This Week in Security News - March 11, 2022
New RURansom wiper targets Russia and Google to acquire cybersecurity firm Mandiant for $5.4 billion
Save to Folio
Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, learn about RURansom, a new malware variant discovered to be targeting Russia. In addition, read more about Google’s plans to acquire cybersecurity firm, Mandiant.
Read on:
New RURansom Wiper Targets Russia
As the conflict between Russia and Ukraine escalates, Trend Micro analyzes RURansom, a new malware variant discovered to be targeting Russia. RURansom was originally suspected to be a ransomware because of its name, but further analysis revealed that it was a wiper.
Google to Acquire Cybersecurity Firm Mandiant for $5.4 Billion
This week, Google announced its plans to buy cybersecurity firm Mandiant for $5.4 billion in an effort to better protect its cloud customers. The deal is expected to close later this year and if it does, Mandiant will join Google’s cloud computing division, which has yet to grow to the same size as Microsoft Azure or Amazon AWS.
New Nokoyawa Ransomware Possibly Related to Hive
Trend Micro recently came across evidence that another, relatively unknown, ransomware known as Nokoyawa is likely connected with Hive, as the two families share some striking similarities in their attack chain, from the tools used to the order in which they execute various steps. Currently, the majority of Nokoyawa’s targets are located in South America, primarily in Argentina.
Cybersecurity Firm Says Chinese Hackers Breached Six US State Agencies
A Chinese government-backed hacking group has breached local government agencies in at least six US states in the last 10 months as part of a persistent information-gathering operation, investigators at cybersecurity firm Mandiant said Tuesday. The range of agencies targeted include health, transportation, labor (including unemployment benefit systems), higher education, agriculture, and court networks and systems.
Will Russian Oil Ban Spur Increased Cyber-Attacks
President Biden banned the sale of Russian oil to the United States to deprive the Putin regime of the economic resources needed to wage war. But this may put US companies in the firing line of cyber-attacks from the east. Overall, best practices cybersecurity doesn’t need to change, however we could see Russian ATP groups, or their proxies expand their targeting of the U.S. critical infrastructure. Oil and agas, banking and defense sectors are most likely to be the top of the target list.
As U.S. companies continue to cut business ties with Russia, cybersecurity firms Cloudflare, CrowdStrike and Ping Identity volunteered to protect U.S. utilities and hospitals for free amid concerns about retaliatory attacks. While no surges in cyberattacks on U.S. companies have been reported, CISA has urged U.S. businesses to lock down their systems in case the Russian government or private hackers take action against them.
Cybersecurity Report Identifies Top 5 Cybercrime Rings
The Cyber Workforce Benchmark report from Immersive Labs analyzed cyber knowledge, skills and judgment from over half a million exercises and simulations run by more than 2,100 organizations in the last 18 months. The report found that cybersecurity teams prioritize knowledge, skills and judgement development against high-profile threat groups. The top five groups of interest are: UNC2425 (Solarwinds), Iranian Threat Groups, Fin 7, Hafnium and Darkside.
Has your organization implements any of Trend Micro’s best practices for managing cyber risk? Tweet me on Twitter to continue the conversation: @JonLClay.