Weekly News Roundup July 5-9, 2021


Posted on by Kacy Zurkus

Businesses the world over were impacted by a ransomware attack on Kaseya, a software provider that services more than 40,000 companies, according to the New York Times. Shortly after the attack, the Russian-language hacking group, REvil, claimed responsibility. Only days later, Russian hackers, known as S.V.R., were accused of attempting to hack the Republican National Committee. The world is seeing a pattern.

During President Biden’s recent meeting with Russian President Vladimir Putin, Biden said the United States reserves the right to respond to cyberattacks. CBS News reported that Biden is facing pressure to respond while hundreds of companies and municipalities struggle to restore backups and recover from the crippling effects of the ransomware attack. As the week comes to a close, all eyes are looking to the White House for action, with The Wall Street Journal warning President Biden that inaction would, “show Mr. Putin and other thugs around the world that the U.S. President’s words are empty.”

Dismantling cybercrime isn’t as simple as defending against or responding to attacks, though. Webroot’s Senior Threat Researcher, Kevin Murray, looked at the evolution of cybercrime as a service and noted, “Criminals provide the service for a cut – and that cut is growing, with some criminals receiving 10% to 20% of any profits made in an attack that uses their code. Anything that can be automated can be sold as a service – and this is what’s really turned the industry on its head in the past few years.” 

As a result, defenders are overwhelmed. Charles Carmakal, CTO at Mandiant, told NBC News that in response to the growing epidemic of ransomware attacks, “We’re getting calls from organizations almost every single day. We’re barely able to keep up.”

Organizations need to improve their overall security postures and not only build up their defenses but also be able to more quickly detect and respond to cyberthreats. To augment your security strategy, check out the free resources available in our library.

Now let’s take a look at what else made industry headlines this week.

July 9: PYMNTS.com examined the ways in which fraudsters are increasingly leveraging AI and ML to victimize financial institutions of all types.

July 9: Threatpost reported, “The notorious Lazarus advanced persistent threat (APT) group has been identified as the cybergang behind a campaign spreading malicious documents to job-seeking engineers. The ploy involves impersonating defense contractors seeking job candidates.”

July 8: Efforts to curb cheating in the gaming community could be compromised with news that machine learning can reportedly be used in a new method of cheating.

July 7: The Hill reported, “The Miami-based technology firm at the center of the worldwide security breach carried out by Russia-linked hackers was warned in early April of the cybersecurity vulnerability that was ultimately taken advantage of by the cyber criminal gang.”

July 6: Air Force Times reported, “The Air Force’s 67th Cyberspace Wing is experimenting with a new method for doling out tasks to defensive cyberspace operators.”

July 6: Cybercriminals are increasingly targeting organizations and critical infrastructure across West Africa, “posing an existential threat to the economic recovery of the West African region.”

July 6: A malicious actor, reportedly known as Dr HeX, was arrested by Moroccan police for alleged involvement in the development of carding and phishing kits used to target thousands of victims over several years.

July 6: “Just days after its launch, hackers have already found a way to take advantage of GETTR’s buggy API to get the username, email address, and location of thousands of users,” Motherboard reported.

July 5: The Cyberspace Administration of China launched an investigation into the ride-hailing company Didi only days after its $4.4 billion IPO.

Contributors
Kacy Zurkus

Content Strategist, RSA Conference

Hackers & Threats Anti-Fraud

artificial intelligence & machine learning ransomware

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment.  Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA® Conference, RSA Security LLC or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.


Share With Your Community