2021 marks the end of another eventful year, filled with more pandemic-related pandemonium, bigger cyberattacks, massive digital transformation, and other incidents. This is the time for review and look back the events and that’s the reason a review on important happenings
Ransomware is a massive, expensive threat plaguing the cybersecurity landscape. We have observed hospitals, schools, critical infrastructure, and governments fall victim to ransomware attacks. In that scenario, law enforcement agencies doubled down on the threat, which led to the disruption of several massive ransomware actors.
- The FBI, French National Gendarmerie, and Ukrainian National Police, in coordination with INTERPOL and Europol, nabbed two ransomware operators responsible for exorbitant ransom demands between $5 million and $80 million.
- French authorities arrested a suspect for reportedly laundering more than $21 million in ransom payments.
- Ukrainian police caught a group of hackers who allegedly extorted money from foreign businesses, especially in South Korea and the U.S. The authorities claimed that the hackers were affiliated with the Cl0p ransomware group.
- We are aware of the debilitating attack on Colonial Pipeline by DarkSide. However, the FBI was able to seize approximately $2.3 million in ransom paid to the threat actor. Moreover, the threat actor has been offline since this attack.
- The Romanian and South Korean police arrested five hackers, allegedly belonging to the REvil group. In addition to that, U.S. officials apprehended two Ukrainian and Russian nationals for their involvement in REvil attacks.
Governments and Federal Agencies Curbs Threat Actors
The intensity of their attacks against various sectors, cyberattacks have become a matter of public safety and national security. The aim of the following actions taken by federal authorities and the U.S. government is to deal with cybercriminals who attempt to compromise networks, put critical infrastructure and lives of people at risk, and steal intellectual and financial property.
- The year started with the White House revealing a National Maritime Cybersecurity Plan that contains guidelines for threat information sharing, building a cybersecurity workforce, and setting up a risk framework for OT in ports.
- The U.S. Senate passed the National Defense Authorization Act (NDAA), which is a $768 billion annual defense spending bill loaded with provisions for cybersecurity.
- The CISA released the Binding Operational Directive (BOD) that necessitates federal agencies to patch known vulnerabilities.
- The CISA released playbooks comprising standardized response approaches to deal with cyber incidents and vulnerabilities.
- Following the attack on Colonial Pipeline, President Biden had approved an executive order, imposing stringent standards on the cybersecurity of all software sold to the federal government. The executive order focuses on information sharing and collective defense to deal with potential attack vectors and adversaries.
- The Biden administration brought together 30 nations and implored the private sector—managing most of the critical infrastructure—to upgrade its cybersecurity defenses to tackle ransomware threats.
- Along the same lines, the U.S. Department of Treasury announced a series of actions to be taken to dismantle criminal networks and crypto exchanges offering ransom laundering services, drive resilient cybersecurity across the private sector, and encourage ransomware payments and incident reporting to law enforcement and government agencies.
AI/ML Role Play
AI/ML has gained the status of crucial technology in cybersecurity due to its ability to rapidly analyze hundreds of thousands of events and detect potential threats. Not only can it identify phishing attacks, but it can also provide an extra layer of security – as some researchers showcased below.
- Researchers from the University of Plymouth and the University of Portsmouth published a paper stating that machine learning models combined with neural networks and binary visualization can help improve the accuracy and speed of detecting phishing websites.
- Penn State researchers designed a way to make encrypted keys harder to crack through AI and ML models. The device is called a Physically Unclonable Function (PUF) and uses graphene for a low-power, scalable, and reconfigurable device model with crucial resistance to AI-based attacks.
- U.S. Army researchers developed a deepfake detection approach that will enable the creation of top-notch soldier technology. The method has been named DefakeHop and is based on ML, computer vision, and signal analysis.
In next part , a continuation of this crux will look in to other domains and about the important happenings of 2021 . Stay Tuned !