:=:EJ 7@C E96 2EE24<]{2DE H66< E96 &]$]$E2E6 s6A2CE>6?E @776C65 2S`_ >:==:@? C6H2C5 7@C:?7@C>2E:@? =625:?8 E@ E96:56?E:7:42E:@? @C =@42E:@ ? @7 r@?E:=6256CD]k^Am

kAm%96 2EE24< 3682 ? : ? pAC:= H96? E96 u:?2?46 |:?:DECJ H2D E96 7:CDE E@ C6A@CE E92E 2 ?F>36C @7:ED DJDE6>D H6C6 27764E65:?4=F5:?8 E2I 4@== 64E:? 2?5 4FDE@>D]pEE242? C6D@FC46D DJDE6> 2?5 {23@C |:?:DECJ]k^Am

kAm%96 r@DE2 #:42? 8@G6C?>6?E 92D ?@E C6A@CE65 2? 6IA2?D:@? @7E96 2EE24<[ 3FE D@>6 DJDE6>D[ 6DA64:2==J 2E E96 u:?2?46 |:?:DECJ[ DE:== 2C6 ?@E 7F?4E:@?:?8 ?@C>2==J] %96 8@G6C?>6?E 92D 2=D@ ?@E >256 2? 6DE :>2E6 @7 E96 =@DD6D 42FD65 3J E96 2EE24<]k^Am

kAmr2C=@D p=G2C25@ H2D DE:== AC6D:56?E H96? E96 2EE24]k^Am

kAmx? E96 &]$]$E2E6 s6A2CE>6?E DE2E6>6?E =2DE H66<[ :E D2:5 E96 r@?E: 8C@FA 925 366? C6DA@?D:3=6 7@C 9F?5C65D @7 C2?D@>H2C6 :?4:56?ED 5FC:?8 E96 A2DE EH@ J62CD] “%96 uqx 6DE :>2E6D E92E 2D @7 y2?F2CJ a_aa[ E96C6 925 366? @G6C `[___ G:4E:>D @7 2EE24<D 2DD@4:2E65 H:E9 r@?E: C2?D@>H2C6 H:E9 G:4E:> A2J@FED 6I4665:?8 S`d_[___[___[ >2<:?8 E96 r@?E: #2?D@>H2C6 G2C:2?E E96 4@DE=:6DE DEC2:? @7 C2?D@>H2C6 6G6C 5@4F>6?E65[” E96 DE2E6>6?E D2:5]k^am

kAmx? 255:E:@? E@ E96 C2?D@>H2C6 DE2E6 @7 6>6C86?4J[ r92G6D 2=D@ 6=:>:?2E65 A2?56>:4C6=2E65 @3=:82E@CJ FD6 @7 >2D<D 😕 AF3=:4 DA246D 2?5 :DDF65 2 564C66 E92E FC865 AF3=:4 :?DE:EFE:@?D E@ ?@E D2?4E:@? @77:4:2=D H9@ 92G6 ?@E 366? G244:?2E65 282:?DE r~’xs`h[ C6G6CD:?8 9:D AC65646DD@C’D A@=:4J]k^am

Copyright 2022 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed without permission.

]]>
Data leaked by anonymous hacktivists put Sri Lankans at risk of cybercrime https://tcmechwars.com/data-leaked-by-anonymous-hacktivists-put-sri-lankans-at-risk-of-cybercrime/ Tue, 10 May 2022 10:00:00 +0000 https://tcmechwars.com/data-leaked-by-anonymous-hacktivists-put-sri-lankans-at-risk-of-cybercrime/ As the massive protests against Sri Lankan President Gotabaya Rajapaksa entered their eighth week last month, the hacktivist collective Anonymous showed its support – in a way that alarmed cybersecurity experts and the general public alike. is asked if the organization was doing more harm than good. On April 20, Anonymous, the decentralized collective of […]]]>

As the massive protests against Sri Lankan President Gotabaya Rajapaksa entered their eighth week last month, the hacktivist collective Anonymous showed its support – in a way that alarmed cybersecurity experts and the general public alike. is asked if the organization was doing more harm than good.

On April 20, Anonymous, the decentralized collective of internet activists, hit the websites of the Ceylon Electricity Board, the Sri Lankan Police and the Ministry of Immigration and Emigration using denial of service attacks distributed (DDoS). Twitter handles affiliated with Anonymous said the group launched the #OpSriLanka hashtag in support of the people and was “declare a cyber war against the government.”

Many Sri Lankans had called on the group to intervene, using the hashtag #AnonymousSaveSriLanka on social media. But as part of the attack, anonymous hackers publicly shared thousands of usernames, passwords and email addresses from the Sri Lanka Scholar Database, a private portal that connects students to various higher education institutions and uses the official domain”. lk”. The Pirates posted similar information on agents registered with the Sri Lanka Bureau of Overseas Employment (SLBFE).

“What’s the point of hacking SLBFE?” This website includes[s] details of innocent Sri Lankan employees working overseas. [Rajapaksas] won’t hide their secrets in SLBFE”, a A Twitter user asked.

In addition to violating the privacy of ordinary Sri Lankans, the leaks also put them at risk of cybercrime and phishing attacks, said technology law specialist Ashwini Natesan. Rest of the world.

These people continue to be at risk because “unless fixed, another hacker can access the same database and collect employee passport details and other personally identifiable information, which can be sold on the dark web for around $50,” cybersecurity specialist Asela Waidyalankara Told Rest of the world. “These details can then be used for a number of cybercrimes, such as identity theft.”

In addition to the data leak, a Twitter account affiliated with the Ghost Squad, a politically motivated hacktivist team that is part of Anonymous, shared strategies for attacking the state-owned National Savings Bank, semi-government mobile service provider Mobitel and the digital platform provided by Sri Lanka Telecom for locals to get appointments with doctors. Waidyalankara said that fortunately these systems were not hacked. “If this had taken place, it would have revealed sensitive medical data on individuals.”

Experts say Anonymous’ attack exposed shortcomings in Sri Lanka’s cybersecurity infrastructure at a time when the country is facing the worst economic crisis since its independence in 1948.

Sri Lanka is in economic shambles because foreign remittances have slowed, tourism revenues have suffered from the pandemic, high global oil and gas prices are making everyday life expensive and the government is struggling to borrow from international lenders because of massive foreign debt. Costs of essential goods have soared in the island nation, along with daily power cuts, leading to ongoing anti-government protests across the country.

Given these circumstances, the government may not have the wherewithal to prioritize cybersecurity, which can leave its citizens vulnerable to future threats, experts have said. In March, the Sri Lankan parliament passed data protection legislation, which has not yet entered into force. “The Data Protection Act provides for the protection of personal data against misuse and misuse and has put in place the necessary notification processes. However, it has still not entered into force and the Data Protection Authority has not yet been established under the law,” Natesan said.

Sri Lanka’s technology ministry is “constantly taking extensive precautions against cyberattacks, and these will be further enhanced,” Secretary Jayantha de Silva said. Rest of the world.

If the government prioritizes cybersecurity, it will use taxpayers’ money to limit the damage, “so I don’t see how this attack contributes to the overall cause of the protests,” Waidyalankara said. The true impact of this cyberattack will be understood much later, Waidyalankara added. “If the country’s threat profile for cyberattacks was low to medium before, it would now be between medium and high.”

Meanwhile, the Anonymous attack is being used by some to spread misinformation. On April 22, a Facebook page called Lanka E News published an article in which they claimed to disclose the “hidden wealth” of the ruling Rajapaksa family. Lanka E News said this information was leaked by Anonymous during the cyberattack.

The message, which did not contain hyperlinks to data dumps or documents, claimed that the media houses and popular media personalities who reported on the economic crisis and the protests are implicated in the underhanded dealings of the Rajapaksa family.

Social media analyst Sanjana Hattotuwa, who researched the post, flagged it for “narrative corruption”. Hattotuwa discovered that the message was posted by different accounts at the same time, one of the “inauthentic spread signals”. This is an example of pro-government spreading of disinformation, seeking to derail the movement against President Rajapaksa, Hattotuwa said, adding that “the prevailing public belief that Rajapaksas are corrupt is being instrumentalized.” [by the creator]. “The post was shared on a number of Facebook groups supporting the anti-government protests, including ‘GoHomeGota2022’, which has over 300,000 followers.

]]>
Russia’s annual “Victory Day” celebration takes on a different meaning this year https://tcmechwars.com/russias-annual-victory-day-celebration-takes-on-a-different-meaning-this-year/ Sun, 08 May 2022 11:01:43 +0000 https://tcmechwars.com/russias-annual-victory-day-celebration-takes-on-a-different-meaning-this-year/ On Monday, May 9, Russia will hold its annual celebration marking Germany’s defeat in World War II. Since 1945, Moscow has hosted a grand military parade in Red Square with dignitaries reviewing the troops from the top of the mausoleum which contains Vladimir Lenin’s tomb. During the long twilight of the Cold War, there was […]]]>

On Monday, May 9, Russia will hold its annual celebration marking Germany’s defeat in World War II. Since 1945, Moscow has hosted a grand military parade in Red Square with dignitaries reviewing the troops from the top of the mausoleum which contains Vladimir Lenin’s tomb.

During the long twilight of the Cold War, there was an entire sub-branch of Kremlinology dedicated to analyzing those invited to the mausoleum, its upper floor accommodating about 20 people. This will be the first VE Day parade to see Russia embroiled in conventional warfare in Europe, so the symbolism of who is or is not on the mausoleum may take on greater significance.

To add to the intrigue, reports indicate that Russian President Vladimir Putin is due to undergo cancer surgery soon, temporarily transferring power to Nikolai Patrushev, a former intelligence and security officer who serves as secretary of the Security Council of the Russian Federation. Patrushev is said to be even more ruthless than Putin.

For the past nine years, Army General Sergey Shoygu has presided as parade inspector. For eight of those years, Army General Oleg Salyukov served as the parade commander. Will either resume their roles, given the crippling corruption and incompetence that plagues the Russian military and has occurred under their watch?

It should be noted that General Valery Gerasimov was the parade commander from 2009 to 2012. Putin ordered Gerasimov, the Chief of the General Staff of the Russian Armed Forces, to personally take command of the new offensive of the Russia north of the Donbass basin in eastern Ukraine, He arrived in the region on April 27. Reports suggest he was wounded in the leg on May 1 by a Ukrainian artillery strike.

But Russia’s war against Ukraine did not go as planned. The initial attempt to overthrow the government in kyiv in the days following the February 24 invasion failed. Expectations of a quick victory rested on a wobbly three-legged stool.

The first step was Putin’s own assertion that Ukraine is not a real nation and has always been part of Russia. The second leg was Russia’s relatively easy victory in 2014 in Crimea and the ethnically Russian provinces of Donetsk and Lugansk at a time when Ukraine’s pro-Russian president neglected the armed forces, leaving the largely defenseless nation. The third leg of this now broken stool was constructed from Gerasimov’s theories of so-called modern “Hybrid Warfare”.

In speeches and articles, General Gerasimov has suggested that successful Russian operations achieve informational and psychological dominance over the enemy. To do this, chaos must be sown in the initial period of the war – even before the first kinetic shots are fired. This can only be done by ignoring the traditional boundaries between war and peace, and politics and war. Additionally, and important for Western nations finally sending Ukraine the military equipment, ammunition and spare parts needed to fight, is the fact that hybrid warfare considers the synergy of chaos ( non-linear and non-military tactics) as no longer content to support conventional force, but equivalent to it.

Thus, the widely reported Russian and Chinese cyberattack on Ukrainian networks launched before the official hostilities was a form of sowing chaos, as well as an aggressive exploitation of social media to spread false reports and undermine Ukraine’s standing with western democracies.

That these hybrid tactics weren’t enough to win on the cheap doesn’t mean they don’t have value. It simply means that Ukraine, having had a near-death experience in 2014, has reformed and improved its defenses. Regeneration is an advantage held by representative governments like Ukraine over security states like Russia. Even imperfect representative governments are more adaptable than the most perfect security states.

Thus, Putin needs cancer surgery, Gerasimov is injured, and Russia’s war against Ukraine falters. Looking at the situation — more as a former elected lawmaker than a retired intelligence officer — here are the things I’ll be watching.

First, is Putin really sick and will he go under the knife? For such a powerful and paranoid man with many enemies who probably ordered the assassination of dozens of opponents and dissidents, this decision must weigh heavily. Who can we trust? Although vulnerable, anyone from a number of people could kill him – including Nikolai Patrushev himself.

But the claimed illness brings an advantage to Putin. Putin took personal command of the war in late April, ceding national authority to Prime Minister Mikhail Mishustin. Putin’s direct involvement in a failed war, despite Russia firing more long-range missiles deep into Ukraine, means ‘cancer’ could be a graceful exit or a way to salvage a reputation and a retreat. For Putin, the war might be over, but probably not the war itself.

Russians place great importance on special dates, and few dates are more special than May 9th. Not so long ago, it was suggested that Russia’s revamped offensive against Ukraine to the east and south might have borne enough fruit on May 9 to declare victory, real or real. symbolic. These thoughts sailed through the air like the turret of a Russian tank, landing with a thud in a muddy and bloody reality. Thus, this Victory Day parade will be devoid of triumph.

Look closely at the mausoleum in Red Square for signs of Russia’s future.


Chuck DeVore is Vice President of National Initiatives at the Texas Public Policy Foundation, a former California legislator, Special Assistant for Foreign Affairs in the Reagan-era Pentagon, and Lieutenant Colonel in the Army Reserve (retired). American. He is the author of two books, “The Texas Model: Prosperity in the Lone Star State and Lessons for America” ​​and “China Attacks”, a novel.

]]>
What Happened Today (May 2): NPR https://tcmechwars.com/what-happened-today-may-2-npr/ Mon, 02 May 2022 21:00:31 +0000 https://tcmechwars.com/what-happened-today-may-2-npr/ Hryhorii, a member of the Ukrainian army, kisses his wife Oksana, whom he had not seen for nearly a year, after fleeing the Russian-occupied village of Novomykhailivka and arriving by car at a checkpoint. evacuation for people fleeing Mariupol, Melitopol and surrounding towns under Russian control, Monday, in Zaporizhzhia, Ukraine. Chris McGrath/Getty Images hide caption […]]]>

Hryhorii, a member of the Ukrainian army, kisses his wife Oksana, whom he had not seen for nearly a year, after fleeing the Russian-occupied village of Novomykhailivka and arriving by car at a checkpoint. evacuation for people fleeing Mariupol, Melitopol and surrounding towns under Russian control, Monday, in Zaporizhzhia, Ukraine.

Chris McGrath/Getty Images


hide caption

toggle caption

Chris McGrath/Getty Images


Hryhorii, a member of the Ukrainian army, kisses his wife Oksana, whom he had not seen for nearly a year, after fleeing the Russian-occupied village of Novomykhailivka and arriving by car at a checkpoint. evacuation for people fleeing Mariupol, Melitopol and surrounding towns under Russian control, Monday, in Zaporizhzhia, Ukraine.

Chris McGrath/Getty Images

As Monday draws to a close in Kyiv and Moscow, here are the main developments of the day:

Evacuated from Mariupol and its besieged steelworks makes his way to safety. Over the weekend, an evacuation of around 100 civilians from the Azovstal factory began after numerous failed attempts. Other civilians remain in the sprawling maze beneath the steelworks, alongside thousands of Ukrainian troops who refused to surrender to Russian forces, who shelled and surrounded the area.

Ukrainian officials declared a rocket strike hit the port city of Odessa in southwestern Ukraine, killing a child. The Ukrainian military also said its drone strike sank two other Russian warships in the Black Sea. The Russian Defense Ministry said a strike on a military airfield near Odessa destroyed a runway and a hangar with weapons supplied by Western allies. The Pentagon, meanwhile, has confirmed reports that Russia’s highest-ranking military officer, General Valery Gerasimov, visited the frontline region of Donbass in eastern Ukraine.

European Union Energy Ministers gathered in Brussels to discuss options for dealing with Russia’s decision last week to stop delivering natural gas to Poland and Bulgaria. The bloc is also working on a possible EU-wide ban on imports of Russian oil. EU countries have already banned Russian coal from August.

Israel demands an apology from Russia for its foreign minister’s comments on Nazism. Sergei Lavrov called Adolf Hitler of “Jewish origins” in response to a question about Russia’s claim that it invaded Ukraine to “denazify” the country, which has a democratically elected Jewish president. This is the strongest condemnation of Russia by Israel since the start of the war in Ukraine on February 24.

First lady Jill Biden will travel to Slovakia and Romania later this week to meet Ukrainian refugees, aid workers and teachers educating displaced Ukrainian children and US service members stationed in Romania.

In depth

Ukraine is the focus of attention, but Russian troops are in several former Soviet republics.

Estonia hosts NATO-led cyberwar games, with an eye on Russia.

Angelina Jolie met refugees and volunteers during a surprise visit to Lviv.

Ukraine says it is switching from Soviet weapons to NATO-grade weapons, aiming to be fully “interoperable” with the military alliance.

Where is US military aid to Ukraine making the most difference? A former member of the National Security Council shares his thoughts.

Previous developments

You can read more Monday news here and more daily recaps here. For context and more in-depth stories, you can find NPR’s full coverage here. Also, listen and subscribe to NPR Ukrainian state podcast for updates throughout the day.

]]>
Global Cyber ​​Innovation Summit, CISO’s “invitation-only” event returns in 2022 to set the global cybersecurity agenda https://tcmechwars.com/global-cyber-innovation-summit-cisos-invitation-only-event-returns-in-2022-to-set-the-global-cybersecurity-agenda/ Fri, 29 Apr 2022 13:00:00 +0000 https://tcmechwars.com/global-cyber-innovation-summit-cisos-invitation-only-event-returns-in-2022-to-set-the-global-cybersecurity-agenda/ BALTIMORE–(BUSINESS WIRE)–The Global Cyber ​​Innovation Summit (GCIS), known as the “Davos of cybersecurity,” returns this year to bring together a preeminent group of 2000 world-leading CISO leaders, innovators in cybertechnology, political influencers and members of the cyber investment community to catalyze the industry in creating more effective cyber defenses. The “by invitation only” Global Cybersecurity […]]]>

BALTIMORE–(BUSINESS WIRE)–The Global Cyber ​​Innovation Summit (GCIS), known as the “Davos of cybersecurity,” returns this year to bring together a preeminent group of 2000 world-leading CISO leaders, innovators in cybertechnology, political influencers and members of the cyber investment community to catalyze the industry in creating more effective cyber defenses.

The “by invitation only” Global Cybersecurity Innovation Summit – with representatives from the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA) and the Office of the National Cyber ​​Director (ONCD) – convened in Baltimore for two days of high-level strategic, political and technological discussions on the future of cyber threats and defense. The summit began with opening remarks from Maryland State Secretary of Commerce, R. Michael Gill, and a special welcome from Maryland State Governor, Larry Hogan.

“The National Security Agency has supported the mission objective of the Global Cyber ​​Innovation Summit and has featured Rob Joyce as a thought leader since the program’s inception in 2019,” an NSA spokesperson said.

“This conference is unlike any other in the cybersecurity space, bringing together community thought leaders among Fortune 100 CISOs, CEOs of innovative cybersecurity companies, venture capitalists, decision makers and the community. intelligence to elevate the level of dialogue and facilitate collaboration on how we as a community address the challenges of the ever-changing threat landscape and advance the future of cybersecurity in concrete ways,” said Bob Ackerman, chairman of the GCIS forum and founder of cybersecurity venture capital firm, AllegisCyber, and co-founder of DataTribe, a startup studio specializing in cybersecurity and data science.

GCIS provides a confidential cybersecurity venue for high-level intellectual discourse and peer-to-peer collaboration. The summit featured a series of presentations, panel discussions, fireside chats and briefings by cybersecurity practitioners and thought leaders operating at the forefront of the industry.

Topics this year included “National Security – Call to Action”; “Cybersecurity in 2021 and beyond”; “NSA: cyber defense strategy”; “ONCD: The cyber defense strategy”; “Mission Critical: Emerging Cyber ​​Response to Support Cyber ​​Innovation”; “Cyber ​​2022: State of the Market and Call to Action”; “Transforming Business – The Interaction Between the Board and the C Suite”; “Mission Possible: Preparing for the Next Wave of Cyberattacks”; “Offence and Defence”; “Dodging the Debacles: Growing Supply Chain Concerns”; “Threats from nation states are on the rise: are we ready to disrupt a possible attack? » ; “In Cyberwar…and Peace: The Rising Threat Horizon and the Creation of Digital Trust”; “The New Frontier and the Changing Threat Landscape: The Impact of Current Events on Cybersecurity in 2022 and Beyond”; and “It’s a Matter of Trust: The Cloud Security Approach”.

GCIS President Bob Ackerman and a 17-member advisory board including:

  • Rich Baich, CSO of AIG

  • Roland Cloutier, CISO of TikTok

  • Rajesh De, Partner at Mayer Brown Law and former NSA General Counsel

  • Adam Fletcher, CISO at Blackstone

  • Fred Gibbins, SVP and CISO American Express

  • Ron Gula, Founder of Tenable Network Security

  • George Hoyem, Managing Partner of In-Q-Tel

  • Mike Janke, co-founder of DataTribe

  • John Nai, CISO at PayPal

  • Douglas Powers, Director of Vigilant at Deloitte

  • Jim Routh, CSO of Aetna

  • John Stewart, former Cisco CISO

  • Eli Sugarman, Program Officer, Cyber ​​Initiative

  • Phil Venables, CISO of Google Cloud

  • Deborah Wheeler, CISO at Delta Airlines

  • Tom Wilson, CISO at Southern Company

  • Michael Chertoff, chairman of the Chertoff Group and former U.S. Secretary of Homeland Security

Tribute to 8 disruptive innovators

As part of the summit, eight disruptive early-stage cybersecurity companies, dubbed the “Disrupt 8,” were rewarded by the community and selected to host “TED talks” that outline the industry’s toughest emerging issues. and their innovations, over-solutions on the horizon.

The winners of the GCIS Disrupt 8 2022 prize:

This year’s Global Cyber ​​Innovation Summit took place April 27-28, 2022 at the Sagamore Pendry Hotel, Baltimore, MD.

The date for the Global Cyber ​​Innovation Summit 2023 has been set for April 24-27, 2023 and will take place at the Sagamore Pendry Hotel.

Participation in the Summit is “by invitation only”. To consider an invitation, please contact info@GlobalCyberSummit.org

About the Global Cyber ​​Innovation Summit

The annual Global Cyber ​​Innovation Summit brings together the Global 2000 CISO community, cyber technology innovators, political thought leaders and members of the cyber investment community to exchange ideas, discuss and collaborate to improve the efficiency and effectiveness of cybersecurity strategies and solutions.

]]>
Putting your SOC in the hot seat https://tcmechwars.com/putting-your-soc-in-the-hot-seat/ Wed, 27 Apr 2022 14:40:12 +0000 https://tcmechwars.com/putting-your-soc-in-the-hot-seat/ Today’s security operations centers (SOCs) are stress-tested like never before. As the heart of any organization’s cybersecurity apparatus, SOCs are the first line of defense, running 24/7 operations to monitor attack alerts and address those alerts appropriately before they happen. they do not become total crises. Yet, with ransomware attacks retaining the top spot as […]]]>

Today’s security operations centers (SOCs) are stress-tested like never before. As the heart of any organization’s cybersecurity apparatus, SOCs are the first line of defense, running 24/7 operations to monitor attack alerts and address those alerts appropriately before they happen. they do not become total crises. Yet, with ransomware attacks retaining the top spot as a response to X-Force-like incidents, these crises are unfortunately becoming commonplace.

The best way to prepare for a crisis is to experience one. Ideally, this experience would go through a simulated crisis rather than an actual crisis, although both can provide valuable lessons. Being forced to take on challenges you never fully anticipated, experiencing adrenaline rushes that test your cognitive thinking skills, and racing against time to uncover evidence of an attack in mountains of data can provide valuable insight – and experience – that can make all the difference when a major cyber incident occurs. In other words, it is very useful to put your SOC team on the hot seat and allow them to live fully through a crisis.

Having a plan for a cyberattack is crucial. But actually testing that plan, ideally in an immersive, realistic environment, can be the critical difference between an effective response and rapid containment, or a downward spiral into full cyber disaster, based on X-Force’s experience and observation. working with hundreds of clients. As we previously noted on SecurityIntelligence, “tabletop drills and technical training are important, but they can’t replicate the thrilling, real-world impact of a cyber range.” Indeed, cyber range exercises can test playbooks, teamwork and technical skills and take them to the next level by identifying potential gaps that can refine a response plan so that it is most effective when treated early and retested.

cyberwar game

In the IBM Security X-Force Cyber ​​Range, Cyber ​​War Game exercises aim to test SOC analysts, SOC managers, incident response investigators and other technical security advocates alongside executives business in a simulated crisis scenario. These are hands-on, hands-on exercises where analysts use real-world security tools to investigate a cyber incident, then effectively communicate their evolving findings to C-level executives and business response team members. These drills not only test a team’s technical abilities, but also their ability to communicate within their team as well as with senior executives when details are scarce and the stakes are high.

The Cyber ​​War Game generates data from Security Incident and Event Management (SIEM) systems and Endpoint Detection and Response (EDR) tools, which participants can then organize through the security orchestration, automation and response (SOAR). The tools available for integration into a Cyber ​​War Game are constantly expanding and include not only IBM products, but also tools available elsewhere in the market, allowing participants to customize the experience to match the better than what they would encounter on their own networks.

Leverages incident response expertise

The IBM Security X-Force Incident Response (IR) team assists clients with hundreds of cybersecurity incidents each year, providing detailed threat intelligence in the field, while forensic investigators observe every threat actors at work from the front lines. This idea is then integrated into the Cyber ​​War Game, integrating as much reality as possible into these scenarios.

For example, X-Force IR has observed hundreds of ransomware attacks, allowing our teams to map the most common behaviors of ransomware attackers and the techniques these hackers have found to be most effective. Chief among them are the exploitation of Active Directory, the deployment of ransomware from domain controllers, and the use of professional phishing groups to gain initial access to compromised networks. These and other techniques are incorporated into the scenarios created for Cyber ​​War Games.

Additionally, our IR teams frequently identify multiple different lines of threat activity occurring within the same network and are then tasked with identifying whether the activity originates from the same threat group or from different threat actors. These scenarios are challenging because seemingly conflicting information, attack streams that seem similar but then diverge, and a massive volume of data create a level of chaos that can be difficult to sift through. Participants in the cyber war game noted the realistic element that these multiple lines of activity incorporate into the exercises, mimicking many real-life incidents that required extensive follow-up activity. This realism is a natural result of using information gathered from X-Force’s field incident response team.

Informed by Threat Intelligence

X-Force threat intelligence indicates that in addition to ransomware being the top attack type over the past three years, several other attack types plague organizations and their SOC teams. Data theft is the third most common attack type in the 2022 X-Force Threat Intelligence Index, and credential harvesting, remote access Trojans (RATs), bad Malicious setups and insiders are also relatively common types of attacks, according to data from X-Force. Force infrared. The Cyber ​​War Game seeks to test SOC responders by presenting them with a range of attack types to resolve and investigate. Some of the threats and effects encountered in the Cyber ​​War Game are particularly applicable to organizations with operational technology (OT) environments or sensitive processes and equipment.

In addition to the above, X-Force Threat Intelligence indicates that threats against cloud environments are increasing and threat actors are increasingly spending time exploring various options to penetrate and gain persistence in cloud environments. By integrating threats against cloud environments into Cyber ​​War Game exercises, informed by the methods that X-Force empirically observes threat actors use in this space, participants can get a better sense of the reality of the threat against cloud environments – which is likely to grow overtime.

Now is the time to prepare

Global events demand heightened vigilance from SOC teams and security advocates as ransomware, destructive malware, and DDoS attacks occur at a rapid pace. To effectively address a security incident or crisis, SOC teams must not only be able to sift through massive amounts of data and make the right decision about whether an alert should be escalated and addressed, but must also communicate effectively with senior leaders and acquaintances. how to answer difficult questions at the critical moment. Testing a pressure response plan with all stakeholders — business leaders, human resources, PR teams, SOCs, and incident responders — can help both parties develop the technical and communication skills needed to react appropriately in the event of a crisis. For most organizations, it’s less than whether a cyberattack will occur and more than when — and whether the company will be ready to respond appropriately to the crisis.

Get in on the action

If your organization is interested in participating in an X-Force Range Cyber ​​War Game experience, you can learn more and request a consultation. In addition to Cyber ​​War Game experiences, a Response Challenge focused on effective decision-making for high-level executives, a Mind of a Hacker webinar to improve security awareness, and consulting services to build your own line internal cyber are available from IBM Security.

]]>
Simple steps to follow in a complex cyber threat environment like the maritime sector https://tcmechwars.com/simple-steps-to-follow-in-a-complex-cyber-threat-environment-like-the-maritime-sector/ Mon, 25 Apr 2022 21:12:29 +0000 https://tcmechwars.com/simple-steps-to-follow-in-a-complex-cyber-threat-environment-like-the-maritime-sector/ By Jason P. Atwell, Senior Advisor, Global Intelligence, Mandiant, Inc. As the war in Ukraine drags on, the maritime industry will continue to come under increasing pressure, not the least of which is the exploitation of the environment by cyber threat actors. Russia knows how essential the maritime sector is to its own survival and […]]]>

By Jason P. Atwell, Senior Advisor, Global Intelligence, Mandiant, Inc.

As the war in Ukraine drags on, the maritime industry will continue to come under increasing pressure, not the least of which is the exploitation of the environment by cyber threat actors. Russia knows how essential the maritime sector is to its own survival and to the effectiveness of its adversaries’ military and economic countermovements.

The Black Sea plays a vital role in Russia’s strategic objectives in its invasion of Ukraine, as depriving Ukraine of access to this body of water will severely degrade its independence as a nation state. The Baltic Sea and its ports account for 70-85% of all oil exported from Russia, while the Arctic Ocean and its associated terminals account for most of the rest, meaning that these two bodies of water are critical to the economic health of Russia. The Arctic, in particular, will be crucial to any Russian efforts to free its oil and gas industry from sanctions by bypassing the ports and waters of “hostile” nations. Finally, Russian-flagged ships are quickly banned from most Western ports, further reinforcing the maritime sector as critical to Russia’s ability to sustain its economy and wage war.

On the other side of the equation, deep-sea ports are the most efficient way to get important military cargo to Europe, both to reinforce NATO forces and to ship weapons. heavy to Ukraine. Whether it’s the most advanced Russian threat group or low-level criminals, or even other actors like China and Iran looking to take advantage, it’s probably only a matter of time before a major cyber incident in the maritime domain does not mark this conflict.

So what can ship captains and harbor masters do to survive in this threat environment?

Protecting yourself from Russian hackers or intelligence operatives as well as cybercriminals or hacktivists can seem like a daunting task when the number of security, navigation, technology and training needs are already among the highest of any industry. . The rapid digitization and optimization of maritime supply chains is also resulting in a technology-intensive industry, but also with a much larger attack surface than ever before. Securing and defending this attack surface means a renewed effort to define the roles that the company plays in cybersecurity, especially in the face of a crisis like the war in Ukraine. This means that everyone, from a tugboat crew member to a crane operator to a maintenance worker on an oil rig, can play a role in this effort. The good news is that many of the best practices are relatively simple and can be incorporated into existing security controls and operating procedures.

Starting from a very high level, decision-makers in the maritime sector can re-examine the role of technology in their ability to operate. This means reviewing technology supply chains to analyze exposure to products made in places like China or Russia that could prove vulnerable. It also means revisiting technology risk management. Decision makers should consider the likelihood and impact of disruption of any deployed technology before integrating it into their operations.

Below that, technology operators should ensure more than ever that any equipment that relies on a computer or network connection is appropriately protected, whether through software updates, limiting the physical access or through strong and cyclical passwords. This applies to everything from navigation systems on ships to computers used for planning and inventories in ports. At this level, it is also essential that the fingerprints and signatures of these devices are managed appropriately, i.e. accurate inventories, as well as a complete knowledge of what is and is not networked or connected, are essential to secure them.

Finally, at the individual level, we all play a role in cybersecurity, especially in a rapidly changing threat environment. Do not share passwords, hold each other accountable for poor password practices (sticky notes or repeating patterns, anyone?), be appropriately wary of unsolicited emails, direct messages on social media and cellular texts that could be phishing, and not trusting things like thumb drives when their origin is uncertain. All of these elements together help protect any organization against the most likely and common attacks.

Additionally, collaborative discussions between leadership and team levels need to distinguish the “what ifs” of networks and technology in this environment. Crews must demand that those ashore consider the impact of a new hacked or degraded system on its operators, while those making sourcing decisions must also implement corresponding security checks whenever a system is provided to an operator. Organizations also need strong continuity programs and incident response planning to ensure resilience and survivability in the event of a large-scale breach or ransomware attack.

In today’s cyber threat environment, organizations need to plan for the possibility, not the possibility, of an attack. It’s never too late to put in place the appropriate arrangements and relationships, both internal and external, that will be essential to withstand a cyberattack. Every individual at every level of an organization has an important role to play.

Jason P. Atwell is the Senior Global Intelligence Advisor at Mandiant, Inc., the world leader in dynamic cyber defense and response.

]]>
Cybersecurity in a digital world and the war for talent https://tcmechwars.com/cybersecurity-in-a-digital-world-and-the-war-for-talent/ Sun, 24 Apr 2022 01:02:49 +0000 https://tcmechwars.com/cybersecurity-in-a-digital-world-and-the-war-for-talent/ By Merlin Piscitelli, Chief Revenue Officer, EMEA at Datasite Sophisticated cyberwarfare and growing geopolitical tensions mean that cybersecurity threats are evolving at an even faster pace, affecting entire businesses, their operations and their hard-won reputations. The microchip and electronics powerhouses have recently been hit by cyberattacks, where parts of their business were completely compromised, taken […]]]>

By Merlin Piscitelli, Chief Revenue Officer, EMEA at Datasite

Sophisticated cyberwarfare and growing geopolitical tensions mean that cybersecurity threats are evolving at an even faster pace, affecting entire businesses, their operations and their hard-won reputations.

The microchip and electronics powerhouses have recently been hit by cyberattacks, where parts of their business were completely compromised, taken offline for a few days, and employee accounts exposed. Some of these violations were even committed by the same hacking and extortion group.

As a result, the need to fight cybercrime has become even more important in an increasingly digital and interconnected world. This translates into record levels of investment in cybersecurity, which is becoming a top priority for corporate executives, boards and investors, especially as governments warn of an increased threat from cyber- intrusions following Russia’s invasion of Ukraine.

The cybersecurity boom

Over the past 12 months the cybersecurity industry has achieved double digit growth and there are now nearly 2,000 active businesses in the UK providing cybersecurity products and services. In fact, the UK cybersecurity industry contributed an estimated £5.3 billion to the UK economy in 2021, up a third from 2020, and cybersecurity companies raised more than a billion of external investments in 84 transactions.

Simply put, the demand for cybersecurity has increased dramatically as the pandemic has thrust the digital revolution into hyperdrive. The pandemic has not only accelerated the adoption of digital solutions by consumers, but it has also accelerated companies’ digitization strategies.

As cybercriminals rise to the challenge, businesses now need cybersecurity solutions to protect a host of new entry points. However, with more than 2.5 million cybersecurity jobs available and the war for talent rapidly escalating, the industry is feeling the strain as pressure mounts for more defenses.

Closing the “skills gap”

Despite the rapidly growing market, the UK’s cybersecurity talent pool falls short at around 10,000 people a year. In fact, the cyber skills shortage in the UK has increased by more than a third in the last 12 months and cybersecurity is now the most sought-after tech skill in the UK.

With more than half, 54%, of UK CEOs believing that cybersecurity presents the best opportunity for TMT deals over the next year, demand will quickly outstrip the supply of expertise unless drastic measures are taken. be taken.

Market demand and the talent war

Companies have reacted to this in different ways. When asked what are the key strategic drivers for recent and future cross-border tech acquisitions, a third of UK M&A professionals surveyed cited access to skilled/specialist talent.

To continue to stay ahead of cyberattacks and manage risk, businesses must also invest in their workforce to ensure they have access to the resources needed to protect their digital ecosystem and support the ‘commercial activity.

Upgrading the skills of people already working in technology, as well as attracting newcomers, will be key to filling the current labor gap. To truly overcome the war for talent, companies will need to recognize the correlation between skills shortages and lack of inclusiveness and bring more meaningful levels of diversity to the sector.

However, tackling this current skills mismatch cannot be left to business alone and requires a united effort from governments, industry and academia. Awareness campaigns encouraging universities, schools and training organizations to promote cybersecurity as an exciting field with vast career opportunities can also go a long way in addressing the current imbalance.

Only by investing in cybersecurity talent will we have enough people with the expertise required to protect organizations’ digital ecosystems as the threat landscape becomes more diverse.

This article was submitted by an external contributor and may not represent the views and opinions of Benzinga.

© 2022 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.

]]>