Five Eyes Warn Of Russian Cyber Attacks

The Five Eyes Intelligence Alliance, which is made up of agencies from the US, Britain, Australia, Canada and New Zealand, has said Russia could launch the attacks as a response to sanctions imposed following its invasion of Ukraine. It said the war could expose organisations everywhere to cyber crime.

Critical infrastructure organisations across Britain have been urged to ramp up their cyber security defences as they face a heightened risk of Russian state-sponsored cyber attacks. Organisations around  the world have also been warned of the potential threat of Russian cyberattacks.

According to the alert, "evolving intelligence" suggests hackers within the Russian government are seeking to engage in "malicious cyber activity" in response to the "unprecedented economic sanctions" imposed on Russia following its invasion of Ukraine. There is also concern that hackers are targeting critical infrastructure in countries that have provided “materiel support” to Ukrainian forces.

There are also risks posed by numerous cybercrime groups who have pledged their support to Russia. Some groups have also threatened to conduct cyber operations against countries and organisations providing materiel support to Ukraine, while other groups have conducted disruptive attacks against Ukrainian websites as well. 

Among the identified cyber crime groups that have aligned with the Russian government include Primitive Bear and Venomous Bear, which have been identified as cyber threat groups of Russian origin that have not previously been directly connected to the Russian government.

In response to the increased risk, the Five Eyes alert outlines a number of immediate actions critical infrastructure organisations can take to “prepare for and mitigate potential cyber threats”.

The British government minister responsible for cyber security, Steve Barclay, the told The Daily Telegraph newspaper  "Cyber attacks recognise no physical or geographical boundary and it has never been more important to plan and invest in cyber resilience." 

Speaking on Irish TV,  Pat Moran, Cybersecurity Leader at PwC said although there have been no significant cyber attacks to date, the situation is now extremely dangerous. "We have seen the Conti Russian criminal gang, who we know from the HSE attacks last year, have already gone public and said they will attack the critical infrastructure of any country who gets in the way of what Russia is trying to do... So this is quite a worrying area for the world." 

If these cyberattacks do take place, Moran said they will be focused on critical infrastructure. "The concentration will be on areas where organisations and individuals are depending on critical services - so some examples of that would be water, energy and transportation.. These are particular areas where Governments across the world are helping organisations to make sure their defence mechanisms are robust and resilient enough to sustain an attack." 

A recent PwC report on Economic Fraud & Crime reveals that almost half of businesses have reported experiencing fraud or financial crime over the last two years.

PwC surveyed 1,296 business leaders from across 53 countries and found that 70% of the organisations that experienced new incidents of fraud said it was as a result of Covid-19 disruptions. The survey shows that nearly two-thirds of tech, media and telecommunications businesses have experienced some form of fraud over the last two years - the highest incidence of any industry. The report also reveals a reveals a rise in supply chain fraud.

According to the findings, larger companies are at greater risk for fraud, with nearly 20% of such companies experiencing fraud costing over $50 million. In this year's survey results, cyber crime came in ahead of customer fraud, the most common global crime in 2020, by a substantial margin.

PWC:      Reuters:   Bloomberg:     RTE:    Hacker News:    Independent:      Telegraph:     ZDNet:    

You Might Also Read: 

Cyber Criminals Volunteer For War In Ukraine:

 

« Improve Your Password Security
Predictive Analytics Are The Future For Cyber Security »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

SealPath

SealPath

SealPath enables companies to protect and control their documents wherever they are: In their PC, in their corporate network, on a partner’s network, in the cloud.

Cyber Technology Institute - De Montfort University

Cyber Technology Institute - De Montfort University

The Cyber Technology Institute provides training and high quality research and consultancy services in the fields of cyber security, software engineering and digital forensics.

Tymlez Software & Consulting

Tymlez Software & Consulting

Tymlez Software and Consulting is a start-up specialised in blockchain technology for enterprises.

Malware Patrol

Malware Patrol

Malware Patrol provides intelligent threat data that protects against cyber attacks.

PrimeKey

PrimeKey

PrimeKey provides organisations with the ability to implement security solutions such as e-ID, e-Passports, authentication, digital signatures, unified digital identities and validation.

Tenzir

Tenzir

Tenzir's primary focus lies on network forensics: the systematic investigation of cyber attacks with big data analytics.

Tesorion

Tesorion

Tesorion is a fusion of different enterprises each with its own specialisation in the field of cybersecurity. We have combined these specialisations to create an integrated comprehensive solution.

SOCOTEC Certification International

SOCOTEC Certification International

SOCOTEC Certification International has been providing management systems assessment and accredited ISO certification services to organisations around the world since 1995.

CyberSwarm

CyberSwarm

CyberSwarm is developing a neuromorphic System-on-a-Chip dedicated to cybersecurity which helps organizations secure communication between connected devices and protect critical business assets.

Stealth Software Technologies

Stealth Software Technologies

Stealth Software Technologies is focused on the generation of research and software products focused on applied cryptography and cybersecurity.

ValueMentor

ValueMentor

ValueMentor is a leading cyber security service provider in the Middle East. We enable clients to reduce risk by taking a strategic approach to cybersecurity.

Spinnaker Support

Spinnaker Support

Spinnaker Support is a premier global provider of on-premise and cloud-based enterprise software support services.

TPx Communications

TPx Communications

TPx is a leading managed services provider offering a full suite of managed IT, unified communications, network connectivity and security services.

Securious

Securious

If you need to improve your cyber security or achieve cyber security accreditations, Securious provide an independent service that will identify and address your issues quickly and efficiently.

Codenotary

Codenotary

Codenotary provide a comprehensive suite of verification and enforcement services to guarantee the integrity of your software throughout its entire lifecycle.

Secure Halo

Secure Halo

Secure Halo has been protecting the intellectual assets and sensitive information of the federal government and private sector for 20+ years, through our proactive approach to risk and cybersecurity.