Warning: Undefined array key "HTTP_ACCEPT_LANGUAGE" in /home/u596154002/domains/usbusinessreviews.com/public_html/wp-includes/load.php on line 2057

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the rank-math domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u596154002/domains/usbusinessreviews.com/public_html/wp-includes/functions.php on line 6114
The role of cloud services, public tools in the Russia-Ukraine cyber conflict - Best Business Review Site 2024

The role of cloud services, public tools in the Russia-Ukraine cyber conflict

[ad_1]

As Russia’s invasion of Ukraine continues for the third week, researchers have explored how cloud technologies are contributing to the conflict — at least, on the virtual battleground. 

When Russia crossed into Ukraine in February, this triggered action online. 

Ukraine had already experienced multiple attacks leading to website defacement, Distributed Denial-of-Service (DDoS) outages, and the use of destructive wiper malware. Anonymous hacktivists then became involved, and Ukraine’s government called for volunteers with cybersecurity skills to help protect critical infrastructure. 

By March, Ukraine had started forming what officials called an “IT army” tasked with network defense — as well as offensive counterattacks against Russian threat actors.  

According to new research conducted by Aqua Security’s Team Nautilus, cloud technologies now play a role in the digital side of the conflict. 

The team has tracked code and tools in public repositories, including Docker container images, code libraries, and popular software packages such as PyPI, npm, and Ruby.

Team Nautilus searched for names, guides, and tools promoted for use in cyberattacks by either side. In total, roughly 40% of these public repositories were “related to denial-of-service activity aimed to disrupt the network traffic of online services,” according to the researchers. 

screenshot-2022-03-15-at-09-46-54.png

Aqua Security
screenshot-2022-03-15-at-09-47-01.png

Aqua Security

Two container images, “abagayev/stop-russia:latest” and “erikmnkl/stoppropaganda:latest,” were of particular interest to the team. Both are DoS tools that contain how-to guides, expanding the potential of website disruption through cloud deployment to audiences without technical expertise. 

Financial and multiple service providers in Russia are on the target list. 

“Both container images also included attack tools that initiate DNS flood carried out over the UDP protocol, sending a large number of DNS requests to UDP in port 53, and aimed against Russian banks,” the team noted. 

Honeypots deployed by Team Nautilus, set to gather data on IP addresses related to Russia and Ukraine, revealed that 84% of DDoS targets were affiliated with Russian IP addresses, whereas 16% were linked to Ukraine. 

Overall, network and media organizations were attacked most often. 

“As technology advances, experienced threat actors can create and distribute simple automated tools allowing less skilled individuals to join and participate in cyberwar,” the researchers say. “It also allows individuals and organized hacking groups to influence the conflict, using their knowledge and resources. We can see how emerging technologies are relevant in these efforts and can help make an impact.”

In related news, Google’s Threat Analysis Group (TAG) has taken down a “coordinated influence operation” linked to Belarus, Moldova, and Ukraine, and account protections have been ramped up for Ukrainian users suspected of being at higher risk of compromise due to the invasion. 

Ukraine’s Computer Emergency Response Team for Ukraine (CERT-UA) previously warned that the Ghostwriter Belarusian threat group, also tracked as UNC1151, is actively spreading anti-NATO material and is involved in a number of phishing campaigns. 

On March 11, the agency said malicious droppers, hosted in Discord servers, were also being served to victim organizations by UAC-0056. According to Palo Alto Networks, one victim was an energy company in Ukraine. 

Previous and related coverage


Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0


[ad_2]

Source link

slot gacor slot gacor togel macau slot hoki bandar togel slot dana slot mahjong link slot link slot777 slot gampang maxwin slot hoki slot mahjong slot maxwin slot mpo slot777 slot toto slot toto situs toto toto slot situs toto situs toto situs toto situs toto slot88 toto slot slot gacor thailand slot bet receh situs toto situs toto slot toto slot situs toto situs toto situs toto situs togel macau toto slot slot demo slot pulsa slot pragmatic situs toto deposit dana 10k surga slot toto slot link situs toto situs toto slot situs toto situs toto slot777 slot gacor situs toto slot slot pulsa 10k toto togel situs toto slot situs toto slot gacor terpercaya slot dana slot gacor pay4d agen sbobet kedai168 kedai168 deposit pulsa situs toto slot pulsa situs toto slot pulsa situs toto situs toto situs toto slot dana toto slot situs toto slot pulsa toto slot situs toto slot pulsa situs toto situs toto situs toto toto slot toto slot slot toto akun pro maxwin situs toto slot gacor maxwin slot gacor maxwin situs toto slot slot depo 10k toto slot toto slot situs toto situs toto toto slot toto slot toto slot toto togel slot toto togel situs toto situs toto toto slot slot gacor slot gacor slot gacor situs toto situs toto cytotec toto slot situs toto situs toto toto slot situs toto situs toto slot gacor maxwin slot gacor maxwin link slot 10k slot gacor maxwin slot gacor slot pulsa situs slot 10k slot 10k toto slot toto slot situs toto situs toto situs toto bandar togel 4d toto slot toto slot