Top Cyber Stories for March 2022
Russia-Ukraine War Continues in Cyberspace
As the armed conflict following Russia’s invasion of Ukraine intensified through March, multiple cyberattacks purportedly linked to the war were reported. It was not just attacks on Ukrainian and Russian websites. Cyber incidents spilled over onto allies of either side. See examples here and here. Even activist hacker collective Anonymous has been drawn into the cyberwarfare after committing to target Russian infrastructure.
Apart from attackers aligned with each side, cyber criminals are in characteristic fashion, using phishing emails to take advantage of global interest in the war.
State Government Networks Compromised
Research published by cybersecurity firm Mandiant indicated that a state-sponsored Chinese hacking group had penetrated and compromised the networks of six state governments in the US. The group, APT41, leveraged vulnerabilities in web applications to gain entry. The attack took place between May 2021 and February 2022. This is not the first time APT41 has made the headlines as a potent cybersecurity threat.
The Chinese government has denied being behind groups such as APT41.
Israeli Government Websites Attacked
Israel’s communications ministry described a broad DDoS cyberattack had struck its websites. The attack prevented access to multiple government sites including the ministries of interior, health, justice and welfare as well as the Prime Minister’s office. Service was eventually restored.
The Israeli government did not accuse any particular group of being behind the attack. In the past, Israel has pointed to Iran-backed hacking groups as orchestrating cyberattacks targeting it.
EU Proposes Cybersecurity Regulations
The European Commission has set out proposed draft rules to manage cyber risks across EU organizations. Referred to as Cybersecurity Regulation and Information Security Regulation, the rules intend to form a Cybersecurity Board tasked with monitoring the rules’ implementation.
Under the rules, every EU institution, agency, office and body will be required to develop a roadmap to bolstering their cybersecurity, perform assessments regularly as well as share incident details.
SEC Cybersecurity Disclosure Proposal
The US Securities and Exchange Commission has proposed new rules requiring public companies to disclose cybersecurity information. Proposed rules are geared to giving investors insight on a company’s incident reporting and security practices. The new rules if adopted would expand on guidance issued in 2011 and 2018 that governs disclosure obligation on cyber incidents and risks.