Five Eyes Warn Of Russian Cyber Attacks

The Five Eyes Intelligence Alliance, which is made up of agencies from the US, Britain, Australia, Canada and New Zealand, has said Russia could launch the attacks as a response to sanctions imposed following its invasion of Ukraine. It said the war could expose organisations everywhere to cyber crime.

Critical infrastructure organisations across Britain have been urged to ramp up their cyber security defences as they face a heightened risk of Russian state-sponsored cyber attacks. Organisations around  the world have also been warned of the potential threat of Russian cyberattacks.

According to the alert, "evolving intelligence" suggests hackers within the Russian government are seeking to engage in "malicious cyber activity" in response to the "unprecedented economic sanctions" imposed on Russia following its invasion of Ukraine. There is also concern that hackers are targeting critical infrastructure in countries that have provided “materiel support” to Ukrainian forces.

There are also risks posed by numerous cybercrime groups who have pledged their support to Russia. Some groups have also threatened to conduct cyber operations against countries and organisations providing materiel support to Ukraine, while other groups have conducted disruptive attacks against Ukrainian websites as well. 

Among the identified cyber crime groups that have aligned with the Russian government include Primitive Bear and Venomous Bear, which have been identified as cyber threat groups of Russian origin that have not previously been directly connected to the Russian government.

In response to the increased risk, the Five Eyes alert outlines a number of immediate actions critical infrastructure organisations can take to “prepare for and mitigate potential cyber threats”.

The British government minister responsible for cyber security, Steve Barclay, the told The Daily Telegraph newspaper  "Cyber attacks recognise no physical or geographical boundary and it has never been more important to plan and invest in cyber resilience." 

Speaking on Irish TV,  Pat Moran, Cybersecurity Leader at PwC said although there have been no significant cyber attacks to date, the situation is now extremely dangerous. "We have seen the Conti Russian criminal gang, who we know from the HSE attacks last year, have already gone public and said they will attack the critical infrastructure of any country who gets in the way of what Russia is trying to do... So this is quite a worrying area for the world." 

If these cyberattacks do take place, Moran said they will be focused on critical infrastructure. "The concentration will be on areas where organisations and individuals are depending on critical services - so some examples of that would be water, energy and transportation.. These are particular areas where Governments across the world are helping organisations to make sure their defence mechanisms are robust and resilient enough to sustain an attack." 

A recent PwC report on Economic Fraud & Crime reveals that almost half of businesses have reported experiencing fraud or financial crime over the last two years.

PwC surveyed 1,296 business leaders from across 53 countries and found that 70% of the organisations that experienced new incidents of fraud said it was as a result of Covid-19 disruptions. The survey shows that nearly two-thirds of tech, media and telecommunications businesses have experienced some form of fraud over the last two years - the highest incidence of any industry. The report also reveals a reveals a rise in supply chain fraud.

According to the findings, larger companies are at greater risk for fraud, with nearly 20% of such companies experiencing fraud costing over $50 million. In this year's survey results, cyber crime came in ahead of customer fraud, the most common global crime in 2020, by a substantial margin.

PWC:      Reuters:   Bloomberg:     RTE:    Hacker News:    Independent:      Telegraph:     ZDNet:    

You Might Also Read: 

Cyber Criminals Volunteer For War In Ukraine:

 

« Improve Your Password Security
Predictive Analytics Are The Future For Cyber Security »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Advanced Software Products Group (ASPG)

Advanced Software Products Group (ASPG)

ASPG offers a wide range of innovative mainframe software solutions for Data Security, Access Management, System Management and CICS productivity.

Sikur

Sikur

Sikur have developed a communication platform that sets new boundaries for corporate privacy and security.

Database Cyber Security Guard

Database Cyber Security Guard

Database Cyber Security Guard (aka Don't Be Breached) informs Security Professionals and DBAs of Zero Day, Ransomware and Data Breach attacks within milli-seconds

CARICERT

CARICERT

CARICERT is the National Cyber Emergency Response Team of Curacao in the Caribbean.

Extreme Protocol Solutions (EPS)

Extreme Protocol Solutions (EPS)

Extreme Protocol Solutions is an industry leading Data Sanitization Software, Hardware and Onsite Service Provider.

Utility Cyber Security Forum

Utility Cyber Security Forum

The Utility Cyber Security Forum offers a focused venue in which utility executives can network one-on-one with colleagues facing issues in protecting against cyber attacks.

Cyber Coaching

Cyber Coaching

Cyber Coaching is a community for enhancing technical cyber skills, through unofficial certification training, cyber mentorship, and personalised occupational transition programs.

Cynomi

Cynomi

Cynomi is a leading strategic cybersecurity operations platform that automates cybersecurity knowledge and expertise to empower teams with little to no in-house expertise.

Delinea

Delinea

Delinea is a leading provider of cloud-ready privileged access management (PAM) solutions that empower cybersecurity for the modern, hybrid enterprise.

Rocky Mountain Cybersecurity

Rocky Mountain Cybersecurity

Rocky Mountain Cybersecurity's mission is to provide value by dramatically improving the cybersecurity posture of our clients and business partners.

Randaemon

Randaemon

RANDAEMON’s mission is to create True Random Number Generators (TRNG) that are hardware-based and integrated into System-on-Chip.

CyberMaxx

CyberMaxx

At CyberMaxx, our approach to cybersecurity provides end-to-end coverage for our customers – we use offense to fuel defense.

Certera

Certera

Certera is a modern and affordable SSL Certificate, Code Signing Certificate, and Cyber Security Services provider.

Virtual IT Group (VITG)

Virtual IT Group (VITG)

VITG is a cyber security-focused Managed Service Provider (MSP).

Corgea

Corgea

Corgea is AI-powered security platform that finds, triages and fixes your insecure code.

Straiker

Straiker

Straiker's AI-native security platform is designed to protect enterprise AI applications and autonomous agents from evolving threats through automated assessment and runtime guardrails.