Home

Have you seen any indication that there's an increased cyber threat due to the Russian invasion of Ukraine?

Good piece by Joseph Menn: The dire predictions about a Russian cyber onslaught haven’t come true in Ukraine. At least not yet. https://www.washingtonpost.com/technology/2022/02/28/internet-war-cyber-russia-ukraine/

Anonymous Author
Good piece by Joseph Menn: The dire predictions about a Russian cyber onslaught haven’t come true in Ukraine. At least not yet. https://www.washingtonpost.com/technology/2022/02/28/internet-war-cyber-russia-ukraine/
6 upvotes
Anonymous Author
My sources say that Russian state and private hackers are more busy targeting the Ukraine and some neighboring European countries.  With those resources aimed therein, we are actually seeing REDUCED attacks on & sniffing around in the USA.  Besides the Ukraine defending and attacking Russia back in CyberSpace, there are also others aiding in some limited cyber warfare being waged very carefully against Russia.
4 upvotes
Anonymous Author
I have seen more sales reps approaching and using it as an excuse to sell more products and more emails from security vendors about how their product can protect us. I haven't seen any specific attacks that I can contribute to it, but It's not like state-sponsored actors were not active before
3 upvotes
Anonymous Author
The Russia/Ukraine war has been a book for security salespeople to hawk their wares.     The Russians certainly have scores, if not hundreds of people working on nation state attacks. I’d assume at this point, they are focused on bringing down Ukrainian systems, and not those of other countries. These piece from last week by Joseph Menn puts things into perspective:   https://www.washingtonpost.com/technology/2022/02/28/internet-war-cyber-russia-ukraine/
3 upvotes
Anonymous Author
I haven't seen anything directly, but given the fact that Russia has been 'kicked off of' the SWIFT financial rails network, expect to see some level of retaliation from them
3 upvotes
Anonymous Author
We have noticed an increase in the frequency of Phishes, but none of those have been specifically Ukraine themed.  My guess is that our mail-provider is doing a good job in picking out the most obvious ones.   We are doing some deep scanning of our network as well, but so far everything remains quiet. 
2 upvotes
Anonymous Author
We are certainly like to see more scams/phishing around giving aid to Ukraine. And it's likely that there will be collateral spill over to indirect targets. Also, supply chain risk is a good vector for cybercrime. 
2 upvotes
Anonymous Author
During last two weeks there are number of incident that where addressed to concrete infrastrcuture and business sector (such as energy and finacial), there is no direct evidences to say that incidents incresed due to the Russian invasion to Ukraine, but with the collected information there are Russian addresses used in some cases.
2 upvotes
Anonymous Author
Anonymous Author
Dont think so
2 upvotes
Anonymous Author
I have kept an eye on the various Russian threats to my client's infrastructure for quite a few years, and weirdly, I have seen a REDUCTION in overall noise and general Russian based attacks.  I am talking about Russia's non-military/state sponsored threat, and more about their thriving commercial hacking/ransomware community.  My sense, is that the War is putting a big dent in the commercial bad actors' ability to continue their business as usual.
2 upvotes
Anonymous Author
As many are already aware, the threat landscape is significantly different, especially in the last 3-5 years. Organizations, teams, and individuals all need to stay on high alert, and stay vigilant as we keep our systems, networks, and data security.   In the meantime, organizations can do the following: Enable Multi-factor Authentication and Enforce Conditional Access Policies   Apply Security Patches to Known Vulnerabilities Exploited by Ransomware Groups   Notable vulnerabilities to patch against: ProxyShell Vulnerabilities (Microsoft Exchange) CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207: If you have installed the May 2021 security updates or the July 2021 security updates, you are protected from these vulnerabilities. Vulnerabilities in SonicWall VPN Appliances: SQL Injection Vulnerability: CVE-2021-20028 - Remote Access (SRA) products: Vulnerability remediated in SMA/SRA 9.0.0.10-28sv and higher. Unauthenticated Remote Code Execution: CVE-2019-7481 - SonicWall SMA100 9.0.0.3 and earlier Unauthenticated Remote Code Execution: CVE-2020-5135 - 6.5.4.6-79n and earlier, SonicOS 6.5.1.11-4n and earlier, SonicOS 6.0.5.3-93o and earlier, SonicOSv 6.5.4.4-44v-21-794 and earlier Upgrade Log4j to 2.17.1 - (CVE-2021-44832) - We recommend upgrading to Log4j version 2.17.1 as soon as possible to ensure you are not vulnerable to the Log4Shell vulnerability that was disclosed late last year. Security Awareness Training for Employees   Block all Connections to the MEGA Cloud Storage Service   This is what I have read, happy to share it with others https://therecord.media/second-data-wiper-attack-hits-ukraine-computer-networks https://www.cisa.gov/shields-up  https://twitter.com/WHNSC/status/1494796573959725057            
1 upvotes
Anonymous Author
There is a definite upsurge of attacks especially against those countries and organisation with non sympathetic view - often perpetrated by those countries with Russian interests.
0 upvotes
Anonymous Author
Russians cyberattacks in Ukraine have been thwarted early so far, per news reports. However, targets towards the US may increase in the near future. 
0 upvotes