Our weekly Cyber Threats & Vulnerabilities Report is provided to our Red Sky Alliance Members to consolidate both prominent government and private cyber security reporting which include descriptions (TTPs), indicators of compromise (IoCs) and at times remediation directions.
Link to full report: IR-22-077-002_CyberIntelSummary077.pdf
Red Sky Alliance performs queries of our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails. Email subject line Motor Vessel (MV) or Motor Tanker (MT) keyword usage is a common lure to entice users in the maritime industry to open emails containing malicious attachments. Red Sky Alliance is providing this list of Motor Vessels in which Red Sky Alliance directly observed the vessel being impersonated, with assoc
A new reflection/amplification DDoS method is being used in attacks that provides a record-breaking amplification ratio of almost 4.3 billion to 1. Distributed Denial of Service (DDoS) attacks target servers or networks with many requests and high volumes of data, aiming to deplete their available resources and cause a service outage. The amplification ratio is critical when conducting attacks, as the higher the number, the easier it is for threat actors to overwhelm well-protected endpoints w
US federal authorities first became aware of RagnarLocker in April 2020 and subsequently produced a cyber report to disseminate known indicators of compromise (IOCs) at that time. The linked report provides updated and additional IOCs to supplement that report. As of January 2022, analysts have identified at least 52 entities across 10 critical infrastructure sectors affected by RagnarLocker ransomware, including entities in the critical manufacturing, energy, financial services, government,
Full report: IR-22-070-001_weekly070.
The US president signed an executive order (E.O.) on 9 March for “ensuring responsible innovation in digital assets.” The E.O. is designed to, among other things, crack down on the use of cryptocurrency among cybercriminals.[1]
This long-awaited directive orders federal agencies, including the Department of Justice and the Treasury Department, to coordinate their approach to the booming cryptocurrency sector. Although the order does not lay out specific policy suggestions, it takes aim at cons
At the start of March, residents of Kyiv had been bracing themselves for a 40-mile-long convoy of Russian tanks, armored vehicles, and towed artillery to arrive for an assault on the Ukrainian capital. Days later, they are still waiting. Perhaps Russian men are too disinclined to ask for directions
On 03 March 2022, US intelligence suggested that the convoy was still stalled some distance from Kyiv, backing claims made by both the Ukrainian government and UK's defense ministry. "We still ass
Our readers who are old enough to remember using walkie-talkies to talk with their friends or used them in the military will find this of interest. A walkie-talkie, more formally known as a handheld transceiver, is a hand-held, portable, two-way radio transceiver. It was developed during WW II to eliminate the need for wire connected combat (field) telephones. Interesting enough that they are still being used on the precipice of WW III.
Walkie-talkie communication app Zello https://zello.com
Since the beginning of phishing, fraudulent invoicing and purchasing schemes have been one of the most common lures, because they make money. The usual modus operandi involves appealing to the recipient’s desire to avoid incurring a debt, especially where a business may be involved. Researchers recently came across an interesting phishing e-mail masquerading as a purchase order addressed to a Ukrainian manufacturing organization that deals with raw materials and chemicals. The e-mail containe
During 2022, cyber-attacks are increasing and evolving. The attacks range from simple to complex and both are used by hackers to gain access, cloak their malware and execute their payload or exfiltrate data. Like trained invaders, their attack will begin with reconnaissance. Cyber actors will do their best to uncover exposed assets and probe their target's attack surface for gaps that can be used as future entry points. The first line of defense is to limit the potentially useful information
In the last couple of years, cyber security has become a significant challenge for the maritime industry. Please join Jim McKee for The 2022 SMART4SEA Virtual Forum on a new era of cyberattacks. Every business and every individual can be subject to cyber threats. Cybercrime is a massive business; hackers are very well-organized, and they put a lot of time and effort before launching a cyber-attack. Please join Jim McKee, For Panel 3, https://youtu.be/b3ktJcPjJPE The 2022 SMART4SEA Virtual Forum
The Russian government announced on 04 March 2011 that it will begin to “partially restrict” access to Facebook, according to an announcement from its internet regulatory agency Roskomnadzor. Russia claimed that it would implement the measures, which were not specified after Facebook put its own restrictions on four Russian state-linked media outlets, the television network Zvezda, news agency RIA Novosti, and the websites Lenta.ru and Gazeta.ru.
“On 24 February 2022, Roskomnadzor sent requests
Today, organizations face cyber security incidents across every sector. Data breaches are one of the most prevalent. If we were to define a data breach, it would be, “the intentional or unintentional release of secure information to an untrusted environment” (National Forum on Education Statistics). [1]
A data breach can come from a variety of sources, including:
Last week, Russia blocked access to BBC website and the media outlet resorted to broadcasting news bulletins over shortwave radio in the country. According to a UK media report, the BBC said it was bringing back the WWII-era broadcasting technology in the region, just hours before its sites were banned. "It's often said truth is the first casualty of war. In a conflict where disinformation and propaganda is rife, there is a clear need for factual and independent news people can trust and in a
Link to full report: IR-22-063-001_weekly063.pdf
An army of volunteer hackers is rising up in cyberspace to defend Ukraine, though internet specialists are calling on geeks and other "hacktivists" to stay out of a potentially very dangerous computer war. According to Livia Tibirna, an analyst at the European cyber security firm Sekoia www.sekoia.io, nearly 260,000 people have joined the "IT Army" of volunteer hackers, which was set up at the initiative of Ukraine's digital minister Mykhailo Fedorov.
The group, which can be accessed via the en
As news continues to break about the ongoing crisis in Western Europe, Cyber Security professionals have been busy making sense of the role that presumably planned cyber-attacks have played in the conflict between Russia and Ukraine. A number of Russian cyber-attacks have served as a prelude to a physical invasion of Ukraine. There is a lot of information from the past two months to unpack and new events are continuing to be reported.
A quick review of the cyber events leading up to boots on t
The common definition of Guerrilla Warfare is a form of ‘irregular’ warfare in which small groups of combatants, such as paramilitary personnel, armed civilians, or irregulars, use military tactics including ambushes, sabotage, raids, petty warfare, hit-and-run tactics, and mobility, to fight a larger and less-mobile traditional military. Now enter cyber guerrilla warfare. A Ukrainian cyber guerrilla warfare group is in the process of launching digital sabotage attacks against critical Russian
Japanese auto giant Toyota said it will restart US domestic production today, a day after all of its factories nationwide ground to a halt following a cyberattack at a parts supplier. Production lines will be switched back on at its 14 factories across the US, Toyota said in a statement. Yesterday’s suspension hit output of around 13,000 vehicles, sparking concern about the robustness of cybersecurity in Japan's extensive supply chain.
The issue has emerged as a key area of concern in Japan, w
With geo-political events evolving minute by minute regarding the Russian/Ukraine conflict, cyber security has been pushed to one of the top concerns relating to baniking and business enterprises. Almost every aspect of life, commerce, governments, and military operations are tied directly to cyber activity. Insert the added dimension of private hacking groups getting involved with this new ‘cyber-war,’ only makes the situation even more volatile.
It is common knowledge in the cyber security
