Newsletters

Your weekly dose of Seriously Risky Business news is written by Tom Uren, edited by Patrick Gray and supported by the Cyber Initiative at the Hewlett Foundation, AustCyber and founding corporate sponsors CyberCX and Proofpoint.

State coordinated cyber attacks targeting power infrastructure in Ukraine and India are, at first glance, alarming. However, the campaign targeting Ukraine appears to have failed and the preparatory activity targeting India was so noisy it might actually wind up driving meaningfully improved defences there, too. Let's dive in:

Ukraine's CERT announced that it had thwarted a Russian attack on Ukrainian energy infrastructure. Victor Zhora, a top Ukrainian cybersecurity official, said in a Zoom press conference that the malware caused some disruption in one facility, but no customers lost power.

Your weekly dose of Seriously Risky Business news is written by Tom Uren, edited by Patrick Gray and supported by the Cyber Initiative at the Hewlett Foundation, AustCyber and founding corporate sponsors CyberCX and Proofpoint.

As first reported in Cyberscoop, the Biden administration is reviewing the Trump-era policy that gave US Cyber Command (USCYBERCOM) greater freedoms to pew pew their cyber operations without White House approval.

The policy in question, National Security Presidential Memorandum-13 (NSPM-13), is classified, although The Washington Post reported the intent of the policy was to remove procedural barriers to the authorisation of offensive cyber operations. In other words it would give DoD personnel greater freedom to fire their pew pew cyber cannons without jumping through a series of very complicated, bureaucratic hoops.

Your weekly dose of Seriously Risky Business news is written by Tom Uren, edited by Patrick Gray and supported by the Cyber Initiative at the Hewlett Foundation, AustCyber and founding corporate sponsors CyberCX and Proofpoint.

SpaceX's CEO Elon Musk has, perhaps without thinking, painted a big fat military target on the company's Starlink satellite service.

Many companies have expressed support for Ukraine by either pulling out of or restricting sales and services to the Russian market. SpaceX has taken a different approach and actively provided extra services to Ukraine. These services are now enabling a lethal military function.

Your weekly dose of Seriously Risky Business news is written by Tom Uren, edited by Patrick Gray and supported by the Cyber Initiative at the Hewlett Foundation, AustCyber and founding corporate sponsors CyberCX and Proofpoint.

Efforts by American companies to disconnect Russia from the Internet are understandable but ultimately counterproductive. To a degree, they play into Putin's hands.

Two of the world's largest backbone providers, Cogent and Lumen, stopped servicing customers in Russia. Similarly, the London Internet Exchange, one of the world's larger internet exchange points, booted Rostelecom and Megafon (Russia's largest ISP and second largest mobile telco) out of the exchange.

Your weekly dose of Seriously Risky Business news is written by Tom Uren, edited by Patrick Gray and supported by the Cyber Initiative at the Hewlett Foundation, AustCyber and founding corporate sponsors CyberCX and Proofpoint.

Interesting — but not conclusive — reporting suggests that a destructive cyber incident targeting satellite communications provider ViaSat was aimed at disrupting Ukrainian military communications.

ViaSat suffered network outages on 24 February — the same day as the invasion of Ukraine — on KA-SAT spot beams servicing Eastern Europe including Ukraine. The outages had effects beyond Ukraine, including disconnecting 5,800 wind turbines in Germany from their monitoring system and also affected other customers in Germany, France, Hungary, Greece, Italy and Poland.

Your weekly dose of Seriously Risky Business news is written by Tom Uren, edited by Patrick Gray and supported by the Cyber Initiative at the Hewlett Foundation, AustCyber and founding corporate sponsors CyberCX and Proofpoint.

There is no evidence that cyber operations have been used effectively in support of conventional military action in Russia's invasion of Ukraine, but the resulting chaos in the cybers is still making life interesting.

There have been many incidents affecting Ukrainian interests that are likely state-directed in support of Russia:

Your weekly dose of Seriously Risky Business news is written by Tom Uren, edited by Patrick Gray and supported by the Cyber Initiative at the Hewlett Foundation, AustCyber and founding corporate sponsors CyberCX and Proofpoint.

Servers that host data for the International Committee of the Red Cross's (ICRC) Restoring Family Links service were breached in January. The service reunites families and individuals separated by conflict and disaster and the details of the more than half a million people using the service are likely to have been stolen. Who was responsible? And why?

We mentioned this hack briefly two weeks ago when the US State Department warned that it was a "dangerous development" that "harmed the global humanitarian network’s ability to locate missing people and reconnect families".

Your weekly dose of Seriously Risky Business news is written by Tom Uren, edited by Patrick Gray and supported by the Cyber Initiative at the Hewlett Foundation, AustCyber and founding corporate sponsors CyberCX and Proofpoint.

The leader of the Lurk hacking group, Konstanin Kozlovsky, was sentenced to 14 years in prison in a Yekaterinburg court this week.

At first glance this appears to be more evidence Russia is getting serious about cybercrime. Lurk was a professionally run group that managed to steal USD$45m before most of its members were arrested in 2016. But the history is, err, complicated. Kozlovsky's claims link him to world-changing hacks, criminal activity and treason.

Your weekly dose of Seriously Risky Business news is written by Tom Uren, edited by Patrick Gray and supported by the Cyber Initiative at the Hewlett Foundation, AustCyber and founding corporate sponsors CyberCX and Proofpoint.

The US Department of Homeland Security has officially established the Cyber Safety Review Board (CSRB), with its first task to be a review of the Log4j vulnerability and responses to it.

The new organisation is tasked with reviewing cyber security incidents, establishing root causes and providing recommendations to improve security. This CSRB concept is comparable to the NTSB, which investigates civil aviation accidents in the US and issues safety recommendations aimed at preventing future disasters.

Your weekly dose of Seriously Risky Business news is written by Tom Uren, edited by Patrick Gray and supported by the Cyber Initiative at the Hewlett Foundation, AustCyber and founding corporate sponsors CyberCX and Proofpoint.

A Citizen Lab report into the official Beijing Winter Olympics app has triggered a flurry of over-the-top news articles about privacy risks to those attending the games. It's true there are risks to the privacy and digital security of games attendees, but a poorly constructed event app is pretty low on the list of things to worry about.

The My 2022 app provides a wide range of functions including voice and text chat, weather updates, translation services, navigation and Covid-19 health monitoring. According to Citizen Lab's report, installation of the app is "mandated" for attendees. Other reputable sources say attendees can use a web portal to submit their health information if they don't want to install it on their device. So… not mandatory.