fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

EU Officially Blames Russia For ‘Ghostwriter’ Hacking Activities

EU Officially Blames Russia For ‘Ghostwriter’ Hacking Activities

The European Union has officially linked Russia to a hacking operation known as Ghostwriter that targets high-profile EU officials, journalists, and the general public.

“These malicious cyber activities are targeting numerous members of Parliaments, government officials, politicians, and members of the press and civil society in the EU by accessing computer systems and personal accounts and stealing data,” European Council officials said in a press release today.

“Such activities are unacceptable as they seek to threaten our integrity and security, democratic values and principles and the core functioning of our democracies.”

The EU officials added that these hacking activities are in stark contrast to normal state behavior endorsed by all UN member states.

The attacks are also seen as clear attempts to undermine EU’s democratic institutions and processes, including but not limited to enabling disinformation and information manipulation.

Also Read: Best Privacy Certification: 3 Simple Steps On How To Achieve

Linked to Russia’s GRU military intelligence service

The Ghostwriter “malicious cyber activities” were also connected by Germany to the GRU military intelligence service earlier this month, with German Foreign Ministry spokeswoman Andrea Sasse saying that the German parliament was targeted at least three times this year.

Sasse’s statement came after German security authorities detected multiple attempts to steal personal login details of German lawmakers before the September 26 federal election, likely as part of a preparation effort for disinformation campaigns

“The German government has reliable information on the basis of which Ghostwriter activities can be attributed to cyber actors of the Russian state and, specifically, Russia’s GRU military intelligence service,” Sasse said.

In March, Germany also said that the Ghostwriter Russian military intelligence hacking group is the main suspect behind a spearphishing attack that targeted multiple Parliament members.

They are believed to have breached the email accounts of seven members of the German federal parliament (Bundestag) and 31 members of German regional parliaments.

“The European Union and its Member States strongly denounce these malicious cyber activities, which all involved must put to an end immediately. We urge the Russian Federation to adhere to the norms of responsible state behaviour in cyberspace,” the European Council added today.

Also Read: Computer Misuse Act Singapore: The Truth And Its Offenses

“The European Union will revert to this issue in upcoming meetings and consider taking further steps.”

Who is Ghostwriter?

Ghostwriter has been coordinating “information operations,” pushing various narratives aligned with Russian security interests beginning with March 2017, according to a 2020 report from cybersecurity firm FireEye.

These attacks continued through 2021, with FireEye identifying over twenty additional incidents believed to be part of Ghostwriter activity.

“The Ghostwriter campaign leverages traditional cyber threat activity and information operations tactics to promote narratives intended to chip away at NATO’s cohesion and undermine local support for the organization in Lithuania, Latvia, and Poland,” FireEye said.

This hacking group used fabricated personas posing as analysts and journalists to target Lithuanian, Latvian, and Polish audiences with anti-North Atlantic Treaty Organization (NATO) narratives disseminated via spoofed email accounts and compromised websites.

APT28 members sanctioned for a similar attack

The Council of the European Union also sanctioned multiple members of the Russian state-backed APT28 hacking group in October 2020 for compromising several Bundestag members’ email accounts in 2015.

The same month, the US Cyber Command also shared info on malware implants used by Russian state hackers in attacks targeting national parliaments, ministries of foreign affairs, and embassies.

In August 2020, Norway disclosed a strikingly similar attack that led to the breach of email accounts belonging to Norwegian Parliament representatives and employees.

Norway’s Minister of Foreign Affairs Ine Eriksen Søreide revealed that the August attack was coordinated by Russian state hackers who stole data from each of the hacked accounts and the Norwegian Police Security Service said APT28 was likely behind the operation.

In February 2021, the National Security and Defense Council of Ukraine (NSDC) also linked Russian-backed state hackers to an attack against the Ukrainian government attempting to breach state agencies after compromising the government’s document management system.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us