The best cyber story of March 2022
Russia-Ukraine war continues in cyberspace
After Russia’s invasion of Ukraine, armed conflict intensified until March, when there were reports of multiple cyber-attacks linked to the war. It was not just attacks on Ukrainian and Russian websites. Cyber incidents spread to allies on both sides. See examples here and here. Even anonymous activist hackers have been drawn into cyberwarfare after promising to target Russian infrastructure.
In addition to attackers lined up on each side, cybercriminals use phishing emails to take advantage of global interests in the war, in a characteristic fashion.
The state government network has been compromised
A study published by the cybersecurity firm Mandiant indicates that a state-sponsored Chinese hacking group has infiltrated and compromised the networks of six US state governments. The group, APT41, has leveraged vulnerabilities in accessing web applications. The attack took place between May 2021 and February 2022 This is not the first time that APT41 has been touted as a powerful cyber security threat
The Chinese government has denied any involvement with the group, including APT41.
Attack on Israeli government website
Israel’s communications ministry says a widespread DDoS cyber attack has hit their websites. The bomber struck shortly after noon in front of a crowd of 2,000 people, including at the Ministry of Interior, Health, Justice and Welfare, as well as the Prime Minister’s Office. The service is finally restored.
The Israeli government has not blamed any particular group for the attack. In the past, Israel has reportedly carried out cyber attacks targeting Iran-backed hacking groups.
The EU proposes a cyber security regulation
The European Commission has drafted proposed rules for managing cyber risks across EU agencies. Referred to as the Cybersecurity Regulation and the Information Security Regulation, the rules seek to create a cyber security board that will oversee the implementation of the rules.
Under the rules, each EU organization, agency, office and organization must create a roadmap to strengthen their cyber security, conduct regular assessments and share incident details.
SEC offers cybersecurity disclosure
The US Securities and Exchange Commission has proposed new rules requiring public companies to disclose cyber security information. The proposed rules are designed to give investors insight into a company’s incident reporting and safety practices. The new rules will extend the guidelines issued in 2011 and 2018, which regulate the obligation to disclose on cyber incidents and risks.