We are tracking the websites officially blocked in Russia by the authorities since the invasion of Ukraine in February 2022 that relate to the conflict. These include Ukraine news sites, financial trading platforms and international sites, such as BBC News and Facebook.

Full article: https://www.top10vpn.com/research/websites-blocked-in-russia/?fbclid=IwAR1cLQG7EV8XePOEpNUPE83lK7hDrxM4W9Ygvya-52IJPYi-IazC9F_s-ls

Today, the White House warned private companies to increase their cyber defenses  given evolving intelligence suggesting the Russian government may be exploring “options for potential cyberattacks” in response to the imposed and unprecedented economic sanctions.

News Insights:

Marjorie Dickman, Chief Government Affairs and Public Policy Officer at BlackBerry:

“We commend the White House on its continued cybersecurity and Zero-Trust focus to increase U.S. protections and resilience against escalating malicious cyber activity, starting with the Cybersecurity Executive Order (EO) last May. While the EO was a ‘game-changer,’ it was only the first of many steps that the Administration and Congress would need to take to address the cybersecurity landscape, including additional federal funding to modernize cybersecurity defenses, a Software Bill of Materials (SBOM) for federal procurement, and legislation like cyber incident reporting.

Specifically, the Administration’s emphasis on a prevention-first, public-private, and G7 collaborative approach to cybersecurity bad actors is noteworthy. Critical to this, as noted in the White House announcement, is deploying modern automated security tools like artificial intelligence and machine learning to prevent and mitigate threats; emphasizing the criticality of a Software Bill of Materials (SBOM) to track and fix malicious components; and reiterating that all U.S. government procurement must meet the Cyber EO’s security directives.”

Mark Manglicmot, VP of Security Services, Arctic Wolf:
“Companies need to act urgently to ensure they harden themselves in preparation for nation-state-sponsored cyber-attacks. They must urgently look to patch any devices with known vulnerabilities and communication to their employees the critical need to be on heightened alert for malicious links and attachments in suspicious emails.

The likelihood of a cyber-attack on key industries has sharply risen over the past few weeks. These industries include critical nation infrastructure (both public and privately owned), hospitals, and financial centers. These industries must maximize their information-sharing partnerships to keep each other abreast of attack intelligence in real-time.

Finally, 24×7 monitoring to detect the earliest attack indicator must be in place and ready to respond both technically and as a business. The sensitivity of this monitoring must be at its most sensitive level. If companies feel they aren’t ready for a cyber-attack, the three most important things to do are patch known vulnerabilities, rapidly establish 24×7 security operations monitoring, and alert employees to be on the lookout for malicious emails (aka phishing). Being a resilient business and thus continuing to operate through a cyber-attack is the ultimate goal.”

James McQuiggan, security awareness advocate at KnowBe4:

“When the pandemic hit in 2020, organizations and their InfoSec & IT departments scrambled to get people to work from home to reduce the risk of infection caused by the Coronavirus. Budgets approved, products installed, and users were working from home within days to weeks versus the expected months to years.

With the recent cyber-attacks between Russia and Ukraine and the current intelligence coming from the US Government, organizations want to shore up their defenses to reduce the risk of a successful attack by any nation-state. Considering the target is towards the US-defined critical infrastructure, organizations must implement the various safety requirements to protect their data and systems.

However, the mitigating threat tactics put forth by CISA’s “Shields Up” will require boards to approve and fast-track spending for products and services not already implemented.

Some of the items that are the quickest return on investment and implementation time would be reviewing incident plans and recovery strategies in the event of an attack.  Review and mitigate risks to external facing systems and verify they are fully patched and current on all security updates.

The most impactful will be to ensure employees receive education, are aware of the latest attack methods, and are vigilant on all unexpected emails that require any urgency for action.”

Erich Kron, security awareness advocate at KnowBe4:

“Tools like Slack offer a quick way for people to connect and collaborate, however there can be technical and non-technical concerns with these platforms. Because many people may already be using platforms like Slack for other personal interactions, they may be tempted to use their personal accounts to communicate with coworkers about business matters, a problem that could become a headache pretty quickly in the event of legal action. For organizations planning on using these collaboration tools, it would be wise to look into the business focused versions of the platforms which typically provide more security and control than the free personal versions used by many. The ability to control who is allowed to be included in these discussions, and potentially being able to control attachments and other features that could put organizational data at risk, could certainly be worth the additional cost over free versions.

Employees should be told what is and is not acceptable when using these platforms, and that needs to be backed up by a well-written policy that explains the acceptable use of the tool and the limitations. Because many people may already use these platforms in a personal setting and are comfortable with them, making sure expectations are managed, especially with respect to professional communication standards, is critical.

Through these platforms, organizational data may end up on personal mobile devices as well, so the security of the devices should also be stressed to employees and their responsibilities with respect to protecting this data clearly defined.

Given the popularity of these platforms in personal and work environments, policies and training around these cannot be ignored, and organizations that attempt to ban their use, might find that employees go outside what could better be controlled and monitored through a business account. Decisions on dealing with this new form of communication must be carefully considered with input from legal counsel.”

Rajiv Pimplaskar, CEO, Dispersive Holdings, Inc.:

“Nation state toolkits are especially dangerous as they are highly effective against Industry standard IPsec VPN as well as TLS encryption. Russia and other Nation state actors have a vast amount of compute resources as well as well coordinated teams to play a long game against targeted Western governments, enterprises and MNCs. Also, that motivation in such situations is not just economical but also strategic means sensitive data that is detected can be used to reverse engineer source and destination relationships as well as identify flows of interest. Furthermore, Nation state toolkits can use public cloud as a gateway to get underneath the encryption layer and capture the data flow itself for future analysis. Traditional zero trust approaches stop at the network and are largely ineffective against Nation state actors. Critical infrastructure companies should bolster their cyber defense posture with advanced communications security that can obfuscate resources, as well as leverage data multipathing to present a harder target for such threat actors.”

Garret Grajek, CEO, YouAttest:  

“Timely message – not only has Russia warned of attacks on western infrastructure – there has been evidence of the change of hacks from purely financial, e.g. in the case of Colonial Pipeline for ransomware to more malicious instructions and efforts to disrupt western critical infrastructure. The alert is warranted and should extend to all internet facing systems that were identified in all the 16 categories of infrastructure identified by the US CISA (Cybersecurity & Infrastructure Security Agency) in PPD-21 (Presidential Policy Directive 21). The key to securing these systems is to be aware of all the assets, especially identity, and then changes in roles and permissions – since controlling of admin accounts is crucial to the lateral movement, persistence and data exfiltration that the hackers desire to implement.”

When President Biden signed the omnibus spending bill Tuesday, he also put the bipartisan Cyber Incident Reporting Act into effect, which requires critical infrastructure companies in the 16 industry sectors identified by the federal government to report to the Cybersecurity and Infrastructure Security Agency (CISA) within 72 hours if they are experiencing a cyberattack and within 24 hours of making a ransomware payment.

While this wasn’t the all-encompassing data breach law that has been stalled in Congress for many years, it was notable in that the Senate passed the legislation unanimously. The bill was championed by Sen. Gary Peters (D-Mich.) and Sen. Rob Portman (D-Ohio); it covers a broad swath of the economy, including the defense industrial base sector, which has more than 100,000 companies alone.

https://www.darkreading.com/attacks-breaches/new-cyber-incident-law-not-a-national-breach-law-but-a-major-first-step

A RUSSIAN “SUICIDE drone” that boasts the ability to identify targets using artificial intelligence has been spotted in images of the ongoing invasion of Ukraine.

Photographs showing what appears to be the KUB-BLA, a type of lethal drone known as a “loitering munition” sold by ZALA Aero, a subsidiary of the Russian arms company Kalashnikov, have appeared on Telegram and Twitter in recent days. The pictures show damaged drones that appear to have either crashed or been shot down.

With a wingspan of 1.2 meters, the sleek white drone resembles a small pilotless fighter jet. It is fired from a portable launch, can travel up to 130 kilometers per hour for 30 minutes, and deliberately crashes into a target, detonating a 3-kilo explosive.

Full article: https://www.wired.com/story/ai-drones-russia-ukraine/?bxid=5be9e3713f92a40469fa2eae&cndid=53679941&esrc=growl2-regGate-1120&mbid=mbid%3DCRMWIR012019%0A%0A&source=EDT_WIR_NEWSLETTER_0_DAILY_ZZ&utm_brand=wired&utm_campaign=aud-dev&utm_content=WIR_Daily_031822&utm_mailing=WIR_Daily_031822&utm_medium=email&utm_source=nl&utm_term=P4 

https://www.nytimes.com/2022/03/18/opinion/cyberwar-ukraine-russia.html

Welcome to The Cybersecurity 202! RIP to actor William Hurt. My favorite of his roles was in the 1981 neo-noir film “Body Heat.” Aaron’s a big fan of “Broadcast News” from 1987.

Below: A notorious Russian troll farm may be responsible for a pro-Putin disinformation campaign, and the NSA is investigating whether the Kremlin is behind a satellite Internet outage during the Ukraine invasion.

The digital iron curtain spells cyber vulnerabilities for the Russian people

Russia is growing increasingly isolated from the global Internet in ways that spell trouble for its citizens’ cybersecurity.

A slew of Western tech and cybersecurity companies have stopped selling in Russia since it invaded Ukraine. That could make it far easier to hack Russian citizens — and far tougher for them to maintain privacy online.

Advertisement

• It will also leave Russian citizens and companies reliant mostly on Russian tech and cyber companies, such as the anti-virus provider Kaspersky, which U.S. intelligence officials say can’t be trusted.

Fractured Internet

The effects could be felt far outside of Russia. The moves come in the context of efforts by China and other repressive governments to limit the role of Western tech firms. They could speed up the transition to a fractured Internet where online security and privacy is the sole province of democracies.

https://www.washingtonpost.com/politics/2022/03/14/russias-becoming-more-digitally-isolated/

https://www.kake.com/story/46054468/russias-cyber-offensive-against-ukraine-has-been-limited-so-far-experts-are-divided-on-why

Dive Brief:

• Congress passed landmark legislation Thursday that mandates critical infrastructure providers and federal agencies promptly report cyberattacks and ransomware payments to the Cybersecurity and Infrastructure Security Agency.
• The historic reporting requirements are part of a $1.5 trillion omnibus spending bill that President Joe Biden is expected to sign.
• CISA Director Jen Easterly praised the legislation in a statement Friday, noting her agency have better visibility and data to protect businesses and critical infrastructure.

https://www.cybersecuritydive.com/news/congress-cyber-incident-reporting-legislation/620261/