Cyberwar- Week 2 of the Russian Invasion of Ukraine

We remain on a state of high alert versus a very capable cyber-enemy in Russia. It is of specific concern that the Russian Federation may see the sanctions imposed by the UK and supply of lethal military supplies as appropriate for a reprisal via cyber attack.

This week we have seen a number of critical sectors targeted for cyber attack in the US including financial services, food and agriculture, government, healthcare, and other critical infrastructure industries but as of yet these threat-actors have not identified themselves.

Across the Ukraine, Russia has actively been targeting communication infrastructure, no doubt with the aim of keeping the images of its burning tanks, downed aircraft and indiscriminate shelling off our TV screens. However, this has clearly failed to achieve its desired effect to date. Meanwhile in Russia telecoms company Cogent, who provide internet backbone services across the Russian Federation are withdrawing from the market in a move that will see slower internet speeds. 

Elsewhere an earlier attack on the Red Cross, has lead them to make a statement pleading for the details of 515,000 vulnerable people not to be made public. It really is the wild west out there in cyber-security!

This week also saw a lot of activity from software vendors to rush out security patches. 21 from Microsoft themselves but also notable releases from Adobe and APC who found a vulnerability in their Uninterruptable Power Supply (UPS) software which could be used to fry attached equipment.

Conti Group Treasure Trove

Following the internal dispute in criminal hacking croup Conti over backing the Russian State in invading Ukraine details of chat logs and source code were released to the web. Security analysts have been sieving through this and found an enormously well structured organisation that turned over $180m last year. Its Bitcoin addresses contain over $2 Billion! Details including its HR processes and concerns, as well as development are sure to have long term repercussions.

Pro-Western hacking group Anonymous have meanwhile been having fun such as making a Troll image appear in Russian state communications.

Stay Alert!

This weeks message is to stay alert. Take no chances, patch your software and ensure that you have a three layer back up of your critical data. One on site, one offsite and one copy disconnected.

IT Ambulance remains at your service to support your cyber security concerns.

We remain deeply moved by the plight of those caught up in this conflict.