The White House, in a statement, said that Russia’s foreign intelligence service, SVR, was behind the SolarWinds hack, which stole data from nine federal agencies and 100s of private firms. Russian govt was always believed to behind the cyber attack, but the statement is the first formal acquisition. The White House also announced a series of sanctions against five Russian cybersecurity firms said to be involved in supporting hack.
Mobile cyberattacks in India jumped 845% to 12,719 in March 2021 from 1,345 cases in Oct 2020, said Check Point Software Technologies in a report. The report revealed that ISPs in India, during the first phase of lockdown, had received cyberattack alerts from corporate clients almost every alternate day compared with an average of once a week before the lockdowns. The report said that 97% of firms across the globe faced mobile threats from several attack vectors.
Bharti Airtel has been empanelled by the CERT-IN, which will allow the Gurgaon based telco to offer cyber-security solutions to the central and state governments as well as PSUs, besides corporate clients. Airtel provides end-to-end managed security services to enterprise clients under Airtel Secure, which is a combination of Airtel’s network security with solutions delivered through global partnerships.
SolarWinds hackers have got access to email accounts of the Trump administration’s head of the Department of Homeland Security and other key members, the department responsible for eliminating threats emanating from foreign soil, news agency AP said. The intelligence value of hacking is not known yet. The hack, however, raises serious questions over the USA govt’s ability to protect individuals, firms and institutions, if it can’t protect itself.
Enterprises and end-users will spend $2.08 bn in 2021 on information security and risk management. An increase of 9.5% from 2020, said Gartner. “The overnight move to WFH in reaction to the pandemic exposed organisations’ vulnerabilities,” said Prateek Bhajanka, senior principal research analyst at Gartner. “While security leaders had to cut down on their security spending in 2020 because of IT budget-cuts, in 2021, this trend is reversing,” he added.
TCS launched a SaaS-based ‘Automated Vulnerability Remediation platform’ to help firms in identifying and prioritising vulnerabilities in its software libraries and proactively fixing them. It will also build and execute a contextual, risk-focused and effective vulnerability management programme. Santha Subramoni, Global Head, Cyber Security, TCS, said customers need to remediate pre-existing vulnerabilities and put them in place to mitigate new ones.
Check Point Research in a new report said that the attempts by Cybercriminals to hack firms using unpatched Microsoft business email servers on-premises servers have multiplied 6X in the past 72 hrs. The US with 21% of all attempts tops the list of countries, followed by the Netherlands (12%) and Turkey (12 %). Govt/military (27 %) is the most targeted industry sector, followed by manufacturing (22 %) and then software vendors (9 %).
Microsoft has warned customers about new China state-sponsored threat actors prying on the vulnerability of four previously undisclosed security flaws in the Exchange Server. The company said, the hacking group, which it calls Hafnium, exploited the security vulnerabilities, fix patches of those are released by Microsoft, to break into exchange email servers running on company networks, and allowing attackers to steal data from a victim’s organisation.