fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

US Govt Warns of Russian Hackers Targeting Critical Infrastructure

US Govt Warns of Russian Hackers Targeting Critical Infrastructure

The FBI, CISA, and the NSA have warned critical infrastructure network defenders to be ready to detect and block incoming attacks targeting organizations from US critical infrastructure sectors orchestrated by Russian-backed hacking groups.

Advanced persistent threat (APT) actors linked to Russia have been observed attacking a wide range of US organizations using various effective tactics to breach their networks, ranging from spearphishing and brute-forcing accounts to exploiting a large variety of known security vulnerabilities.

“Russian state-sponsored APT actors have also demonstrated sophisticated tradecraft and cyber capabilities by compromising third-party infrastructure, compromising third-party software, or developing and deploying custom malware,” the joint advisory reads.

Also Read: The 7 Fundamental Guide on SOP for Social Media Marketing

“The actors have also demonstrated the ability to maintain persistent, undetected, long-term access in compromised environments—including cloud environments—by using legitimate credentials.

“In some cases, Russian state-sponsored cyber operations against critical infrastructure organizations have specifically targeted operational technology (OT)/industrial control systems (ICS) networks with destructive malware.”

The three federal agencies highlight the following attacks where Russian APT groups — including APT29APT28, and the Sandworm Team — have used destructive malware to specifically target industrial control systems (ICS) and operational technology (OT) networks belonging to critical infrastructure orgs worldwide:

  • Russian state-sponsored APT actors targeting state, local, tribal, and territorial (SLTT) governments and aviation networks, September 2020, through at least December 2020. Russian state-sponsored APT actors targeted dozens of SLTT government and aviation networks. The actors successfully compromised networks and exfiltrated data from multiple victims.
  • Russian state-sponsored APT actors’ global Energy Sector intrusion campaign, 2011 to 2018. These Russian state-sponsored APT actors conducted a multi-stage intrusion campaign in which they gained remote access to U.S. and international Energy Sector networks, deployed ICS-focused malware, and collected and exfiltrated enterprise and ICS-related data.
  • Russian state-sponsored APT actors’ campaign against Ukrainian critical infrastructure, 2015 and 2016. Russian state-sponsored APT actors conducted a cyberattack against Ukrainian energy distribution companies, leading to multiple companies experiencing unplanned power outages in December 2015. The actors deployed BlackEnergy malware to steal user credentials and used its destructive malware component, KillDisk, to make infected computers inoperable. In 2016, these actors conducted a cyber-intrusion campaign against a Ukrainian electrical transmission company and deployed CrashOverride malware specifically designed to attack power grids.

US critical infrastructure orgs exposed to Russian-backed cyber operations are advised to focus on detecting their malicious activity by enforcing robust log collection/retention and looking for behavioral evidence or network and host-based artifacts.

If they detect any potential Russian-linked APT activity while monitoring their IT or OT networks, they’re also encouraged to isolate all potentially affected systems, secure their backups, collect evidence of the potential breach, and report the incident to CISA or the FBI after asking IT experts’ help with incident response tasks.

Warnings of Russian APTs targeting US orgs

This joint advisory follows an NCSC(UK)-CISA-FBI-NSA joint security advisory issued in May 2021 to urge network defenders to patch their systems as promptly as possible to match the speed with which Russian-sponsored SVR hackers (aka APT29, Cozy Bear, and The Dukes) were changing targets in their attacks.

That warning came after US and UK governments attributed the SolarWinds supply-chain attack and COVID-19 vaccine developer targeting to Russian SVR operators’ cyber-espionage efforts from April 2021.

Also Read: 7 Principles of Personal Data Processing

The NSA, CISA, and the FBI also informed organizations and service providers on the same day regarding the top five vulnerabilities exploited in SVR attacks against US interests.

In a third joint advisory published in April, the FBI, DHS, and CIA alerted US orgs of continued attacks linked to the Russian SVR against the US and foreign organizations.

In July, the US government also announced it’s offering a reward of up to $10 million through its Rewards for Justice (RFJ) program for info on malicious cyber activities conducted by state-sponsored threat actors targeting the country’s critical infrastructure sectors.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us