...Loading...
Banner Image

Categories

2Education
Education (2)
6General
General (2)
4In The News
In The News (1)
3Press Release
Press Release (2)
1Regulation
Regulation (4)
5Thought Leadership
Thought Leadership (2)

Archives

201811November3
November 2018 (3)
201808August2
August 2018 (2)
201807July1
July 2018 (1)
201805May1
May 2018 (1)
201804April1
April 2018 (1)
201803March3
March 2018 (3)
201802February1
February 2018 (1)
3https://www.securitygate.io/blog/2018/03/recent-russian-cyber-attacks-and-how-to-defen
Recent Russian Cyber Attacks and How to Defend Your Business from Cybersecurity Threats
Posted by: Poster Avatar Brent Gage   |    03/19/2018 08:00 AM    |    Categorized under:  EducationIn The News

 

A BRIEF EXPLANATION OF THE RUSSIAN CYBER ATTACKS

On March 15, 2018, a Technical Alert (TA) was released jointly by the Department of Homeland Security (DHS) and the FBI which implicated Russian government cyber actors in the targeting of numerous US, Canadian, and European targets. The cyber attacks used a variety of infection vectors, including: malicious emails, watering hole attacks, and Trojanized software. The Russian hackers are targeting trusted third-party providers (known as "staging targets”) who have less secure networks than their ultimate intended enterprise business and government targets. From these vulnerable entry points, they can gain access to the much more secure infrastructure targets.


ABOUT THIS TA – IN LAYMAN’S TERMS

This TA was mostly a confirmation of a commonly-held knowledge in the cyber security professional community. The hacking group, known as Dragonfly or Energetic Bear, has been in operation since at least 2011. Initially, they were targeting defense and aviation companies in the US and Canada. By early 2013, they had pivoted to focusing mainly on US and European energy firms. They went quiet for a few years after Symantec released a report detailing their actions in 2014. They later reemerged sometime in March 2016 and began targeting government entities and multiple U.S. critical infrastructure sectors, including the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors. The hackers were able to gain access and control of much of the US’s critical infrastructure.


ESTABLISHING AN SMB AND LARGE ENTERPRISE CYBERSECURITY DEFENSE STRATEGY

Increasingly, companies are realizing that, regardless of how secure their own IT infrastructure is, they are only as secure as their least defended downstream provider. The revealed actions of Dragonfly are just further proof (as if any more were needed) that all small, medium-sized, and large enterprise businesses need to be concerned with assessing their security risk and compliance. Lack of cybersecurity due diligence could put valuable contracts at risk.

For cyber security to be effective, companies must evaluate the data information security posture of their third-party vendors. As of this year, performing these cybersecurity risk assessments is now a requirement for getting or maintaining a government contract. While this is a positive step in cybersecurity, manually evaluating every third-party vendor can be an incredibly expensive and time-consuming process. Thankfully, there’s an easier way. SecurityGate has designed a cybersecurity risk and compliance management platform which automates the cyber risk assessment and remediation process. Companies can track their various suppliers and assets cyber security compliance through a centralized dashboard, allowing them to compare suppliers and focus on the most pressing cybersecurity issues first. Click here to schedule a demonstration.

 

 

REF

https://www.us-cert.gov/ncas/alerts/TA18-074A

https://www.symantec.com/connect/blogs/dragonfly-western-energy-companies-under-sabotage-threat-energetic-bear

https://www.symantec.com/blogs/threat-intelligence/dragonfly-energy-sector-cyber-attacks

 

 


Featured Image

Next Post

SECURITYGATE UNVEILS NEW PLATFORM

Author Image

Author

Brent Gage

MORE POSTS BY Brent Gage