A hacktivist group in Belarus launched a cyberattack on the Belarusian national railway service in late-January, as part of ongoing cyber incidents over the situation in Ukraine. The group, Belarusian Cyber Partisans (BCP), immediately claimed responsibility for the attack, which it said aimed to disrupt the movement of Russian troops and army equipment. Belarus is a close ally of Russia and shares a border with Ukraine. Railway services were disrupted as the attack encrypted servers, workstations and databases. However, it also took ticketing services offline – a consequence that BCP said it did not intend. The group aims to cause disruption to Belarus’s ruling party and any Russian military action.
More than 70 Ukrainian state websites were the subject of huge attacks in January, with several government websites going offline during the incident – including the Ukrainian Foreign Ministry and Ministry and Education and Science sites. State police accused hacker groups associated with Russia. The attacks led to long outages for crucial websites, as well as the defacement of many more. Cybersecurity investigators learned that wiper malware was behind the attack – which has now been named WhisperGate. Researchers said that stolen login credentials gave attackers the initial access to government systems.
Military tensions between Russia and Ukraine could have massive consequences in the cyber world, according to a report. Ukrainian government institutions suffered cyberattacks in late January – confirming that any conflict with Russia will also take place in the cyber world. This has been labelled as ‘hybrid warfare’. Cybersecurity experts are predicting that attacks of Russian origin will continue, and possibly increase in volume. They also warned other NATO countries will probably be the target in any subsequent attacks, with Russian hacker gangs all but encouraged to go after companies, institutions and critical infrastructure in western countries.
Companies are in the final stages of 2022 budget planning and cybersecurity is top of their priorities. While, traditionally, IT departments may have struggled to fight for their slice of the budget, the cybersecurity landscape is now different. Directors are well aware of the dangers of ransomware attacks, including huge financial losses and public reputational damage. CPO Magazine reports that the average cost of a ransomware attack more-than-doubled in 2021, from $761,000 to a hefty $1.8 million. It’s now more critical than ever to budget for cybersecurity, saving your company money in the long run.
In December, a vulnerability in the open-source Apache logging framework Log4j led to security teams across the globe rushing to secure and patch their systems. Log4j is so widely-used that Jen Easterly, director at the Cybersecurity and Infrastructure Security Agency, called it the most serious security flaw she’d seen in her career, warning that businesses everywhere should make securing their systems against the vulnerability an urgent priority. As Log4j is an embedded Java logging library present in thousands of software products, security teams must write their own patches. The flaw, named Log4Shell, allows malicious Java code to be logged, granting bad actors access to the system in question. Significant attacks taking advantage of the vulnerability have been seen already, with ransomware gang NightSky targeting companies through VMWare Horizon systems, which use the Log4j framework. There have been reports of ransom demands of up to $800,000, demonstrating how severe the damage could be if left unpatched.
We are using more technology than ever. That’s especially true for corporates, with connected servers, databases, and services key to business in 2022 – and attackers know this. Ransomware attacks have skyrocketed, with businesses acutely aware of the constant threat of leaked passwords and security vulnerabilities. Omnichannel retail also needs to take extra care, with attackers looking to exploit the massive number of APIs companies use to connect their omnichannel services. When attackers know that one successful hack can infect thousands of systems down the line, the stakes are high – and companies should take extreme precautions, segmenting networks and decentralising passwords as a high priority.
