Last week ended with the profoundly important news that Russia’s Federal Security Service (FSB) arrested members of the REvil hacking group and reportedly claimed, “the organized crime gang ceased to exist.” The news came shortly after the world had learned that dozens of Ukrainian government websites were downed in a massive cyberattack.
On Sunday, Ukraine’s Ministry of Digital Transformation released a statement alleging, “All evidence suggests Russia was behind the cyberattack. Moscow continues to wage a hybrid war.”
This CSO Online article outlines the series of events that began January 11, 2022, but also examines the question: Why are these events so important? Dmitri Alperovitch, Co-Founder and Chairman of Silverado Policy Accelerator and RSA Conference Advisory Board member, said the arrests of the REvil criminals in Russia last week are important for two reasons.
“First, they are an implicit admission from the Russian government that major ransomware gangs do indeed operate from Russian soil—something that they have denied up till now.”
“But second, they come in the midst of high tensions in the US-Russia relationship over the threat of another invasion of Ukraine and are undoubtedly a signal to Washington to think carefully about imposing severe sanctions on the Russian economy as it would mean the end of any cooperation on ransomware prosecutions.”
Because echoes of NotPetya continue to reverberate nearly five years after the last cyberattacks on Ukraine, all eyes are on Russia, with the United States and NATO watching closely and planning their responses.
Now let’s take a look at what else made cybersecurity headlines this week.
Jan. 21: Four current and former officials of the Ukrainian government have been sanctioned by the US Treasury Department for allegedly colluding with the Russian government to gather intelligence on Ukraine’s critical infrastructure.
Jan. 20: Threatpost reported, “A security vulnerability in Apple’s browsers for macOS, iOS and iPadOS can lead to information disclosure, researchers have warned. Apple has just marked the issue as “resolved,” but it will take some time for the fixes to roll out, they said, so users should implement mitigations.”
Jan. 20: In the aftermath of the cyberattacks on Ukrainian government websites, CISA warned organizations to take immediate measures to protect against potential cyberthreats.
Jan. 19: CyberScoop reported, “A cyberattack compromised personal and confidential data on more than half a million people helped by at least 60 Red Cross and Red Crescent organizations around the world.”
Jan. 19: US President Joe Biden signed a national security memo that promises to improve cybersecurity throughout the intelligence community. A few days later, industry influencers shared their reactions to the signing of the memo.
Jan. 19: Krebs on Security reported, “By the summer of 2022, the only way to log in to irs.gov will be through ID.me, an online identity verification service that requires applicants to submit copies of bills and identity documents, as well as a live video feed of their faces via a mobile device.”
Jan. 18: According to Dark Reading, “Security researchers have found a method to collect vast amounts of stolen user credentials by executing searches on VirusTotal, the online service used to analyze suspicious files and URLs.”
Jan. 17: Employee use of social media to share details about their working lives could pose a cybersecurity risk to their employers, according to WeLiveSecurity.Jan. 17: “A former acting inspector general for the US Department of Homeland Security (DHS) has pleaded guilty to charges related to his theft of federal government software and databases,” Infosecurity Magazine reported.