The U.S. Cybersecurity and Infrastructure Agency (CISA) has urged a “Shields Up” defense in depth approach, as Russian use of wiper malware in the Ukrainian war escalates. The Russian malware “HermeticWiper” and “Whispergate” are destructive attacks that corrupt the infected computers’ master boot record rendering the device inoperable. The wipers effectuate a denial of service attack designed to render the device’s data permanently unavailable or destroyed. Although the malware to date appears to be manually targeted at selected Ukrainian systems, the risks now escalate of a spillover effect to Europe and the United States particularly as to: (i) targeted cyber attacks including on critical infrastructure and financial organizations; and (ii) use of a rapidly spreading indiscriminate wiper like the devastating “NotPetya” that quickly moves across trusted networks. Indeed, Talos researchers have found functional similarities between the current malware and “NotPetya” which was attributed to the Russian military to target Ukranian organizations in 2017, but then quickly spread around the world reportedly resulting in over $10 billion dollars in damage. The researchers added that the current wiper has included even further components designed to inflict damage.
Our colleagues Brian Cesaratto and Alexander Franchilli of Epstein Becker Green have a new post on Workforce Bulletin that will be of interest to our readers: “NAME:WRECK” Cybersecurity Vulnerability Highlights Importance of Newly Issued IoT Act".
The following is an excerpt:
A recently discovered security vulnerability potentially affecting at least 100 million Internet of Things (“IoT”) devices highlights the importance of the newly enacted IoT Cybersecurity Improvement Act of 2020 (the “IoT Act”). Researchers at the security firms Forescout ...
The importance of the Domain Name System (DNS) to your organization’s cybersecurity cannot be understated. Communications between computers on the Internet depend on DNS to get to their intended destination. Network communications begin with a query to DNS to resolve the human readable domain name to a numeric Internet Protocol (IP) address required by computers to route the transmission. A malicious party who is able to exploit a weakness in DNS can re-route sensitive traffic, including Protected Health Information (PHI), Personally Identifiable Information (PII) and ...
- DOJ’s FY 2023 Statistics: Highest Number of Settlements, Judgments, and Civil Investigative Demands in History and a Continued Health Care Focus
- FDA Releases Updated Directory on Select Dietary Supplement Ingredients
- In Alabama, Pre-Embryos are “Extrauterine Children” Under the State’s Wrongful Death Statute
- NJ Approves Cannabis Regulatory Amendment with Major Impacts on Class 5 Retail License Holders
- Unpacking Averages: Device Manufacturers Should Use the Newly Released Demographic Data in MDRs to Ensure Their Devices Are Not Disproportionately Hurting Minorities