The 8th of June, Cyber News

Ukraine 

The Quality of russian Cyberattacks has Declined

The quality of russian cyberattacks has declined, as russians are now thinking about how to protect their networks. Indifferent hackers are attacking russian systems in cyberspace, and it turns out that they are not as secure as they have been saying for the past few years. Any hacker attack is a long process that takes up to six months. The russians do not have this time. In addition, we have teamed up with the private sector and cybersecurity professionals to build a robust system of protection, especially for public authorities. This was announced on the air of Ukrainian Radio by the head of the State Service of Special Communications and Information Protection of Ukraine Yuriy Shchyhol [1].

The russians are again Threatening the Zaporozhye Site 061.ua with Imprisonment in Siberia

The Zaporozhye site 061.ua received regular letters with threats from russia. Media workers are threatened with imprisonment and colonies in Siberia. This was reported by IMI representatives in the Zaporizhia region. The letter was received on June 2 from the user Mikhail Kotov from the mail mail.ru (internet.ru). «If you are not afraid to get into the correctional colonies of the FSVP of the russian Federation in the Siberian Federal District, you can continue to promote the Ukrainian Nazi regime. Well, at least prepare warm clothes, because your long vacation in prison will be cold!» – it is said in the letter. Already on June 6, the editorial staff received a letter from the user Vladislav Pavlov with the content that arrived in the editorial mail in late May. It again informs journalists about the fate of Ukraine’s gold and foreign exchange reserves and threatens imprisonment for professional activities. «Have you heard that the Ukrainian authorities have already been given a secret order to remove all gold and foreign exchange reserves from the country? Soon Zelensky will run away. And all those who support the neo-Nazi regime of Ukraine, including information, will be held accountable for their crimes under the law of the russian Federation. Get ready, propagandists!» – it is said in the letter [2].

russia  

The Killnet Hacking Group, which is Used by the russian FSB, is Mostly Made up of Teenagers

A popular IT blogger with the nickname eTorus claims that he managed to visit Facebook and VKontakte pages with some Killnet addresses and passwords. He concluded that most of the participants in the Killnet cyber group are almost teenagers. This coincides with the opinion of relevant experts. «These are mostly cybercriminals and cybercriminals of a fairly average level. They create clones of e-commerce websites, steal money from retirees’ bank cards, blackmail companies by stealing data, and more. But one day they fall into the hands of the FSB, where they are used for hybrid special operations,» said Mind, one of the specialists of the Ministry of Digital Transformation of Ukraine [3].

Russian Cyber Special Forces are Forming New Divisions to Attack NATO

The group of hacktivists is probably supported by the state and has a wide range of attacks.

Resecurity Inc. found an increase in the activity of a group of hackers “Cyberspetsnaz”, which use the current geopolitical tensions between Ukraine and russia to conduct cyberattacks. Hackers position themselves as an elite cyber-offensive group targeting NATO infrastructure and engaging in cyber espionage to steal confidential data. Starting on May 24, the Cyberspetsnaz group announced the launch of a new Panopticum campaign aimed at recruiting 3,000 cyber-volunteer specialists who want to take part in attacks on the European Union and government agencies in Ukraine. In April, Cyberspetsnaz created one of its first units called Zorya, looking for experienced Pentesters, OSINT specialists and hackers. On June 2, the group created a new division, Sparta. The new unit’s responsibilities include cyber diversion, disruption of Internet resources, data theft, and financial intelligence targeting NATO, its members and allies. The established division is an official part of the Killnet Collective. The attackers call themselves hacktivists, but no connection has been identified with the government. Some sources believe that Sparta is supported by the state [4].

World 

IBM Buys Randori Cybersecurity Startup

IBM has announced plans to acquire cybersecurity startup Randori at an undisclosed price. Founded in 2018, Randori reportedly offers a platform with a continuous and automated red-team experience that can be used to assess security in the real world. The company helps customers constantly identify external assets, both local and in the cloud, that can become visible to attackers, in addition, the solution determines the priorities of risks that are the highest level. The so-called offensive security involves security specialists who are experts in attacking systems and penetrating defenses. Randori calls it a company run by hackers and provides a real-world experience of large-scale attacks. The essence of simulating attacks is to help security teams focus on previously unknown points of influence. Randori’s unique attack surface management solution is believed to take into account the logic of the enemy based on real-world attacks. It identifies priorities based on the level of risk as well as the attractiveness of the asset to potential attackers using its patented rating system. The service is very easy to use. After entering a domain, Randori begins to display the client’s attack surface, helping to identify technological risks of shadow information and potential entry points for extortionists. IBM plans to integrate Randori attack surface management software with enhanced IBM Security QRadar detection and response capabilities. By providing data from Randori in QRadar XDR, security teams will be able to use real-time coverage of the attack surface to intelligently sort alerts, search for threats and respond to incidents. In addition, the Randori Offensive Security Service will be used in addition to the elite X-Force Red security services [5].

US Intelligence Has Warned Private Companies about Cyberattacks by russia

US cybersecurity intelligence services have called on key companies to remain on high alert for cyber attacks by russia, which is currently waging war against Ukraine and opposing Western countries. «According to intelligence, the threat was and remains real. The russians have opportunities that we need to be careful about, and they are now in the decision-making process,» said Robert Joyce, director of cybersecurity at the U.S. National Intelligence Agency. Following warnings from intelligence services, the Shields Up campaign was launched in the United States in February to strengthen the protection of private companies, especially technology giants and other manufacturers. Joyce noted that the level of threat of cyberattacks is currently assessed as «serious». For his part, Chris Inglis, the US president’s chief cybersecurity adviser, stressed that potential attacks by russia pose a real threat to public infrastructure. «We actually have a clear strategic threat,» Inglis said [6].