fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

White House Pins Ukraine DDoS Attacks on Russian GRU Hackers

White House Pins Ukraine DDoS Attacks on Russian GRU Hackers

Today, the White House has linked the recent DDoS attacks that knocked down the sites of Ukrainian banks and defense agencies to Russia’s Main Directorate of the General Staff of the Armed Forces (also known as GRU).

“The US government believes that Russian cyber actors likely have targeted the Ukrainian government, including military and critical infrastructure networks, to collect intelligence and preposition to conduct disruptive cyber activities,” said Deputy National Security Advisor for Cyber Anne Neuberger.

“We believe that the Russian government is responsible for wide-scale cyberattacks on Ukrainian banks this week.

“We have technical information that links the Russian main intelligence directorate, or GRU, as known GRU infrastructure was seen transmitting high volumes of communication to Ukraine-based IP addresses and domains.”

Also Read: 5 Brief Concepts Between Data Protection Directive vs GDPR

Neuberger also added that, although “of limited impact” these incidents could be part of a more significant Russian effort to prepare for other, “laying groundwork” for more disruptive attacks that would come together with a potential invasion of Ukraine’s territory.

“Russia likes to move in the shadows and counts on a long process of attribution. In light of that, we’re moving quickly to attribute the DDoS attacks,” Neuberger added.

Ilya Vityuk, the cybersecurity chief of Ukraine’s SBU intelligence agency, also accused Russia of coordinating this week’s attacks targeting sites belonging to Ukrainian banks and government agencies.

However, the Kremlin denied all accusations, with spokesperson Dmitry Peskov saying that Russia had absolutely nothing to do with the denial of service attacks.

“And, as the President said earlier this week, if Russia attacks the United States or allies through asymmetric activities like disruptive cyberattacks against our companies or critical infrastructure, we are prepared to respond,” Neuberger said.

“We’re calling out Russia’s plans loudly and repeatedly,” President Biden also added today. “Not because we want a conflict, but because we’re doing everything in our power to remove every reason Russia may give to justify this.”

Also Read: Top 10 Best Freelance Testing Websites That Will Pay You

The incidents Neubergerer refers to are DDoS attacks that targeted online services belonging to the Ukrainian military and state-owned bank websites earlier this week.

On Tuesday, the Ministry of Defense and the Armed Forces of Ukraine and two of the country’s state-owned banks, Oschadbank (the State Savings Bank) and Privatbank (Ukraine’s largest bank), were taken down after being hammered by DDoS attacks.

While the Ukrainian defense ministry’s website was knocked out, Oschadbank‘s and Privatbank‘s sites were still accessible, even though customers could not log into their online banking accounts.

The attacks followed a Monday press release from the Security Service of Ukraine (SSU)—whose website has been unreachable since Wednesday—saying that the country is currently being targeted by a “massive wave of hybrid warfare.”

This campaign’s end goal is to trigger anxiety and undermine Ukrainians confidence in the state’s ability to defend them, according to the SSU.

The Ukrainian Computer Emergency Response Team also warned of attacks targeting Ukrainian authorities, coordinated by the Gamaredon hacking group (previously linked to Russia’s Federal Security Service (FSB) by the Ukrainian security and secret services).

“It’s unsurprising to learn that the DDOS attacks in Ukraine were conducted by the GRU. Russia’s military intelligence service is the most aggressive of its peers when it comes to cyberattacks and other activity in the sphere,” John Hultquist, VP of Intelligence Analysis at Mandiant, told BleepingComputer.

“We have seen them carry out DDOS attacks on several occasions which they use to harass and undermine institutions. It’s not unusual for incidents such as these to be nested within a larger campaign that can take many forms from hack and leak to serious destructive attack.”


Update: The UK government also points to Russian GRU hackers being behind the DDoS attacks targeting Ukraine this week.

“The UK Government judges that the Russian Main Intelligence Directorate (GRU) were involved in this week’s distributed denial of service attacks against the financial sector in Ukraine,” a Foreign, Commonwealth & Development Office spokesperson said.

“The attack showed a continued disregard for Ukrainian sovereignty. This activity is yet another example of Russia’s aggressive acts against Ukraine.”

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us