Russians Hack Ukrainian Gas Company – Experts Comments

Russian military hackers have been boring into the Ukrainian gas company, Burisma, at the centre of the Trump impeachment affair, according to security experts.

The hacking attempts against Burisma, on whose board Hunter Biden (Joe Biden’s son) served, began in early November, as talk of the Bidens, Ukraine and impeachment was dominating the news in the United States.

It is not yet clear what the hackers found, or precisely what they were searching for. But the experts say the timing and scale of the attacks suggest that the Russians could be searching for potentially embarrassing material on the Bidens — the same kind of information that Mr. Trump wanted from Ukraine when he pressed for an investigation of the Bidens and Burisma, setting off a chain of events that led to his impeachment.

Then, as now, the Russian hackers from a military intelligence unit known formerly as the G.R.U., and to private researchers by the alias “Fancy Bear,” used so-called phishing emails that appear designed to steal usernames and passwords, according to Area 1, the Silicon Valley security firm that detected the hacking.

Nancy Pelosi has responded to reports that a Russian military intelligence unit successfully targeted Burisma, demanding Congress be briefed on the administration's knowledge of the hack.https://t.co/EVSjULsZEG

— Axios (@axios) January 14, 2020

January 16, 2020

Andrea Carcano

+ Follow Me - UnFollow Me

Co-founder and CPO

Nozomi Networks

This is just another example of the rise in cyberattacks to critical infrastructure. A reminder that these types of threats are real and need to be addressed with pro-active participation from both the public and private sector. Nation-state attackers will continue to employ innovative or original tactics to gain access to systems, so industrial operators must be equally capable of catching these attacks from the start. Critical infrastructure organizations including energy, transportation, .....Read More

This is just another example of the rise in cyberattacks to critical infrastructure. A reminder that these types of threats are real and need to be addressed with pro-active participation from both the public and private sector. Nation-state attackers will continue to employ innovative or original tactics to gain access to systems, so industrial operators must be equally capable of catching these attacks from the start. Critical infrastructure organizations including energy, transportation, water, manufacturing, and others that support everyday life, should be particularly vigilant with respect to their standard cyber security practices for operational assets, especially in these unsure geopolitical times. It is necessary to leverage security tools that provide broad operational visibility, continual network monitoring, and detection of system anomalies. The current situation demands renewed scrutiny around unusual activity, and immediate investigation of possible incidents.  Read Less

Like(0)  (0)

×

Linkedin Message

@Andrea Carcano, Co-founder and CPO, provides expert commentary at @Information Security Buzz.
"It is necessary to leverage security tools that provide broad operational visibility...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/russians-hack-ukrainian-gas-company-experts-comments

Copy this message and share on your Linkedin profile. Thanks! COPY

×

Facebook Message

@Andrea Carcano, Co-founder and CPO, provides expert commentary at @Information Security Buzz.
"It is necessary to leverage security tools that provide broad operational visibility...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/russians-hack-ukrainian-gas-company-experts-comments

Copy this message and share on your Facebook profile. Thanks! COPY

Please login to comment.

January 16, 2020

Rosa Smothers

+ Follow Me - UnFollow Me

SVP of Cyber Operations

KnowBe4

Phishing is the go-to methodology for the Russian services to obtain a user's credentials and gain access to the broader target network. This put not only Burisma Holdings at risk but their subsidiaries and their vendors as well. Like any fairly sophisticated and organised hacking campaign, they also ran multiple domains that were just similar enough to legitimate Burisma domains that they went unnoticed by users. At the end of the day, the story here is one of ongoing and escalating social.....Read More

Phishing is the go-to methodology for the Russian services to obtain a user's credentials and gain access to the broader target network. This put not only Burisma Holdings at risk but their subsidiaries and their vendors as well. Like any fairly sophisticated and organised hacking campaign, they also ran multiple domains that were just similar enough to legitimate Burisma domains that they went unnoticed by users. At the end of the day, the story here is one of ongoing and escalating social engineering efforts by the Russians against their targets of interest - which is why we should expect and plan for such activities during our upcoming election cycle.  Read Less

Like(0)  (0)

×

Linkedin Message

@Rosa Smothers, SVP of Cyber Operations, provides expert commentary at @Information Security Buzz.
"Phishing is the go-to methodology for the Russian services to obtain a user\'s credentials...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/russians-hack-ukrainian-gas-company-experts-comments

Copy this message and share on your Linkedin profile. Thanks! COPY

×

Facebook Message

@Rosa Smothers, SVP of Cyber Operations, provides expert commentary at @Information Security Buzz.
"Phishing is the go-to methodology for the Russian services to obtain a user\'s credentials...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/russians-hack-ukrainian-gas-company-experts-comments

Copy this message and share on your Facebook profile. Thanks! COPY

Please login to comment.

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Submit Your Expert Comments

×

Submit Your Expert Comments

Write Your Expert Comments (0/1000) *

Your Registered Email *

Notification Email (If different from your registered email)

* By using this form you agree with the storage and handling of your data by this web site.

Verification Code (Check your email and enter here to proceed)

SUBMIT

Resend Verification Code

×

Upload Content

Youtube Link  

Image  

---

Youtube Link (Ex: https://www.youtube.com/watch?v=eUxUUarTRW4 )

Add

Uploading the content. Please wait....

Submit

×