fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

EU Sanctions Russian Hackers Over 2015 German Parliament Attack

EU Sanctions Russian Hackers Over 2015 German Parliament Attack

The Council of the European Union today announced sanctions imposed on Russian military intelligence officers part of the 85th Main Centre for Special Services (GTsSS) for their involvement in a 2015 hack of the German Federal Parliament (Deutscher Bundestag).

EU’s sanctions include both travel bans and asset freezes and also block EU organizations and individuals from making fund transfers to sanctioned entities and individuals.

“Sanctions are one of the options available in the Union’s framework for a joint diplomatic response to malicious cyber activities (the so-called cyber diplomacy toolbox), and are intended to prevent, discourage, deter and respond to continuing and increasing malicious behaviour in cyberspace,” a press release published earlier reads.

Also Read: Going Beyond DPO Meaning: Ever Heard of Outsourced DPO?

German Chancellor also affected in the attack

Dmitry Sergeyevich Badin and Igor Olegovich Kostyukov are the two military intelligence officers sanctioned today, both of them known members of the GTsSS (an APT group also tracked as APT28, Fancy Bear, Sofacy Group, Sednit, and Strontium) which is also a target of today’s restrictive measures imposed by the Council of the EU decision.

Kostyukov is also the current Head of the Main Directorate of the General Staff of the Armed Forces of the Russian Federation (GU/GRU) after previously occupying the First Deputy Head position according to the same decision published today.

“In this capacity, Igor Kostyukov is responsible for cyber-attacks carried out by the GTsSS, including those with a significant effect constituting an external threat to the Union or its Member States,” the Council explains.

Members of this elite Russian military hacking unit were also charged by the US for hacking the Democratic National Committee (DNC) and the Democratic Congressional Campaign Committee (DCCC) in 2016, before that year’s Presidential Election.

The Deutscher Bundestag attack affected the parliament’s operation for multiple days during April and May 15, leading to the compromise of several parliament members’ email accounts.

“This cyber-attack targeted the parliament’s information system and affected its ability to operate for several days,” the Council of the EU adds.

“A significant amount of data was stolen and the email accounts of several members of parliament, including that of Chancellor Angela Merkel, were affected.”

One-year-old legal framework

The legal framework that allowed these sanctions was established by the Council of the EU on May 17, 2019, and it was first used in July 2020 when the EU sanctions imposed on Unit 74455 of Russia’s foreign military intelligence service, as well as on front companies for Chinese and North Korean hacking groups that orchestrated cyber-attacks targeting the EU and its member states.

The framework allows “the EU to impose targeted restrictive measures to deter and respond to cyber-attacks which constitute an external threat to the EU or its member states, including cyber-attacks against third States or international organisations where restricted measures are considered necessary to achieve the objectives of the Common Foreign and Security Policy (CFSP).”

Also Read: Limiting Location Data Exposure: 8 Best Practices

It is also specifically designed to allow the EU to sanction persons and entities responsible for both attempted and successful cyber-attacks, if they are either involved or provide support to the individuals or the groups behind the attacks.

“The EU recognizes that cyberspace offers significant opportunities, but also presents continuously evolving challenges,” the Council said.

“It is concerned at the rise of malicious behavior in cyberspace that aims at undermining the EU’s integrity, security and economic competitiveness, with the eventual risk of conflict.”

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us