fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Microsoft: Russia Stepped up Cyberattacks Against Ukraine’s Allies

Microsoft: Russia Stepped up Cyberattacks Against Ukraine’s Allies

Microsoft said today that Russian intelligence agencies have stepped up cyberattacks against governments of countries that have allied themselves with Ukraine after Russia’s invasion.

Since the start of the war, threat actors linked to several Russian intelligence services (including the GRU, SVR, and FSB) have attempted to breach entities in dozens of countries worldwide, prioritizing governments, according to Microsoft Threat Intelligence Center (MSTIC) analysts.

“MSTIC has detected Russian network intrusion efforts on 128 targets in 42 countries outside Ukraine,” said Microsoft’s President and Vice-Chair Brad Smith.

Also Read: Free PDPA Singapore Checklist 2020

“These represent a range of strategic espionage targets likely to be involved in direct or indirect support of Ukraine’s defense, 49 percent of which have been government agencies.”

The vast majority of these attacks are, as expected, primarily focused on obtaining sensitive information from government agencies in countries currently playing crucial roles in NATO’s and the West’s response to Russia’s war.

 Countries outside Ukraine targeted by Russian cyber espionage attacks
 Ukraine allies targeted by Russian cyber-espionage attacks (Microsoft)

Non-governmental organizations (NGOs) were also targeted in another 12 percent of attacks, likely because of their involvement in supporting Ukrainian refugees and civilians as humanitarian groups or their role as think tanks focused on foreign policy.

The rest of the attacks mainly targeted organizations in critical economic or defense industry sectors, as well as energy or IT companies.

“While these targets are spread around the globe, 63 percent of this observed activity has involved NATO members,” Smith added (full report as PDF).

“Based on MSTIC’s observations, Russian cyber espionage efforts have focused on targets in the United States more than any other country, with American targets representing 12 percent of the global total outside Ukraine.”

Microsoft further revealed that, since Russia invaded Ukraine, Russian-backed threat actors have succeeded in 29% of their attacks. In a quarter of these intrusions, they were also able to exfiltrate stolen data.

Also Read: The FREE Guide To The 9 Obligations Of PDPA

Russian intrusion targets
Russian intrusion targets (Microsoft)

Ukraine hit by hundreds of cyberattacks since the war started

In April, Microsoft published another report focused on Russian cyberattacks targeting Ukraine since the invasion.

As the company revealed at the time, Russian-backed state hackers were behind hundreds of attempts to target the country’s infrastructure and citizens.

Their attacks also delivered destructive malware designed to take down critical systems and disrupt civilians’ access to reliable information and critical life services.

Among the observer destructive attacks (more than 30 between February 23 and April 8) against dozens of Ukrainian organizations, 32% directly targeted government agencies, while over 40% aimed to breach critical infrastructure.

Microsoft has also noticed direct links between military operations and cyberattacks, with the timing of hacking attempts closely matching that of Russian sieges and missile strikes.

Military strikes - cyberattack correlation
Military strikes – cyberattack correlation (Microsoft)

In late March, the Google Threat Analysis Group (TAG) observed phishing attacks coordinated by the COLDRIVER Russian-based threat group against NATO and European military entities.

Another Google TAG report from early March with even more details on malicious activity linked to the Russian war in Ukraine also exposed Russian, Chinese, and Belarus state hackers’ efforts to compromise Ukrainian and European orgs and officials.

“The Russian invasion relies in part on a cyber strategy that includes at least three distinct and sometimes coordinated efforts—destructive cyberattacks within Ukraine, network penetration and espionage outside Ukraine, and cyber influence operations targeting people around the world,” Smith added.

“This war pits Russia, a major cyber-power, not just against an alliance of countries. The cyber defense of Ukraine relies critically on a coalition of countries, companies, and NGOs.”

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us