Friday Five 4/22
The thwarting of an underwater cyber attack, a growing cyber threat to critical infrastructure, and phishing attacks leveraging… LinkedIn? Catch up on these stories and more with this week’s Friday Five!
1. FEDS DISRUPT CYBERATTACK AIMED AT PACIFIC COMMUNICATIONS BY DEVON WARREN-KACHELEIN
Homeland Security Investigation agents stopped an attack this past week aimed at a submarine cable that provides Hawaii and several Pacific countries with phone and internet services. Despite being able to collect credentials that allowed the bad actors to gain access to the systems, officials successfully interrupted the attack before significant damage was done. "If the attack had succeeded, there may have been significant disruption to not only the Hawaiian population but the critical military installations we have there - Pearl Harbor, for example…” said Mike Hamilton, former CISO for the city of Seattle.
2. US AND ALLIES WARN OF RUSSIAN HACKING THREAT TO CRITICAL INFRASTRUCTURE BY SERGIU GATLAN
This past week, a joint cybersecurity advisory made up of Five Eyes authorities from the U.S., Australia, Canada, New Zealand, and the U.K. warned critical infrastructure organizations to remain on high alert of a growing presence of Russian-aligned and state-backed hacking operations. The Five Eyes cybersecurity agencies specifically warned these organizations of several possible cyber threats including ransomware, other malware, DDoS attacks, and cyber espionage, urging security leaders to bolster their defenses in preparation.
3. PHISHING EMAILS TARGETING LINKEDIN ACCOUNTS ARE ON THE RISE. HERE’S WHAT TO WATCH OUT FOR BY DANNY PALMER
According to Check Point Research’s most recent Brand Phishing Report, over half of phishing attacks in Q1 of 2022 have attempted to leverage LinkedIn in attempts to steal sensitive login information. According to Omer Dembinsky, data research group manager at Check Point Software, "these phishing attempts are attacks of opportunity, plain and simple. Criminal groups orchestrate these phishing attempts on a grand scale, with a view to getting as many people to part with their personal data as possible.” This article from ZDNet sheds a bit of light on what to look for in a phishing email and how LinkedIn suggests protecting yourself against them.
4. IN A FIRST, TREASURY DEPARTMENT SANCTIONS MAJOR CRYPTOCURRENCY MINING FIRM BY TONYA RILEY
In order to combat the evasion of recent sanctions imposed against Russia, the U.S. Department of the Treasury sanctioned major cryptocurrency mining company BitRiver for helping to facilitate such evasion. This marks the department’s first sanctions against a crypto mining company and is widely viewed as a significant first step in cracking down against such technology being used for illegal means. A recent Treasury release stated, “The United States is committed to ensuring that no asset, no matter how complex, becomes a mechanism for the Putin regime to offset the impact of sanctions.” Meanwhile, BitRiver’s founder and CEO, Igor Runets, has denied any involvement with the Russian government or any others currently sanctioned by the U.S.
5. IT WAS A GOOD MONTH FOR FIGHTING CYBERCRIME. DON’T GET COMFORTABLE BY LILY HAY NEWMAN
While this past month has seen some big victories when it comes to cybercrime, including the takedown of Hydra and RaidForums, the disruption of ZLoader botnet, and a crackdown on crypto mining firms like BitRiver, Lily Hay Newman urges everyone not to get too comfortable with all of the latest success. She discusses why cybercrime is an ever-present threat and why it will likely continue to trend in the wrong direction before things get better.