Government

  • BlackCat/ALPHV ransomware asks $5 million to unlock Austrian state

    May 27, 2022

    Austrian federal state Carinthia has been hit by the BlackCat ransomware gang, also known as ALPHV, who demanded a $5 million to unlock the encrypted computer systems. The attack occurred on Tuesday and has caused severe operational disruption of government services, as thousands of workstations have allegedly been locked by the threat actor. Carinthia’s website and email ...

  • White House: Quantum computers could crack encryption, so here’s what we need to do

    May 5, 2022

    The White House has announced a set of proposals for keeping the US ahead in the quantum computing race globally, while mitigating the risk of quantum computers that can break public-key cryptography. Quantum computers powerful enough to break public-key encryption are still years away, but when it happens, they could be a major threat to national ...

  • UK Prime Minister, Catalan groups ‘targeted by NSO Pegasus spyware’

    April 18, 2022

    Citizen Lab has reported finding suspected surveillance software on devices associated with both the UK Prime Minister’s Office and what was formerly called the British Foreign and Commonwealth Office. The Canadian research outfit also said it had identified at least 65 individuals linked with Catalan civil society groups in Spain who were targeted by, or infected ...

  • Lazarus Targets Chemical Sector

    April 14, 2022

    Symantec, a division of Broadcom Software, has observed the North Korea-linked advanced persistent threat (APT) group known as Lazarus conducting an espionage campaign targeting organizations operating within the chemical sector. The campaign appears to be a continuation of Lazarus activity dubbed Operation Dream Job, which was first observed in August 2020. Symantec tracks this sub-set ...

  • Finnish govt websites knocked down as Ukraine President addresses MPs

    April 9, 2022

    Cyberattacks took down Finnish government websites on Friday while Ukrainian President Volodymyr Zelenskyy addressed Finland’s members of parliament (MPs). Denial-of-service (DoS) attacks hit Finland’s ministries of Defense and Foreign Affairs’ websites around noon local time. About an hour later, both government agencies tweeted that the websites were back up and running. The Finnish Ministry of Foreign Affairs ...

  • Mystery of alleged Chinese hack on eve of Ukraine invasion

    April 7, 2022

    Allegations of Chinese cyber activity as the recent conflict broke out in Ukraine have been emerging. The details appear unusually murky but one Western intelligence official believes the aim was espionage – and the cyber-attack may have been broader than previously reported. The Times first reported that hackers, alleged to be based in China, began targeting Ukrainian ...

  • Israeli officials are being catfished by APT-C-23 hackers

    April 7, 2022

    High-ranking Israeli officials are being catfished in a new cyberespionage campaign launched by APT-C-23. AridViper, also known as APT-C-23, Desert Falcon, and Two-tailed Scorpion, is a politically-driven advanced persistent threat (APT) group active in the Middle East. In the past, AridViper has conducted spear-phishing attacks against Palestinian law enforcement, military, and educational establishments, as well as the ...

  • Demand for cyber threat intel growing, White House official says

    April 6, 2022

    Private sector companies are increasingly asking the federal government for cyber threat intelligence as they seek to shore up their defenses against growing online threats, a White House cyber official told lawmakers on Wednesday. Robert Knake, a U.S. official in charge of budget and policy at the White House’s Office of the National Cyber Director, told ...

  • FBI: Ransomware Attacks Straining Local US Governments and Public Services

    March 30, 2022

    The FBI is informing Government Facilities Sector (GFS) partners of cyber actors conducting ransomware attacks on local government agencies that have resulted in disrupted operational services, risks to public safety, and financial losses. Ransomware attacks against local government entities and the subsequent impacts are especially significant due to the public’s dependency on critical utilities, emergency ...

  • Transparent Tribe APT returns to strike India’s government and military

    March 29, 2022

    The Transparent Tribe hacking group is back with a new malware arsenal and victim list including India’s government and military. Active since at least 2013, the advanced persistent threat (APT) group operates in at least 30 countries. However, the APT tends to focus on India and Afghanistan – with the exception being attacks recorded against human ...

  • China APT group using Russia invasion, COVID-19 in phishing attacks

    March 28, 2022

    A China-based threat group is likely running a month-long campaign using a variant of the Korplug malware and targeting European diplomats, internet service providers (ISPs) and research institutions via phishing lures that refer to Russia’s invasion of Ukraine and COVID-19 travel restrictions. The ongoing campaign was first seen in August 2021 and is being tied to ...

  • How hackers are trying to undermine Putin

    March 20, 2022

    The Anonymous hacktivist collective has been bombarding Russia with cyber-attacks since declaring “cyber war” on President Vladimir Putin in retaliation for the invasion of Ukraine. Several people operating under its banner spoke to the BBC about their motives, tactics and plans. Of all the cyber-attacks carried out since the Ukraine conflict started, an Anonymous hack on ...

  • Israeli government websites down due to suspected cyberattack

    March 14, 2022

    This is the largest-ever cyberattack carried out against Israel, a defense establishment source says Several Israeli government websites went down on Monday, prompting suspicions of a cyberattack. The websites of the Prime Minister’s Office, as well as several ministries, were inaccessible. Access to some of the websites has been restored. A senior defense official reportedly told Haaretz that ...

  • Does This Look Infected? A Summary of APT41 Targeting U.S. State Governments

    March 8, 2022

    UPDATE: The original post may not have provided full clarity that CVE-2021-44207 (USAHerds) had a patch developed by Acclaim Systems for applicable deployments on or around Nov. 15, 2021. Mandiant cannot speak to the affected builds, deployment, adoption, or other technical factors of this vulnerability patch beyond its availability. In May 2021 Mandiant responded to an APT41 intrusion ...

  • US Government sets forth Zero Trust architecture strategy and requirements

    February 17, 2022

    To help protect the United States from increasingly sophisticated cyber threats, the White House issued Executive Order (EO) 14028 on Improving the Nation’s Cybersecurity, which requires US Federal Government organizations to take action to strengthen national cybersecurity.1 Section 3 of EO 14028 specifically calls for federal agencies and their suppliers “to modernize approach to ...

  • Ukraine: Websites of some banks and ministries are under a cyberattack

    February 15, 2022

    According to local media, hackers are now attacking a number of sites in Ukraine. Several banks and the website of the Ministry of Defense are under DDoS attack. “Ukrainska Pravda” citing sources in the Ukrainian government understands that a powerful DDoS attack affected Privatbank and Oschadbank banks, as well as the Ministry of Defense and the ...

  • UK Foreign Office target of ‘serious cyber incident’

    February 8, 2022

    The UK’s Foreign, Commonwealth and Development Office (FCDO) was the target of a “serious cyber-security incident”, it has emerged. The details came via a tender document published on a government website, seemingly by mistake. The BBC understands unidentified hackers got inside the FCDO systems, but were detected. It is not believed that any classified or highly sensitive material ...

  • Israel Police Used NSO’s Pegasus Spyware Against Top Gov’t Officials, Journalists and Activists

    February 7, 2022

    Israel Police used NSO’s Pegasus spyware to hack the phones of public figures, including protest leaders, journalists, government employees and associates of former Prime Minister Benjamin Netanyahu, according to a report by Calcalist on Monday. According to the report, the hacking tool was used without a court order and against Netanyahu’s son, Avner Netanyahu, co-defendant in ...

  • Actinium hacking group is targeting emergency response and security organizations in Ukraine

    February 7, 2022

    Microsoft has detailed recent hacking activity of cyber actors, most likely aligned with the Russian Federal Security Service (FSB), who have targeted Ukraine government, security agencies and aid organizations. Microsoft says the hacking group, which it calls Actinium, has “targeted or compromised accounts” at Ukraine emergency response organizations since October. Actinium hackers also targeted organizations that ...

  • NSO Group Pegasus Spyware Aims at Finnish Diplomats

    January 31, 2022

    The controversial Pegasus spyware, developed by NSO Group, has been found on the devices of Finland’s diplomatic corps serving outside the country as part of a wide-ranging espionage campaign, according to Finnish officials. They also said the infections were of the zero-click variety. “The highly sophisticated malware has infected users’ Apple or Android telephones without their noticing ...