The 18th of May, Cyber News

Ukraine

Ukraine has won two international awards for effective cyber defense

The international community noted Ukraine’s efforts to combat cyber threats — for the first time, our country won two important CYBERSEC Awards in the field of cybersecurity. Ukraine was awarded for its heroic resistance to russian aggression and protection of the digital borders of the democratic world. The organizers noted the heroic cyber defense, which was joined by the entire Ukrainian society, including the state apparatus, the IT community and volunteers. «During this war, Ukrainians have shown that they are able to resist russian aggression not only on the battlefield, but also in cyberspace. We have been able to achieve this through the incredible joint efforts of the state, the private sector, the expert community and our partners and friends from other countries. Thank you all for this work. Victory will be ours!» — said the head of the State Service of Special Communication Yuri Shchigol [1], [2], [3].

russia

New attacks by the IT ARMY of Ukraine

On May 18, the IT ARMY of Ukraine continues attacks on NashStore, airlines and regional media. Work is also underway to search for databases of telephone numbers of residents and companies of the occupied Crimea and the border regions of russia (Bryansk, Kursk and Belgorod) [4].

russian propagandists and hackers are trying to copy the Ukrainian volunteer movement

Behind the cyber attacks against Ukraine are both qualified hacker groups and ordinary cyber terrorists who do not have special skills. russian propagandists use this to show that a volunteer movement has emerged in russia among citizens who want to help the state. That’s why the russian Cyber ​​Army was created there, which seeks to replicate the success of the IT army of Ukraine and mimic the «all-russian movement».  However, there is a key difference between Ukrainian and pro-Ukrainian hacktivists and russians: while the former help Ukraine defend itself against an aggressor’s attack, the russian side «behaves like a terrorist organization, attacking rescuers and threatening the lives of Ukrainians».  The russian army is trying to destroy Ukrainian telecoms to ensure its security in the temporarily occupied territories. At the same time, they are trying to conduct operations «on the ground» — in particular, to redirect traffic through their own networks to filter it [5], [6].

World

Don’t accidentally hire a North Korean hacker, FBI warns

US officials have warned businesses against inadvertently hiring IT staff from North Korea, saying that rogue freelancers were taking advantage of remote work opportunities to hide their true identities and earn money for Pyongyang. An advisory issued by the state and treasury departments and the FBI said the effort was intended to circumvent US and UN sanctions, and bring in money for North Korea’s nuclear weapons and ballistic missile programs. The officials said companies who hired and paid such workers may be exposing themselves to legal consequences for sanctions violations. «There are thousands of DPRK IT workers both dispatched overseas and located within the DPRK, generating revenue that is remitted back to the North Korean government. «These IT workers take advantage of existing demands for specific IT skills, such as software and mobile application development, to obtain freelance employment contracts from clients around the world, including in North America, Europe, and east Asia» [7]

Hacker Shows Off a Way to Unlock Tesla Models, Start Cars

Tesla Inc. customers might love the carmakers’ nifty keyless entry system, but one cybersecurity researcher has demonstrated how the same technology could allow thieves to drive off with certain models of the electric vehicles. A hack effective on the Tesla Model 3 and Y cars would allow a thief to unlock a vehicle, start it and speed away, according to Sultan Qasim Khan, principal security consultant at the Manchester, UK-based security firm NCC Group. By redirecting communications between a car owner’s mobile phone, or key fob, and the car, outsiders can fool the entry system into thinking the owner is located physically near the vehicle. The hack, Khan said, isn’t specific to Tesla, though he demonstrated the technique to Bloomberg News on one of its car models. Rather, it’s the result of his tinkering with Tesla’s keyless entry system, which relies on what’s known as a Bluetooth Low Energy (BLE) protocol [8].