Cyber Security Today, Feb. 23, 2024 – A cyber warning on the second anniversary of Russia’s invasion of Ukraine, and more LockBit news

A cyber warning on the second anniversary of Russia’s invasion of Ukraine, and more LockBit news

Welcome to Cyber Security Today. It’s Friday, February 23rd, 2024. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the U.S.

Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

 

Saturday will mark the second anniversary of Russia’s invasion of Ukraine. Russia may mark the day in several ways, one of which may be by launching or approving the launching of cyber attacks against countries that support Ukraine. So Canada’s Communications Security Establishment — the government’s cybersecurity and electronic spy agency — is urging IT departments to be vigilant. That’s especially true for critical infrastructure providers. Possible activity ranges from defacing websites and denial of service attacks to doing really nasty things. Now’s the time to make sure the cybersecurity basics are in place like making sure essential systems aren’t open to the internet and being prepared for denial of service attacks.

Following on this week’s international disruption of the LockBit ransomware gang, the U.S. State Department is offering up to US$15 million for information leading to the arrest and/or conviction of gang leaders and affiliates. Some 200 cryptocurrency accounts linked to the gang have been frozen as well as 14,000 accounts on email and file hosting providers. According to one report, law enforcement was able to infiltrate LockBit’s IT infrastructure by exploiting an unpatched vulnerability.

Earlier this week ConnectWise warned users of its ScreenConnect application to apply an update immediately. Some weren’t fast enough. Researchers at Sophos say some organizations have been hacked this week through ScreenConnect and suffered malware attacks including the installation of LockBit ransomware — possibly by gang affiliates.

Later today my Week in Review podcast will be out. Among other things guest commentator Terry Cutler of Cyology Labs will talk about how badly LockBit has been hurt.

The U.S. Cybersecurity and Infrastructure Security Agency has issued advice on how to secure water utilities. This comes after reports last December that an Iran-linked hacking group was targeting and compromising water and wastewater processing plants through vulnerabilities in a programmable logic controller. The CISA report recommends eight actions for utilities that come under cybersecurity 101. They include conducting a thorough inventory of all IT and OT assets; limiting the exposure IT or OT systems to the internet like controllers and remote terminal units; changing the default passwords of any hardware and software; and conducting regular cybersecurity assessments.

Finally, the U.S. Federal Trade Commission will order software provider Avast to pay US$16.5 million and forbid the company from selling or licencing web browsing data for advertising to settle allegations the company sold data to third parties after promising its products would protect consumers from online tracking. The FTC says Avast collected consumer data through its antivirus software and browser extensions and sold it without adequate notice or consumer consent.

A reminder to watch for the Week in Review podcast later today with lively commentary on some of the week’s news.

Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Sponsored By:

Cyber Security Today Podcast