A cyber warning on the second anniversary of Russia’s invasion of Ukraine, and more LockBit news
Welcome to Cyber Security Today. It’s Friday, February 23rd, 2024. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the U.S.
 |
 |
 |
Saturday will mark the second anniversary of Russia’s invasion of Ukraine. Russia may mark the day in several ways, one of which may be by launching or approving the launching of cyber attacks against countries that support Ukraine. So Canada’s Communications Security Establishment — the government’s cybersecurity and electronic spy agency — is urging IT departments to be vigilant. That’s especially true for critical infrastructure providers. Possible activity ranges from defacing websites and denial of service attacks to doing really nasty things. Now’s the time to make sure the cybersecurity basics are in place like making sure essential systems aren’t open to the internet and being prepared for denial of service attacks.
Following on this week’s international disruption of the LockBit ransomware gang, the U.S. State Department is offering up to US$15 million for information leading to the arrest and/or conviction of gang leaders and affiliates. Some 200 cryptocurrency accounts linked to the gang have been frozen as well as 14,000 accounts on email and file hosting providers. According to one report, law enforcement was able to infiltrate LockBit’s IT infrastructure by exploiting an unpatched vulnerability.
Earlier this week ConnectWise warned users of its ScreenConnect application to apply an update immediately. Some weren’t fast enough. Researchers at Sophos say some organizations have been hacked this week through ScreenConnect and suffered malware attacks including the installation of LockBit ransomware — possibly by gang affiliates.
Later today my Week in Review podcast will be out. Among other things guest commentator Terry Cutler of Cyology Labs will talk about how badly LockBit has been hurt.
The U.S. Cybersecurity and Infrastructure Security Agency has issued advice on how to secure water utilities. This comes after reports last December that an Iran-linked hacking group was targeting and compromising water and wastewater processing plants through vulnerabilities in a programmable logic controller. The CISA report recommends eight actions for utilities that come under cybersecurity 101. They include conducting a thorough inventory of all IT and OT assets; limiting the exposure IT or OT systems to the internet like controllers and remote terminal units; changing the default passwords of any hardware and software; and conducting regular cybersecurity assessments.
Finally, the U.S. Federal Trade Commission will order software provider Avast to pay US$16.5 million and forbid the company from selling or licencing web browsing data for advertising to settle allegations the company sold data to third parties after promising its products would protect consumers from online tracking. The FTC says Avast collected consumer data through its antivirus software and browser extensions and sold it without adequate notice or consumer consent.
A reminder to watch for the Week in Review podcast later today with lively commentary on some of the week’s news.
Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.