fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Russian Government Warns Of US Retaliatory Cyberattacks

Russian Government Warns Of US Retaliatory Cyberattacks

The Russian government has issued a security warning to organizations in Russia about possible retaliatory cyberattacks by the USA for the SolarWinds breach.

Last month, the SolarWinds network management company disclosed that they suffered a sophisticated cyberattack that led to a supply chain attack affecting 18,000 customers.

The US government believes that this attack was conducted by a Russian state-sponsored hacking group whose goal was to steal cloud data such as email and files from high profile US corporations and government agencies.

In responses to questions about the cyberattack, White House press secretary Jen Psaki indicated that the USA might retaliate in kind to whoever has conducted the attacks.

“We reserve the right to respond at a time and in a manner of our choosing to any cyberattack. But our team is, of course, just getting on the ground today, they’re just getting onto their computers,” NBC News reported.

While Russia has continued to deny its involvement in the attacks, as first reported by ZDNet, the Russia’s NKTsKI issued a warning to Russian organizations to improve their networks’ security.

“In the face of constant accusations of involvement in organizing computer attacks against The Russian Federation by representatives of the United States and their allies, as well as threats from their side “Retaliatory” attacks on critical information infrastructure facilities of the Russian Federation, we recommend take the following measures to improve the security of information resource,” translates NKTsKI’s ALRT-20210121.1 security warning.

Also Read: How To Prevent WhatsApp Hack: 7 Best Practices

Russia’s National Coordination Center for Computer Incidents (NKTsKI) is part of the Federal Security Service (FSB) and was created to detect, prevent, and counter cyberattacks on the country’s infrastructure and businesses.

In an alert translated as “On the threat of targeted computer attacks,” the NKTsKI warns Russian organizations and agencies to perform the following steps to increase network security.

  1. Update your organization’s existing plans, instructions and guidelines for responding to computer incidents.
  2. Inform employees about possible phishing attacks using social engineering.
  3. Conduct an audit of network information security and anti-virus tools, make sure they are correct setting up and functioning on all significant network nodes.
  4. Avoid using third-party DNS servers.
  5. Use multi-factor authentication to remotely access your organization’s network.
  6. Determine the list of trusted software for access to the corporate network and limit the use of funds not included in it.
  7. Make sure the correct logging of network and system events on important elements information infrastructure, organize their collection and centralized storage.
  8. Make sure that you have and the correct frequency of backing up data for important elements of information infrastructure.
  9. Make sure that the existing policies for the differentiation of access rights for devices on the network are correct.
  10. Restrict access to services on the internal network by means of firewalls, when if you need to share them, organize it through the demilitarized zone.
  11. To work with external resources, including the Internet, use terminal access via internal services of the organization.
  12. Update the passwords of all users according to the password policy.
  13. Provide anti-virus protection for incoming and outgoing e-mail.
  14. Monitor system security with increased vigilance.
  15. Make sure you have the necessary security updates for your software.

In the past, the USA has avoided performing public retaliations on other countries that conducted cyberattacks against the USA.

If retaliatory attacks by the US occur, they will likely not be publicly disclosed.

A month later, the USA and affected organizations are still investigating and responding to the SolarWinds supply chain attack. Just this week, Malwarebytes disclosed that the same group behind the SolarWinds breach also gained access to their internal Office 365 email accounts.

Also Read: 15 Best Tools For Your Windows 10 Privacy Settings Setup

We can expect to see further disclosure from US organizations in the future as investigations continue.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us