Cyber Bulletin 001


butterflies SVG



Cyber Bulletin 001


At Clevyr, for the security of ourselves and others, we actively monitor the state of cyber security both within our own environments and around the world. With the current status quo being of high concern, we’re releasing this bulletin which contains some of our most considerable concerns and suggestions.

As this circumstance evolves, we will continue to update these considerations in new bulletins, and adjust our plans of action accordingly.

The War in Ukraine

Considerations

The war in Ukraine has already seen multiple cyber incidents. Namely, DDoS attacks on Ukrainian government websites by non-state, “patriotic hackers”, HermeticWiper (a data-wiping malware), HermeticWizard (a worm that spreads HermeticWiper across a LAN via SMB), HermeticRansom (a data-extortion ransom written in Go), WhisperGate (another data-wiper), and covert disinformation campaigns by Belarusian hacking group UNC1151. The U.S. Intelligence Community has shown concerns that these cyberattacks have the potential to spill over into other countries, especially those who impose sanctions and assist Ukraine.

Ransomware

  • NSA, FBI, and cyber security researchers are monitoring known Russian threat actors for potential ransomware attacks. The worry is that the overall cost of war combined with international sanctions will motivate these groups to generate profit and cause disruptions.

  • In 2017, the Russian military conducted a faux ransomware attack against Ukraine, which unintentionally spread outside of the intended target and impacted numerous other companies around the world. The total damage of the attack was estimated at upwards of $10 billion.

CISA, in alliance with the FBI, has stated that they have cyber teams in a majority of states that can be on-site “within an hour” to help remediate and investigate ransomware attacks.

Copycat effect

  • The U.S. Intelligence Community has shared concerns that other adversaries and APT groups will use the cyberwar in Ukraine to launch attacks while eyes are on Russia and Ukraine. This is a common occurrence in high-profile murder cases where one incident spurs instances of similar attacks. This effect has been shown to be applicable in the cyber domain as well.

Cryptocurrency

Safeguards

Considerations

The Cybersecurity & Infrastructure Security Agency (CISA) recently launched an initiative dubbed SHIELDS UP to help harden organizations. Below are some of their recommendations for a heightened security posture. While these controls may seem trivial or common-sense, now is the time to verify that all of your accounts, systems, and behaviors are using these standards.

Yourself and Your family

  • Implement multi-factor authentication on all of your accounts.
  • Update the software on all of your devices.
  • Think before you click (and before you share).
  • Use strong, unique passwords and a password manager (no dictionary words).

Corporate Leaders and CEOs

  • Empower Chief Information Security Officers.
  • Lower Reporting Thresholds.
  • Participate in a Test of Response Plans.
  • Focus on Continuity.
  • Plan for the Worst.

Closing

Cyber is a team sport

While these types of bulletins and the universal worry of cyber attacks can be daunting, it’s worth noting that we are dealing with zero existing attacks and are in close partnership with industry-leading security companies and organizations. This does not mean we should let our guard down. On the contrary, we should have our SHIELDS UP. If you see something, say something. Cyber is a team sport. We’re all the “security team”. We will all be stronger and more resilient at the end of this.

The operations team monitors and tests our environments every day and will continue to do so long after this situation.

If you have any questions or concerns, please feel free to reach out to the Operations team or our Chief Officers.





Make Something Worthwhile!

Join Our Team
support-chat SVG