Cyberspace transforms by the minute, and a key player in changing the cybersecurity landscape is the phishing attacks that happen every day. Following are the significant hacks, cyber developments, and updates this week:
FBI Warns Local Government Agencies of Ransomware Attacks
In its recent Private Industry Notification (PIN), the Federal Bureau of Investigation (FBI) warned local government entities of possible ransomware attacks. Ransomware attacks on local governments have increased because the sector is known for managing critical public services such as education and other emergency services. These local government entities are the second most frequently targeted group after academia and cause financial loss and risk to public safety.
According to the FBI, in 2021, the smaller counties and municipalities were the primary local government agencies targeted by ransomware. The agency noted that these counties are targeted because of their limited access to cybersecurity resources and possible budget constraints. Another independently-conducted survey revealed that local governments could not tackle ransomware attacks and recover systems from backups which compels them to pay the demanded ransom to regain access to their data.
Towards the end of the PIN, the FBI predicted that the ransomware attacks targeting the local US government agencies would probably continue due to the evolving malware deployment strategies among adversaries.
Cyberattacker to Get Sentenced Ten Years After Committing Crime
Law enforcement recently arrested a 57-year old former resident of California – Christopher Doyon, who had attacked the California County’s website over a decade ago. Doyon had initially pleaded not guilty to being involved in the DDoS attack on 16th December 2010 and had fled the country. He was indicted on 21st September 2011 for attempting to compromise the protected computer network of Santa Cruz County.
Doyon’s attack reportedly cost the Santa Cruz County officials damage of $4060. Known as Commander X, Doyon was first arrested in 2011 and eventually released on a $35,000 bond. However, he failed to appear for a federal court hearing in February 2012. Nine years after this episode, the county’s immigration authorities finally arrested Doyon on 11th June 2021. He was deported to the US and handed over to the FBI on 12th June 2021 – proving that cybersecurity laws cannot be messed with after all!
Recently, Doyon appeared before the district judge Beth Labson Freeman and pleaded guilty to being involved in the attack mentioned above, along with several other cyberattacks against servers in Orlando, Florida, in 2011. He is to be served a 15-year custodial term on 28th June 2022.
WhiteSource Releases Free CLI Tool For Spring4Shell Vulnerability
WhiteSource recently launched a free command-line interface (CLI) tool called the WhiteSource Spring4Shell Detect, which helps to detect vulnerable open source libraries for Spring4Shell (dubbed CVE-2022-22965). The CVE-2022-22965 exists in Spring – a popular open-source framework for Java applications. While details about this vulnerability are not yet out, it has a severity score of 9.8, and reportedly its impact is similar to Log4j.
WhiteSource’s new CLI tool is available on GitHub and helps developers locate the vulnerabilities and directs them to suitable cybersecurity solutions for speedy remediation. WhiteSource CEO – Rami Sass advises cybersecurity teams and organizations to view the Spring4Shell vulnerability with the same urgency as the Log4j vulnerability. WhiteSource recommends organizations use its free detection tool to look through their application list to detect all instances of CVE-2022-22965. It further instructs organizations to update their Spring Framework to the latest version to get the latest patches.
Australian Home Affairs Dept Works On National Data Security Action Plan
The Australian Department of Home Affairs is working on the new national data security action plan introduced as part of the government’s digital economy strategy. Home Affairs Minister Karen Andrews claims that the action plan aims to protect citizens’ data from adversaries. This action plan would add to the Morrison government’s vision of ensuring the security of Australians’ data against data theft, hacks, and ransomware attacks.
The Home Affairs department released its intentions regarding the plan, which includes establishing data security settings and mandates for individuals, businesses, and governments. These cybersecurity mandates would focus on accountability, security, and control. The Home Affairs Department has put up some parts of the action plan for public consultation. The inputs of businesses and state and territory governments seek to improve the nation’s data security.
Ukraine’s SSSCIP Warns of Telegram Account Hacks
The State Service of Special Communication and Information Protection (SSSCIP) of Ukraine has warned of a new wave of cyberattacks trying to compromise users’ Telegram accounts. Attackers send messages with malicious links to users, which redirects them to a fake Telegram website and tries to gain access to their accounts and a one-time password that comes as an SMS. Falling under a threat cluster called “UAC-0094,” these Telegram attacks initially notify users of a suspicious login from a new device in Russia and urges users to verify their accounts by clicking on the given link.
The URL leads users to the phished website, which aims to steal their login credentials. This attack represents the strategy involved in a recent Telegram scam targeting Indian users. Thus, the SSSCIP advises Ukrainian Telegram users to reason if such a phishing link reaches them and recommends adopting ransomware protection measures for security.
Australian Government to Dedicate $9.9 Billion To Enhance Cyber Defense Capabilities
In its 2022-23 financial budget, the Australian government has revealed its plans of investing $9.9 billion in strengthening the country’s offensive and defensive cyber capabilities. The funding shall be released over the next decade, wherein the Australian Signals Directorate (ASD) shall first receive an initial fund of $4.2 billion in the coming four years. This is the most significant cybersecurity investment in Australia’s history, and the funding pledge has been dubbed REDSPICE, which stands for ‘Resilience, Effects, Defense, Space, Intelligence, Cyber, and Enablers.’
Australia’s foreign signals intelligence and security agency, the Australian Signals Directorate (ASD), will receive the funding over the next decade, with the first $4.2bn to be spent in the next four years. The funding is expected to help the ASD keep up with advancements in cyberattacks and ensure a secure Indo-Pacific region. The latest funding shall enable the ASD to expand its size and cyber offense capabilities. It shall also add next-generation artificial intelligence and data science capabilities to the nation’s cybersecurity milieu.
While ASD already has 2300 employees at the moment, the REDSPICE program shall create 1900 more job opportunities. These will include positions for corporate staff, software engineers, data analysts, computer programmers, and other technologists. While the program is futuristic in itself, the opposition doubts its ability to fill all the new vacancies given the nation’s already stretched cybersecurity talent market.