fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

US Indicts Russian GRU ‘Sandworm’ Hackers For NotPetya, Worldwide Attacks

https://open.spotify.com/show/3Gmj15x6cGrgJEzmGnDTTj

US Indicts Russian GRU ‘Sandworm’ Hackers For NotPetya, Worldwide Attacks

The U.S. Department of Justice has charged six Russian intelligence operatives for hacking operations related to the Pyeongchang Winter Olympics, the 2017 French elections, and the notorious NotPetya ransomware attack.

Believed to be part of the elite Russian hacking group known as “Sandworm”, the indictment states that all six individuals are part of the Russian Main Intelligence Directorate known as GRU.

“No country has weaponized its cyber capabilities as maliciously or irresponsibly as Russia, wantonly causing unprecedented damage to pursue small tactical advantages and to satisfy fits of spite,” said Assistant Attorney General for National Security John C. Demers.

The US indicted Yuriy Sergeyevich Andrienko, 32; Sergey Vladimirovich Detistov, 35; Pavel Valeryevich Frolov, 28; Anatoliy Sergeyevich Kovalev, 29; Artem Valeryevich Ochichenko, 27; and Petr Nikolayevich Pliskin, 32.

Also Read: Deemed Consent PDPA: How Do Businesses Comply?

They are all charged with conspiracy to conduct computer fraud and abuse, conspiracy to commit wire fraud, wire fraud, damaging protected computers, and aggravated identity theft.

FBI GRU

The hacking activities they were indicted for include:

  • Ukrainian Government & Critical Infrastructure: December 2015 through December 2016 destructive malware attacks against Ukraine’s electric power grid, Ministry of Finance, and State Treasury Service, using malware known as BlackEnergy, Industroyer, and KillDisk;
  • French Elections: April and May 2017 spearphishing campaigns and related hack-and-leak efforts targeting French President Macron’s “La République En Marche!” (En Marche!) political party, French politicians, and local French governments prior to the 2017 French elections;
  • Worldwide Businesses and Critical Infrastructure (NotPetya): June 27, 2017 destructive malware attacks that infected computers worldwide using malware known as NotPetya, including hospitals and other medical facilities in the Heritage Valley Health System (Heritage Valley) in the Western District of Pennsylvania; a FedEx Corporation subsidiary, TNT Express B.V.; and a large U.S. pharmaceutical manufacturer, which together suffered nearly $1 billion in losses from the attacks;NotPetya attackNotPetya attack
  • PyeongChang Winter Olympics Hosts, Participants, Partners, and Attendees: December 2017 through February 2018 spearphishing campaigns and malicious mobile applications targeting South Korean citizens and officials, Olympic athletes, partners, and visitors, and International Olympic Committee (IOC) officials;PyeongChang Winter Olympics spearphishing examplePyeongChang Winter Olympics spearphishing example
    Source: Indictment
  • PyeongChang Winter Olympics IT Systems (Olympic Destroyer): December 2017 through February 2018 intrusions into computers supporting the 2018 PyeongChang Winter Olympic Games, which culminated in the Feb. 9, 2018, destructive malware attack against the opening ceremony, using malware known as Olympic Destroyer;
  • Novichok Poisoning Investigations: April 2018 spearphishing campaigns targeting investigations by the Organisation for the Prohibition of Chemical Weapons (OPCW) and the United Kingdom’s Defence Science and Technology Laboratory (DSTL) into the nerve agent poisoning of Sergei Skripal, his daughter, and several U.K. citizens; and
  • Georgian Companies and Government Entities: a 2018 spearphishing campaign targeting a major media company, 2019 efforts to compromise the network of Parliament, and a wide-ranging website defacement campaign in 2019.

In rare detail, the Department of Justice has detailed each charged person with the specific activity and operations that they were involved in.

Defendant Summary of Overt Acts
Yuriy Sergeyevich Andrienko · Developed components of the NotPetya and Olympic Destroyer malware.
Sergey Vladimirovich Detistov · Developed components of the NotPetya malware; and· Prepared spearphishing campaigns targeting the 2018 PyeongChang Winter Olympic Games.
Pavel Valeryevich Frolov · Developed components of the KillDisk and NotPetya malware.
Anatoliy Sergeyevich Kovalev · Developed spearphishing techniques and messages used to target:- En Marche! officials;- employees of the DSTL;- members of the IOC and Olympic athletes; and- employees of a Georgian media entity.
Artem Valeryevich Ochichenko · Participated in spearphishing campaigns targeting 2018 PyeongChang Winter Olympic Games partners; and· Conducted technical reconnaissance of the Parliament of Georgia official domain and attempted to gain unauthorized access to its network.
Petr Nikolayevich Pliskin · Developed components of the NotPetya and Olympic Destroyer malware.

One of the indicted people, Anatoliy Sergeyevich Kovalev, was previously charged in 2018 for hacking the DNC and running the DCLeaks site.

Also Read: 10 Principles On How To Build A Good Governance Model

NotPetya has previously been attributed to the Sandworm group, also known as BlackEnergy and TeleBots. They were also tied to the KillDisk wiper attacks targeting Ukrainian banks and sea transportation companies.

The cyberattacks targeting the 2017 French election were previously attributed to another state-sponsored Russian hacking group known as Fancy Bear.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us