Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, learn about Trend Micro’s findings of the most significant security issues from 2021. Also, read about why, despite significant vulnerabilities, a devastating cyberattack in the US from Russia is unlikely.
Read on:
Navigating New Frontiers: Trend Micro 2021 Annual Cybersecurity Report
Trend Micro looks back at the most significant security issues that emerged in 2021, with insights and recommendations to help organizations bolster their defenses. The digital migrations and transformations that had enabled organizations to continue their operations amid the Covid-19 pandemic continued to usher in significant shifts in the threat landscape in 2021.
US Has 'Significant' Cyber Vulnerabilities, But A Sweeping Russian Cyberattack Is Unlikely
Even as the Russian army drops bombs and mortar shells on civilians in hospitals and neighborhoods and its invasion of Ukraine nears its fourth week, no known nightmare cyber scenario – a widespread power outage, a poisoned water system, a crippled supply chain – has come to pass in Ukraine, the US or elsewhere. The general consensus among the nearly 20 experts who spoke with CNN is that while Russia is well positioned to launch catastrophic cyberattacks on the US, it is not likely to do so.
New RURansom Wiper Targets Russia
Trend Micro analyzes RURansom, a malware variant discovered to be targeting Russia. Originally suspected to be a ransomware because of its name, analysis reveals RURansom to be a wiper due to its irreversible destruction of encrypted files.
Ukraine Secret Service Arrests Hacker Helping Russian Invaders
The Security Service of Ukraine (SBU) said it has detained a "hacker" who offered technical assistance to the invading Russian troops by providing mobile communication services inside the Ukrainian territory.
New Nokoyawa Ransomware Possibly Related to Hive
In March 2022, Trend Micro came across evidence that another, relatively unknown, ransomware known as Nokoyawa is likely connected with Hive, as the two families share some striking similarities in their attack chain, from the tools used to the order in which they execute various steps.
Russian Cyclops Blink Botnet Launches Assault Against Asus Routers
The Cyclops Blink botnet is now targeting Asus routers in a new wave of cyberattacks. Cyclops Blink, a modular botnet, is suspected of being the creation of Sandworm/Voodoo Bear, a Russian advanced persistent threat (APT) group.
Will Russian Oil Ban Spur Increased Cyber-Attacks
President Biden banned the sale of Russian oil to the United States to deprive the Putin regime of the economic resources needed to wage war. But this may put US companies in the firing line of cyber-attacks from the east.
New Ransomware Lokilocker Bundles Destructive Wiping Component
A new ransomware operation dubbed LokiLocker has slowly been gaining traction since August among cybercriminals, researchers warn. The malicious program uses a relatively rare code obfuscation technique and includes a file wiper component that attackers could use against non-compliant victims.
Utility Cybersecurity: How Cyber Awareness Can Reduce Future Risk
The electric utility industry is one of the most critical infrastructure industries that highly affects people’s lives and economic activities. The power grids connect the systems of power generation, substation, transmission, and distribution over a wide area. They are going modernized and under threat from nation-state attacks.
Facebook Removes ‘Deepfake’ Of Ukrainian President Zelenskyy
Meta removed a deepfake video of Ukrainian President Volodymyr Zelenskyy issuing a statement that he never made, asking Ukrainians to “lay down arms.” The deepfake appears to have been first broadcasted on a Ukrainian news website for TV24 after an alleged hack. The video shows an edited Zelenskyy speaking behind a podium declaring that Ukraine has “decided to return Donbas” to Russia and that his nation’s war efforts had failed.
Oil & Gas Cybersecurity: Stop Critical Operation Cyber-attacks
Trend Micro has released a technical report on how the oil and gas industry can gain situational awareness across OT, IT and CT. The ransomware attack on the Colonial Pipeline in May 2021 had a huge impact on the industry. In February 2022, it was also reported that European oil facilities hit by cyber-attack and forced to operate at limited capacity. These latest incidents suggest that oil and gas supply process depend on IT systems, and that the critical operations could be disrupted by IT not working due to cyber-attack.
Cyclops Blink Sets Sights on Asus Routers
This report discusses the technical capabilities of this Cyclops Blink malware variant that targets ASUS routers and includes a list of more than 150 current and historical command-and-control (C&C) servers of the Cyclops Blink botnet.
In collaboration with the Cybersecurity Program of OAS/CICTE, we examine the cybersecurity challenges affecting member states of the OAS. These issues include ransomware and active attacks, threats related to remote work, and the risks brought about by the adoption of new technologies.
What did you find most surprising from Trend Micro’s 2021 Annual Cybersecurity Report? Tweet me on Twitter to continue the conversation: @JonLClay.