cybercrime

Αντεπίθεση των ΗΠΑ για τις κυβερνοεπιθέσεις- CYBERCRIME war in U.S.

 


Αμερικανοί αξιωματούχοι την Κυριακή αύξησαν την πίεση σε εταιρείες και αντίπαλες ξένες χώρες για την αντιμετώπιση κυβερνοεγκληματιών, και είπαν ότι ο πρόεδρος Τζο Μπάιντεν εξετάζει όλες τις επιλογές, μεταξύ των οποίων και στρατιωτικού τύπου, για την αντιμετώπιση της εντεινόμενης απειλής.

Η κυβέρνηση Μπάιντεν εξετάζει «όλες τις επιλογές» για την υπεράσπιση της χώρας ενάντια σε εγκληματίες με ransomware, είπε, σύμφωνα με το Reuters, σε συνέντευξή της η υπουργός Εμπορίου Τζίνα Ραϊμόντο, ερωτηθείσα για το αν εξεταζόταν στρατιωτική δράση.

Η Ραϊμόντο δεν περιέγραψε με λεπτομέρειες πώς θα έμοιαζαν αυτές οι επιλογές, μα είπε ότι το θέμα θα είναι στην ατζέντα όταν ο πρόεδρος συναντηθεί με τον Ρώσο πρόεδρο Πούτιν αυτόν τον μήνα.

Η αυξανόμενη απειλή των κυβερνοεπιθέσεων έχει ωθήσει την κυβέρνηση Μπάιντεν σε μια πιο επιθετική στάση απέναντι στη Ρωσία, η οποία θεωρείται πως φιλοξενεί κάποιους από τους δράστες.

«Δεν βγάζουμε τίποτα από το τραπέζι καθώς σκεφτόμαστε για τις πιθανές επιπτώσεις, συνέπειες ή αντίποινα» είπε ο Ραϊμόντο.

Το προηγούμενο Σαββατοκύριακο, ο μεγαλύτερος συσκευαστής κρέατος στον κόσμο στοχεύτηκε από κυβερνοεγκληματίες και τον Μάιο ο μεγαλύτερος αγωγός μεταφοράς καυσίμου στις ΗΠΑ δέχτηκε επίθεση, υποδαυλίζοντας φόβους για διαταραχή προμήθειας τροφίμων και καυσίμου.

Οι αντίπαλοι των ΗΠΑ έχουν τη δυνατότητα να κλείσουν το σύνολο του δικτύου ηλεκτροδότησης της χώρας, είπε η υπουργός Ενέργειας, Τζένιφερ Γκράνχολμ, σε συνέντευξη στο CNN, κάνοντας λόγο για «χιλιάδες επιθέσεις σε όλες τις πλευρές του τομέα της ενέργειας».

Οι πρόσφατες επιθέσεις οδήγησαν τον Μπάιντεν να θέσει το ζήτημα των χάκερ στη Ρωσία στην ατζέντα της συνάντησης με τον Πούτιν.

Ο Λευκός Οίκος σχεδιάζει να χρησιμοποιήσει τη σύνοδο της 16ης Ιουνίου για να δώσει ένα ξεκάθαρο μήνυμα στον Ρώσο ηγέτη, λένε αξιωματούχοι. Επόμενο βήμα θα μπορούσε να είναι η αποσταθεροποίηση των servers που χρησιμοποιούνται για τη διεξαγωγή τέτοιων επιθέσεων, λένε κάποιοι ειδικοί σε θέματα κυβερνοχώρου.

Αμερικανοί αξιωματούχοι ζητούν από ιδιωτικές εταιρείες να είναι σε επαγρύπνηση και έχουν περισσότερη διαφάνεια ως προς τις επιθέσεις. Η Γκράνχολμ είπε επίσης πως οι εταιρείες πρέπει να ενημερώνουν την ομοσπονδιακή κυβέρνηση όταν στοχεύονται, και να μην πληρώνουν τους δράστες, καθώς αυτό απλά τους ενθαρρύνει. ΝΑΥΤΕΜΠΟΡΙΚΗ

Below is a summary of incidents from over the last year. For the full list, click the download link above.

May 2021. The world’s largest meat processing company, Brazilian-based JBS, was the victim of a ransomware attack. The attack shut down facilities in the United States, Canada and Australia. The attack was attributed to the Russian speaking cybercrime group, REvil.

May 2021. On May 24th, hackers gained access to Fujitsu’s systems and stole files belonging to multiple Japanese government entities. So far four government agencies have been impacted. 

May 2021. Cybersecurity researchers identified a North Korean hacking group to be responsible for a cyber espionage campaign, targeting high profile South Korean government officials, utilizing a phishing methodology. The group’s targets were based in South Korea and included: the Korea Internet and Security Agency (KISA), ROK Ministry of Foreign Affairs, Ambassador of the Embassy of Sri Lanka to the State (in ROK), International Atomic Energy Agency Nuclear Security Officer, Deputy Consul General at Korean Consulate General in Hong Kong, Seoul National University, and Daishin Securities.

May 2021. On May 14, Ireland’s national health service, the Health Service Executive (HSE), was the victim of a ransomware attack. Upon discovering the attack, government authorities shut down the HSE system. The attackers utilized the Conti ransomware-as-a-service (RaaS), which is reported to be operated by a Russia-based cybercrime group.

May 2021. The FBI and the Australian Cyber Security Centre warned of an ongoing Avaddon ransomware campaign targeting multiple sectors in various countries. The reported targeted countries are Australia, Belgium, Brazil, Canada, China, Costa Rica, Czech Republic, France, Germany, India, Indonesia, Italy, Jordan, Peru, Poland, Portugal, Spain, UAE, UK, US. The targeted industries include: academia, airlines, construction, energy, equipment, financial, freight, government, health, it, law enforcement, manufacturing, marketing, retail, pharmaceutical.

May 2021. On May 6, the Colonial Pipeline, the largest fuel pipeline in the United States, was the target of a ransomware attack. The energy company shut down the pipeline and later paid a $5 million ransom. The attack is attributed to DarkSide, a Russian speaking hacking group.

May 2021. On May 4th and 5th, the Norwegian energy technology company Volue was the victim of a ransomware attack. The attack resulted in the shutdown of water and water treatment facilities in 200 municipalities, affecting approximately 85% of the Norwegian population.

May 2021. A large DDoS attack disabled the ISP used by Belgium’s government, impacting more than 200 organizations causing the cancellation of multiple Parliamentary meetings.

May 2021. A Chinese hacking group compromised a Russian defense contractor involved in designing nuclear submarines for the Russian navy.

April 2021. A hacking group compromised the social media accounts of Polish officials and used them to disseminate narratives critical of NATO. German authorities have reported that the same group has also attempted to compromise members of the Bundestag and state parliament.

April 2021. Hackers linked to the Chinese military conducted an espionage campaign targeting military and government organizations in Southeast Asia beginning in 2019

April 2021. Malware triggered an outage for airline reservation systems that caused the networks of 20 low-cost airlines around the world to crash

April 2021. Russian hackers targeted Ukrainian government officials with spearphishing attempts as tensions between the two nations rose during early 2021

April 2021. Hackers linked to Palestinian intelligence conducted a cyber espionage campaign compromising approximately 800 Palestinian reporters, activists, and dissidents both in Palestine and more broadly across the Middle East.

April 2021. Two state-backed hacking groups—one of which works on behalf of the Chinese government—exploited vulnerabilities in a VPN service to target organizations across the U.S. and Europe with a particular focus on U.S. defense contractors.

April 2021. MI5 warned that over 10,000 UK professional shave been targeted by hostile states over the past five years as part of spearphishing and social engineering campaigns on LinkedIn.

April 2021. Swedish officials disclosed that the Swedish Sports Confederation was hacked by Russian military intelligence in late 2017 and early 2018 in response to accusations of Russian government-sponsored doping of Russian athletes

April 2021. French security researchers found that the number of attacks hitting critical French businesses increased fourfold in 2020 during the COVID-19 pandemic.

April 2021. The European Commission announced that the EC and multiple other EU organizations were hit by a major cyberattack by unknow

April 2021. Chinese hackers launched a months-long cyber espionage campaign during the second half of 2020 targeting government agencies in Vietnam with the intent of gathering political intelligence

March 2021. The North Korean hacking group responsible for a set of attacks on cybersecurity researchers in January 2021 launched a new campaign targeting infosec professionals using fake social media profiles and a fake website for a non-existent security service companyo target

March 2021. Suspected Iranian hackers targeted medical researchers in Israel and the U.S. in an attempt to steal the credentials of geneticists, neurologists, and oncologists in the two countries

March 2021. Suspected Russian hackers stole thousands of emails after breaching the email server of the U.S. State Department

March 2021. Suspected state hackers targeted the Australian media company Nine Entertainment with a ransomware variant, disrupting live broadcasts and print production systems.

March 2021. Suspected Russian hackers attempted to gain access to the personal email accounts of German parliamentarians in the run-up to Germany’s national elections

March 2021. U.S. Cyber Command confirmed that it was assisting Columbia in responding to election interference and influence operations.

March 2021. The head of U.S. Cyber Command testified that the organization had conducted more than two dozen operations to confront foreign threats ahead of the 2020 U.S. elections, including eleven forward hunt operations in nine different countries.

March 2021. A group of Chinese hackers used Facebook to send malicious links to Uyghur activists, journalists, and dissidents located abroad.

March 2021. The Indian Computer Emergency Response Team found evidence of Chinese hackers conducting a cyber espionage campaign against the Indian transportation sector

March 2021. Polish security services announced that suspected Russian hackers briefly took over the websites of Poland’s National Atomic Energy Agency and Health Ministry to spread false alerts of a nonexistent radioactive threat.

March 2021. Both Russian and Chinese intelligence services targeted the European Medicines Agency in 2020 in unrelated campaigns, stealing documents relating to COVID-19 vaccines and medicines.

March 2021. Ukraine’s State Security Service announced it had prevented a large-scale attack by Russian FSB hackers attempting to gain access to classified government data.

March 2021. Lithuania’s State Security Department declared that Russian hackers had targeted top Lithuanian officials in 2020 and used the country’s IT infrastructure to carry out attacks against organizations involved in developing a COVID-19 vaccine.

March 2021. Suspected Iranian hackers targeted government agencies, academia, and the tourism industry in Azerbaijan, Bahrain, Israel, Saudi Arabia, and the UAE as part of a cyber espionage campaign.

About Freegr network

Από το Blogger.