Given the recent geo-political uncertainty, Cyber security professionals need to prepare for a continued uptick in threat activity. To ensure that your organization remains protected from whatever may occur, we would like to provide you with validated best security practices to mitigate any potential threat.
We highly recommend our customers and prospects to follow those recommendations to ensure that their organization remains protected
Check Point Research (CPR) warns of threat groups worldwide using Russia and Russia-Ukraine war-themed documents to spread malware and lure victims into cyber espionage. In a new report, CPR profiles three ATP groups named El Machete, Lyceum, and SideWinder, who were found to be running spear-phishing campaigns on victims in five countries. The attackers used decoys ranging from official-looking documents to news articles and job postings. After examining the lure documents, CPR found malware capable of keylogging, screenshotting, and executing commands.READ MORE
One month after the war started on 24th February 2022, both Russia and Ukraine saw increases in cyber-attacks of 10% and 17% respectively. CPR has also observed a 16% increase in cyber-attacks globallyREAD MORE
Last week, Check Point Research (CPR) observed an increase in cyber attacks aimed for NATO countries that were sourced from Chinese IP addresses. CPR examined the trend before and after Russia’s invasion into Ukraine, learning that cyber attacks from Chinese IPs jumped by 116% on NATO countries and 72% world-wide.READ MORE
Check Point Research (CPR) sees a trend where advertisements that request donations to Ukrainians are appearing on the Darknet.
Although some advertisements are legitimate, many are fraudulent. CPR provides examples of both.
All advertisements are requesting donation funds in the form of cryptocurrency.
In the first three days of combat, cyber attacks on Ukraine’s government and military sector increased by a staggering 196%. Since then, cyber attacks on Ukraine’s government and military sector decreased, dropping 50% in the last 7 days. CPR suspects that hackers have made a shift towards taking advantage of other governments focused on the conflict.READ MORE
On February 25th, 2022, Conti released a statement of full support for the Russian government — coupled with a stern warning addressed at anyone who might consider retaliating against Russia via digital warfare.READ MORE
As the physical conflict between Russia-Ukraine escalates, Check Point Research (CPR) warns of hacktivist groups falsely claiming successful cyber attacks on both sides. CPR investigated recent claims by three hacktivist groups, AgainstTheWest, KelvinSecurity and Killnet, and proved that their claims were lies. Alleged cyber attacks on Russia’s largest search engine, Yandex, and two other targets – a Russian nuclear facility and a hack on Anonymous’ website – have been discredited by CPR.READ MORE
Check Point Research (CPR) tracks activities happening on Telegram and shares an overview of observations on Telegram around the current conflict in Eastern Europe. On the day Russia invaded Ukraine, CPR documented a 6-fold increase in Telegram groups themed on the warREAD MORE
The conflict in Eastern Europe is advancing. People everywhere are deciding who they will support. The same dynamic happens in cyberspace.
Hacktivists, cybercriminals, white hat researchers or even technology companies are picking a clear side, emboldened to act on behalf of their choices.
Check Point Research (CPR) releases data on cyber-attacks observed around the current conflict in Eastern Europe.READ MORE
Ransomware attacks have been used successfully during times of uncertainty, to cripple businesses and disrupt critical infrastructure. Organizations caught unprepared could be left with the choice between paying a ransom demand and writing off the stolen data entirely.
However, there are always measures which any organization can take, in order to minimize their exposure to and the potential impacts of a ransomware attack.READ MORE
Our research teams have seen an uptick in DDoS attacks. Traditional security solutions are not equipped to protect against zero-day threats like destructive DDoS attacks. Application layer attacks including HTTPS floods and DNS attacks can cause devastating attacks to the unprepared organization. Learn more about protections that you can put in place, to protect your organization from DDoS attacks effectively.READ MORE
We should expect threat actors to employ traditional and novel forms of social engineering. These could include emails and text messages that lure victims to malicious sites or to download files with embedded attacks. learn more on how to protect against phishing attacksREAD MORE