Cyber Security  

NATO's annual cyber defense exercises kicked off in Estonia. The exercises involve representatives from the 26 NATO allies as well as Finland and Sweden, Georgia, Ireland, Japan, Switzerland, the European Union, and participants from industry and academia. Over the course of five days, participants will train to tackle real-life cyber challenges such as cyber-attacks on power grids, programmes and NATO and Allied assets while in operations – boosting their ability to defend networks and operate together in cyberspace.

The heads of the FBI and the UK's MI5 appeared jointly to warn against Chinese corporate espionage and threats to cybersecurity. FBI Director Christopher Wray and MI5 Director General Ken McCallum explained the potential damage to an audience of business and academic leaders in London. They stressed that the Chinese government has a long history of hacking and stealing proprietary information. They urged business leaders to work with their agencies to protect corporate secrets and innovation from theft.

The United States and its European allies are condemning Russia for cyber attacks against Ukraine that began in January, a month before the invasion, and have continued since. In a statement, U.S. Secretary of State Antony Blinken said that Ukraine has experienced numerous disruptive cyber attacks, including "website defacements, distributed denial-of-service attacks, and cyber attacks to delete data from computers belonging to government and private entities — all part of the Russian playbook." The European Union confirmed that Russia was behind a cyber attack that targeted Ukraine's satellite network an hour before the invasion, causing "significant impact causing indiscriminate communication outages and disruptions across several public authorities, businesses and users in Ukraine, as well as affecting several EU Member States."

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), along with international partners, issued an advisory concerning Russian state-sponsored and criminal cyber threats to critical infrastructure in and outside of Ukraine. The advisory addresses specific “malicious cyber operations” perpetrated by various Russian agencies and cybercrime groups, some of which have publicly pledged support for the Russian government. The advisory urges "critical infrastructure network defenders to prepare for and mitigate potential cyber threats...by hardening their cyber defenses and performing due diligence in identifying indicators of malicious activity."

President Biden again alerted Americans to the threat of Russian cyber attacks against the public and private sectors, in retaliation for U.S.-led sanctions against Russia for its invasion of Ukraine. "I have previously warned about the potential that Russia could conduct malicious cyber activity against the United States. It’s part of Russia’s playbook," said Biden. "Today, my administration is reiterating those warnings based on evolving intelligence that the Russian government is exploring options for potential cyberattacks."

Netblocks, a cybersecurity watchdog group, confirmed a loss of connectivity to multiple online banking platforms in Ukraine, in addition to Ukraine's defense ministry, "in a manner consistent with a denial of service attack." According to Reuters, the Ukrainian Centre for Strategic Communications and Information Security attributes the cyberattacks to Russia.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a "Shields Up" alert for American organizations regarding the possibility of Russian cyberattacks amid tensions with Ukraine. "While there are not currently any specific credible threats to the U.S. homeland," the alert says, "we are mindful of the potential for the Russian government to consider escalating its destabilizing actions in ways that may impact others outside of Ukraine."

President Biden signed a National Security Memorandum aimed at strengthening cybersecurity across agencies including National Security, Department of Defense, and Intelligence Community Systems. Some of the changes include the implementation of multi-factor authentication, encryption, cloud technologies, and endpoint detection services as well improvements to the visibility of these services and timelines for incidents.

Microsoft announced that dozens of computer systems belonging to agencies and organizations linked to the Ukrainian government have been infected with malware, origin unknown. In a statement, Microsoft said the malware, which it detected on January 13, could infect computers and render them inoperable if activated by the attacker.

Russia's security agency said it arrested members of the Russia-based cyber gang REvil that was responsible for multiple massive ransomware attacks against U.S. companies last year, including the cyberattack that crippled the Colonial Pipeline. The agency also said it seized $600,000, 500,000 euros, 426 million rubles, 20 cars purchased with that money, and crypto wallets that were used to commit the cybercrimes. The arrests were made based on an appeal from the United States.

Secretary of State Antony Blinken formally announced the establishment of a new cyber bureau at the State Department, to be headed by an ambassador-at-large. The Bureau of Cyberspace and Digital Policy will address issues including cyber threats, global internet freedom, surveillance risks and working with democratic allied nations to set international norms and standards on emerging technologies. “We have a major stake in shaping the digital revolution that is happening around us," he said, "and making sure that it serves our people, protects our interests, boosts our competitiveness and upholds our values."

Four Chinese nationals have been named in an indictment alleging that, among other crime, hackers created malware, hacked into computer systems of foreign governments, companies and universities, and assisted other hackers. The “theft was focused on information that was of significant economic benefit to China’s companies and commercial sectors” and “the circumvention of lengthy resource-intensive research and development processes.”

The U.S. along with “an unprecedented group of allies and partners,” including NATO, have issued a statement “exposing and criticizing” the behavior of the People’s Republic of China. Allegations range from theft of intellectual property to “ransom demands of millions of dollars” - including the March 2021 attack on Microsoft - and implicated hackers “with a history of working for the PRC Ministry of State security.”

In an evening press conference, a senior administration official condemns the PRC noting its “pattern of irresponsible behavior in cyberspace is inconsistent with its stated objective of being seen as a responsible leader in the world.” The same administration official announced that the NSA, CISA, and the FBI “will expose over 50 tactics” of Chinese state-sponsored hackers use against the U.S. and its companies.