Friday Five 4/29
Russia gets a taste of its own medicine, K-12 schools feeling the brunt of cyberattacks, and much more—catch up on these stories and more in this week’s Friday Five!
1. Zero-day Attacks Surged in 2021, Mandiant Says by Suzanne Smalley
According to findings from both Mandiant Intelligence and Google’s Project Zero, zero-day vulnerabilities and attacks have been on the rise in a big way. According to these sources:
- 2021 accounted for 40% of total zero-day attacks in the past decade
- Mandiant found the number of active zero-days that have been exploited more than doubled the previous record set in 2019
- Google’s Project Zero found the most zero-day exploits in a single year since 2014
Read to find out more about who is likely responsible for the attacks and how organizations can protect themselves against them.
2. Russia Is Being Hacked at an Unprecedented Scale by Matt Burgess
Ukraine’s so-called “IT Army” has made a concerted effort over the past several months to make life as difficult as possible for Russia and its government, and recent reports suggest that they’ve been quite successful. The IT Army and third-party hacktivists have reportedly launched an unprecedented amount of distributed denial of service (DDoS) attacks, ransomware, and other malware attacks in recent months that have made a considerable impact on payment services, government departments, aviation companies, and food delivery services. Here, you can find out more about how these groups are launching their attacks against Russia, how cyber warfare between Ukraine and Russia is evolving, and what the continued attacks could mean for Russia.
3. Creating Cyberattack Resilience in Modern Education Environments by Michael J. Covington
Due to the wealth of data available in K-12 schools’ systems, hackers are increasingly targeting these schools in cyberattacks. In fact, the K12 Security Information Exchange, a national non-profit that helps schools defend against cyberattacks, has tracked more than 1,200 cybersecurity incidents in U.S. public school systems since 2016. Thankfully, despite not always having the budget necessary to combat this growing threat, schools’ IT teams can take specific steps to protect themselves against attacks, including:
- Increasing cybersecurity awareness
- Practicing good security hygiene
- Doing regular checkups on their inventory of assets
- Inspecting network traffic and Internet use
- Preventing unauthorized devices from operating on their networks
- Make their cyber policies easily accessible
4. North Korean Hackers Targeting Journalists with Novel Malware by Bill Toulas
In an effort to obtain highly sensitive information and uncover journalists’ sources, North Korean hacker group APT37 has been distributing a novel malware strain via phishing attacks. After technical analysis, the malware was found to be a successor of “Bluelight,” named “Goldbackdoor.” Here, you can find a rundown of how threat actors successfully infect their targets and how the malware works. For even more detailed information, you can read Stairwell’s technical report of the malware strain.
5. Android Security: We Stopped Billions of Harmful App Downloads, Says Google by Liam Tung
Google has made an effort to improve end user privacy and transparency in recent years beginning with its newly introduced data safety program this past May. Now, in a more targeted effort to combat malware and unwanted software, Google says it has blocked a total of 1.2 million apps from being published to their Play Store and has banned 190,000 bad developer accounts in 2021. In a recent blog post, Google’s Android and Privacy teams noted: “Last year we introduced multiple privacy-focused features, enhanced our protections against bad apps and developers, and improved SDK data safety. In addition, Google Play Protect continues to scan billions of installed apps each day across billions of devices to keep people safe from malware and unwanted software.”