Cyber ​​Week in Review: March 11, 2022

Internet companies announce their exit from Russia

While major Western tech companies such as Apple, Google and HP have ceased operations in Russia, Chinese firms have largely chosen to stay, seizing the opportunity to grow market share. Visa and MasterCard announced a suspension of services in Russia, leading major Russian banks to partner with China’s UnionPay payment system for card transactions. The few Chinese companies that have opted out of the Russian market have faced backlash from the public. Two Internet backbone service providers, Cogent Communications and Lumen, announced that they would also stop providing business and consumer services in Russia. Cogent and Lumen provide internet services to some of Russia’s biggest internet companies, including search engine Yandex and state-backed telecommunications giant Rostelecom, and are essential for data transfers between Russia and other country. Companies that remain in Russia face additional risks, as the US Commerce Secretary warned on Tuesday that companies exporting in defiance of Russia sanctions could be cut off from US equipment and software.

Mandiant Releases Report Detailing APT41 Targeting of US State Governments

Chinese cyber threat group APT41 has carried out an extensive campaign targeting the networks of at least six U.S. state governments, according to a report released Tuesday by cybersecurity firm Mandiant. For more than a year, APT41 exploited Internet-accessible web applications, taking advantage of a zero-day vulnerability in the USAHerds application used by many state governments. The report notes that the campaign appears to be a spy operation, but Mandiant declined to provide a definitive assessment of APT41’s goals. In the past, APT41 has targeted organizations in the healthcare, education, media, and telecommunications sectors with espionage and cybercrime operations, leading the United States Department of Justice to bring charges against five members of the group in 2019 and 2020.

Conti ransomware group faces its own hack as internal chat logs leak

Safer:

cyber security

Russia

Cryptocurrencies and Blockchain Technology

China

Following Conti’s public statement of support for Russia’s invasion of Ukraine, thousands of internal group chats were released by a Twitter account known as ContiLeaks. The leaked messages provide insight into the group’s operations, revealing previously unreported victims and hundreds of bitcoin addresses that can be used to track the organization’s past attacks. The leaks also reveal internal tensions within the group, which employs both Russian and Ukrainian subsidiaries. Although there is some disagreement over the identity of the backer, many experts believe it is a Ukrainian security researcher angered by Conti’s choice to back Russia. Following the leaks, Conti was forced to temporarily shut down and wipe its servers, giving many hopes the band was in decline. Nonetheless, experts say Conti has already bounced back, successfully carrying out attacks on US companies just ten days after the initial leak.

The US Department of Homeland Security accused of a massive surveillance campaign

The Department of Homeland Security monitored millions of peer-to-peer financial transfers in the United States and Mexico, according to a letter released Tuesday by Sen. Ron Wyden (D-OR). Wyden and the American Civil Liberties Union criticized the program, calling it unconstitutional and a violation of privacy. The surveillance program, which began in 2019 and ran until January 2022, collected six million records of money transfers between Arizona, California, New Mexico, Texas and Mexico. Federal, state and local law enforcement all had access to the records. The disclosure follows past revelations about financial surveillance in the United States, such as a secret program launched under the Bush administration that gave officials access to an international database of records of financial transactions involving thousands of Americans.

President Biden signs new executive order regulating cryptocurrencies

President Joe Biden on Wednesday announced a new executive order targeting cryptocurrencies. The order gives federal agencies six months to study the impact of cryptocurrencies on the economy and the environment. The Justice Department has also been asked to explore the creation of a digital dollar and whether it would require Congress to pass legislation. Many cryptocurrency companies hailed the executive order as a victory, but cryptocurrency skeptics said the order was a step in the wrong direction and would thwart attempts to stop the use of cryptocurrencies. currencies in crime. Cryptocurrency has become a major focus of US financial regulators and prosecutors, and US authorities have unveiled a number of charges over the past week related to cryptocurrency theft.

Safer:

cyber security

Russia

Cryptocurrencies and Blockchain Technology

China