Latest Cybersecurity News 2022-02-28 Edition

Follow ISA Cybersecurity on LinkedIn for the latest cybersecurity news

Weekly CyberTip: Be Wary of Ukrainian Relief Scams

Criminals have wasted no time in trying to capitalize on Russia’s invasion of Ukraine. Frauds are popping up via text, phone, email, and social media looking to play on people’s emotions and concern about the situation. If you are interested in supporting Ukraine, maintain a cautious skepticism before clicking any links, be sure to verify any website carefully before entering your personal or financial information. The Globe & Mail has prepared a vetted list of Ukrainian relief websites at https://www.theglobeandmail.com/world/article-how-to-help-ukraine-canada.

Ukraine government takes to Twitter to recruit cyber army

On February 26, Ukraine’s Minister for Digital Transformation Mykhaylo Fedorov announced that Ukraine is seeking “digital talents” for a volunteer “IT Army” of security researchers and hackers to conduct cyber campaigns against Russia.

“There will be tasks for everyone. We continue to fight on the cyber front. The first task is on the channel for cyber specialists,” continued Fedorov, referring to a channel for the IT Army on the Telegram messaging app. The channel subsequently posted a list of 31 Russian cyber targets, including government agencies and systems, critical infrastructure, financial institutions, and Russia’s leading search engine and email portal, Yandex.

U.S. Cybersecurity and Infrastructure Security Agency (CISA)

U.S. government launches “Shields Up” website

Preparing for the potential threat of retaliatory cyber attacks from Russia, the Cybersecurity and Infrastructure Security Agency (CISA) has created a “Shields Up” portal of cyber defense resources and information.

Launched in early February 2022, the Shields Up portal encourages all organizations — regardless of size — to “adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets”.

Emphasizing defense and resilience, the portal presents a catalog of free services from American government partners and industry, along with a list of recommendations to help defend against potentially damaging cyber attack. The portal also references CISA’s February 26 advisory warning organizations about the current heightened threat:

“In the wake of continued denial of service and destructive malware attacks affecting Ukraine and other countries in the region, we are working very closely with our Joint Cyber Defense Collaborative (JCDC) and international computer emergency readiness team (CERT) partners to understand and rapidly share information on these ongoing malicious cyber activities,” according to the CISA statement.

Also on February 26, CISA issued an alert highlighting some of the key cyber threats being employed by Russia against Ukraine.

graphic chip, security, data

Graphics chip maker Nvidia investigating potential cyber attack

As first reported by The Telegraph, chip maker Nvidia has been affected by a cyber attack on the company’s developer tools and email systems. The two-day long attack was caused by a malicious network intrusion.

“We are investigating an incident. Our business and commercial activities continue uninterrupted. We are still working to evaluate the nature and scope of the event and don’t have any additional information to share at this time,” according to a statement from Nvidia.

South American ransomware group Lapsus$ claims they breached and stole 1TB of data from Nvidia’s network, and posted what they claim to be password hashes for all Nvidia employees. The group also claims that it is planning to leak data about the GeForce RTX computing platform and their GPU graphic cards. Given the volume of information allegedly exfiltrated, Lapsus$ plans to leak the data in five different releases.

In a twist, Lapsus$ also tweeted that Nvidia reportedly launched their own retaliatory cyber attack at the hackers, breaching the ransomware group’s system and encrypting their data in return. Ironically indignant that they had been hacked, Lapsus$ posted that they have restored their data from backup.

None of the claims made by Lapsus$ has been officially confirmed.

Lapsus$ group first made headlines in December 2021 following a ransomware attack on websites owned by Brazil’s Ministry of Health, stealing and deleting an estimated 50TB of data. Lapsus$ also hacked Impresa, the largest media conglomerate in Portugal in early January 2022.

 

NEWSLETTER

Get exclusively curated cyber insights and news in your inbox

Related Posts

Contact Us Today

SUBSCRIBE

Get monthly proprietary, curated updates on the latest cyber news.