CyberSecurity Knuggets

Oct 18, 2024

I just heard some concerning news about Russia’s GRU intelligence agency recruiting cybercriminals to support its war effort in Ukraine. Evidence suggests that Russia’s strategy to harness cybercriminal resources has evolved, with direct acquisition of people from the criminal talent pool. This is a worrisome development, as it indicates a more deliberate and structured recruitment of criminals into Russia’s war effort. Additionally, the US government issued an advisory warning that Russian military intelligence has expanded their tradecraft to include offensive cyber operations and are recruiting cyber criminals to conduct their operations.

In other news, there are reports of malicious cyber actors experimenting with AI, but so far, they have not found a way to use the technology to scale and accelerate their activities. However, it’s important to note that the potential for malicious use of AI should not be underestimated, and vigilance is necessary to prevent any future misuse of AI by cybercriminals.

Furthermore, the new Australian cyber security legislation, while a step in the right direction, is still overdue. The legislation will introduce world-first reporting obligations for companies regarding ransomware incidents and payments, as well as impose security standards on smart devices and establish a Cyber Incident Review Board. These initiatives are commendable, but it’s alarming that it has taken until 2024 to reach this stage.

Lastly, US prosecutors have charged two Sudanese brothers with running one of the most prolific and expansive cyberattack-for-hire gangs, responsible for a stunning 35,000 denial-of-service attacks in a single year, including targeting a hospital in the United States. This highlights the ongoing threat posed by cybercriminals and the need for robust measures to combat cyberattacks. Overall, these developments underscore the urgent need for enhanced cybersecurity measures and international cooperation to address these evolving threats.

Stay Well!

summy
summy