Connect with us

Cyber Security

Russia arrests leading cybersecurity exec on treason charges

Russian authorities have arrested an executive of a top cybersecurity company on the charges of high treason, a move that has sent shock waves through Russia’s business community. A court in Moscow on Wednesday announced a ruling to place Ilya Sachkov, founder and CEO of the Group-IB, one of the leading cybersecurity companies in Russia, in custody for two months pending investigation and trial. The court didn’t offer any details about the case against the executive as the case files have been classified, the Interfax news agency reported — as is typical with treason cases in Russia.

Published

on

MOSCOW (AP) — Russian authorities have arrested an executive of a top cybersecurity company on the charges of high treason, a move that has sent shock waves through Russia’s business community.

A court in Moscow on Wednesday announced a ruling to place Ilya Sachkov, founder and CEO of the Group-IB, one of the leading cybersecurity companies in Russia, in custody for two months pending investigation and trial.

The court didn’t offer any details about the case against the executive as the case files have been classified, the Interfax news agency reported — as is typical with treason cases in Russia.

According to Russian media reports, Sachkov was arrested on Tuesday morning and the law enforcement raided the offices of Group-IB in Moscow. The company on Wednesday confirmed that the raid took place.

In a statement Wednesday, Group-IB said the company’s employees were “sure” of their boss’s innocence and “honest business reputation.” The company refused to comment on the accusations against Sachkov or details of the case, citing ongoing legal proceedings.

Russia’s state news agency Tass reported, citing anonymous sources, that Sachkov also insisted on his innocence. The agency’s source alleged that Sachkov “worked for foreign intelligence services and passed on cybersecurity data that constitutes a state secret.”

Sachkov’s arrest on treason charges surprised many. Russia’s business ombudsman Boris Titov demanded that investigators “explain themselves,” “given the caliber and the uniqueness of entrepreneur Sachkov for Russia’s entire IT industry.”

If the authorities don’t explain their case against Sachkov, “a critical blow will be delivered to the sector and its investment appeal,” Titov said.

Kremlin spokesman Dmitry Peskov argued Wednesday that Sachkov’s case “has nothing to do with (Russia’s) business or investment climate,” because “accusations (against him) are not connected to the economy, they are connected to treason.”

Group-IB specializes in combating cyberattacks, online fraud and investigating high-tech cyber crimes. Top Russian banks and companies, including state-run ones, are among the company’s clients.

Group-IB helped Russian authorities investigate cyberfraud cases and is also said to be an official partner of the Interpol and Europol.

According to Russian media reports, Sachkov was arrested on Tuesday morning and the law enforcement raided the offices of Group-IB in Moscow. The company on Wednesday confirmed that the raid took place.

Source: https://news.yahoo.com/russia-arrests-leading-cybersecurity-exec-190826276.html

Cyber Security

October is National Cybersecurity Awareness Month

October is National Cybersecurity Awareness Month and the Office of Information Technology (OIT) is reminding faculty, staff and students that they hold many of the essential keys to lock criminals out of individual and SIU systems and accounts.

Published

on

October 14, 2021

October is National Cybersecurity Awareness Month and the Office of Information Technology (OIT) is reminding faculty, staff and students that they hold many of the essential keys to lock criminals out of individual and SIU systems and accounts.

In the first of a two-part installment, the OIT is sharing what is at risk. A second article will explain what people can do to enhance their cybersecurity efforts and prevent criminal activity. Later in October, the OIT will also offer a cybersecurity challenge designed to elevate awareness and keep the campus cyber-safe.

The OIT wants to remind the campus community that everyone plays a role in maintaining cybersecurity. Sensitive information and device access is extremely valuable, and cybercriminals are smart! Almost every electronic device you use, whether University-owned or personal, is vulnerable to cyberattack. Computers, tablets, phones, gaming devices and smart electronics like printers, smart TVs, and even thermostats can be exploited by cybercriminals. A single mistake can cost you, others, and/or the University much more than time or money; a single breach can destroy the trust earned over decades.

What is at risk?

The OIT typically focuses efforts on cybersecurity awareness and prevention: how to spot suspicious activity and what to do. It is also important that everyone knows what can happen from a single mistake.

If someone unintentionally provides “sensitive information” such as a username and password, a Social Security number, account numbers, or the sensitive data belonging to other people, the door opens for cybercriminals. Similarly, if just one individual clicks on a malicious link or opens an infected attachment cybercriminals may then have access to any data on the machine, use of the machine for additional criminal activity, and/or control over the device’s audio and video capabilities for spying or voyeuristic activity.

Once a skilled cyber-criminal has sensitive data or access to a device, they can:

  • Lock down the device or encrypt data and hold it hostage for ransom (known as Ransomware).
  • Open and use accounts in an individual’s or institution’s name.
  • Access current accounts to steal data, information, or money.
  • Connect to thousands of other computers to create illicit networks.
  • Spy and record audio and/or video in the area where a device is located.
  • Track every keystroke or website visited.
  • Store and sell illegal information, photographs, music, software and video.
  • Send countless scam, spam and phishing emails to other people.
  • Use individual or institutional identities for illegal gain.
  • Destroy reputations intentionally or through the fallout associated with a cyberattack.

These risks may seem distant, but they are very close and very real. Any device that connects to a network or extracts information from a portable media source – a thumb drive, portable hard-drive, or CD – is vulnerable.

Here is a helpful, graphic summary of cyber risks. For additional information or for help with a cybersecurity issue, contact SIU’s cybersecurity team at security@siu.edu or visit the SIU Information Security website at https://oit.siu.edu/infosecurity/.

What is at risk?

Source: https://news.siu.edu/2021/10/101421-October-is-National-Cybersecurity-Awareness-Month.php

Continue Reading

Cyber Security

Free Cloud Trial

Free Cloud Trial The Securonix platform is available as a completely online Securonix as a Service (SaaS) offering, with the same benefits as Securonix UEBA and Securonix Next-Gen SIEM. The cloud-based service enables you to leverage your data and Securonix security analytics without the need to purchase, deploy or manage any infrastructure components. The benefits…

Published

on


The Securonix platform is available as a completely online Securonix as a Service (SaaS) offering, with the same benefits as Securonix UEBA and Securonix Next-Gen SIEM. The cloud-based service enables you to leverage your data and Securonix security analytics without the need to purchase, deploy or manage any infrastructure components.

The benefits of SaaS include:

  • Instant SOC Deployment

    Get up and running with the core components of your own Security Operations Center virtually instantly.

  • Cost Effectiveness

    Without the need to deploy your infrastructure stack, you operate at the lowest cost efficiency possible.

  • Scalability

    You can use as much or as little storage and analytics processing as is necessary for your organization, and expand as you grow with the click of a button.

  • Complete Security

    Your data is secure. Rest assured that Securonix stores information with the highest security protocols.

Source: https://duckduckgo.com/y.js?ad_provider=bingv7aa&eddgt=itHzKa_R3FH1EtkvLN4zgg%3D%3D&rut=8493512127c9749789f10c9bbe11ce03e8f5d99fee8c2f7ef7e2d9e939f6abf6&u3=https:%2F%2Fwww.bing.com%2Faclick%3Fld%3De8O5uZA29xe9r5AiozlxoNTjVUCUzzUTlOPg1jr3zrxdKklvBpkTEL-25hJiR2I7WPw6kQ87KTqCMaX4nEAn57vE79VYTUeetuDzobV3RiOOLviHSz1Au17xO7-m-s9Hw3xRXyliLq3GC6hwUWR_l-Deyj6bfxz0IezLf0xBUKLsYYWoiSLoLkshQL1lKOfHHNlCnEDCbz3tqj1KZqXrfZY00Y0Q6o8XBOmYqCKb5LvpaVwAUVQWHajm3Am0jSuTPr1rkoO29kRyfYRsjm9rJu1QSRhC4Vb_5XihVXp0ioJKziQRNNwkDSVCnq-UsCU62PuWHDhcc5A4CfdV5yw7oE6GPH0qxCG6AJrg2elhL4KKY2eR2sdGPQDzAcIK04I_KgxULYmyj3csBXeDC-YYcSINcw9ub5fmtFUyiSispsGTKceDwR2lxE4tirMcJmnys063wjJtfya1YYGk_ZuasG1kno-tsFfaiGa7sNwh3XEQJZq_kstQfp-Zui_pPb-2S4JTjga_FeJpqa4dmcddRZ6kSU1nt8OJrYZMNh_W5LnhSMe075czLZTgJCcFI-tnVaDxlkAYm9kTnfl7gB7LwffpS9acvWJQVuuUcEtqNfyoI6k7gEfdxdeGnauQ6cSY04DQF0sRJZr2GGeUPVqUGZKQiVWuH2Fz4C3lTrssE-vwzY9e5G4MVUs4UoMKtRXXlUEs1aQPRzbQDVmNVuCorm2jdEQIgYPZOhxULPMW4ZkNtxHHguxaUcawi4jUS-vcxFJssfDA%26u%3DaHR0cHMlM2ElMmYlMmZ3d3cuc2VjdXJvbml4LmNvbSUyZmZyZWUtY2xvdWQtdHJpYWwlMmYlM2Ztc2Nsa2lkJTNkZjg0ZDZmZTAzNjIyMWI4MjY5M2MwZWI2ZTM4NTliYmM%26rlid%3Df84d6fe036221b82693c0eb6e3859bbc&vqd=3-14078054627930388435070795111506886909-103915915486924297021438552878520208642&iurl={1}IG%3DFF0AE46114E4481A959E03189F37A2A8%26CID%3D1BE4FC3A5EDC6A9A27DDECF95F776BF2%26ID%3DDevEx%2C5629.1

Continue Reading

Cyber Security

Biden cybersecurity leaders back incident reporting legislation as ‘absolutely critical’

Senior officials supported fines for companies that don’t comply with proposed cyber reporting regulations.

Published

on

Senior Biden administration officials are backing congressional efforts to enact new cyber incident reporting requirements for critical infrastructure operators and other companies, as well as other efforts to further entrench the Cybersecurity and Infrastructure Security Agency at the center of the civilian executive branch’s digital security apparatus.

During a Senate Homeland Security and Governmental Affairs Committee hearing today, CISA Director Jen Easterly and National Cyber Director Chris Inglis offered support for incident reporting legislation put forth by Chairman Gary Peters (D-Mich.) and Ranking Member Rob Portman (R-Ohio). The bill would require critical infrastructure operators to report significant cyber incidents on their networks to CISA.

Easterly said incident reporting is “absolutely critical” and called CISA’s “superpower” its ability to share cyber threat information across agencies and critical infrastructure sectors.

“What we could do with this information is not only render assistance to the victim and help them remediate and recover from the attack, but we can use that information, we can analyze it, and then we could share it broadly, to see whether in fact evidence of such intrusions were found across the sector, or across other sectors or across the federal civilian executive branch,” she said.

The Peters-Portman bill would also give CISA subpoena authority in the event a company refuses to comply with the reporting requirements. But Easterly said a subpoena “is not an agile enough mechanism to allow us to get the information that we need to share it as rapidly as possible to prevent other potential victims from threat actors.”

Instead, Easterly said lawmakers should look at using fines to enforce compliance.

“I just came from four and a half years in the financial services sector, where fines are a mechanism that enable compliance and enforcement,” she said.

White House National Cyber Director Chris Inglis also backed the idea of fines, but said there should additionally be incentives for reporting incidents to the government.

“We of course don’t want to impose an unfair burden on the victims,” Inglis said. “But this information is essential for the welfare of the whole. There should be rewards for good behavior. If you’ve performed well and thoughtfully in this, the benefit should be obvious, which is that we can provide better services both in response and preventing this in the future.”

In addition to Peters and Portman’s legislation, members of the Senate Intelligence Committee have introduced a cyber incident reporting bill that would mandate a tighter 24-hour window for reporting incidents. The Peters-Portman bill would establish a 72-hour reporting timelines as a minimum.

The bill endorsed by members of the intelligence committee would also cover a broader range of both incidents and reporting entities, including critical infrastructure, federal contractors, agencies, and cybersecurity service providers.

Meanwhile, House Homeland Security Cybersecurity Subcommittee Chairwoman Yvette Clarke (D-N.Y.) has successfully attached an incident reporting bill to the defense authorization bill. Clarke’s legislation is similar to the Peters-Portman bill in that it only applies to critical infrastructure operators and offers a 72-hour timeline as a starting point.

Lawmakers are also eyeing potential updates to the Federal Information Security Modernization Act of 2014. The FISMA reforms are aimed at sorting out roles and responsibilities for cybersecurity across the federal government.

Easterly said she hopes lawmakers will formally establish CISA as the “operational lead for federal cybersecurity” as part of FISMA reform legislation. She also advocated for making agencies “accountable” for investing in cybersecurity, as well as moving beyond “box checking” compliance to what she described as “true operational risk management.”

“I think instantiating all of that in FISMA reform will be incredibly important and helpful for our role,” Easterly added.

President Joe Biden may also issue a directive to clarify the role of the National Cyber Director and other cyber officials across government, according to Inglis, whose office is only a few months old.

“We’re actually taking our time, not because we’re complacent in any way, shape, or form, but taking our time to actually let experience, a modest amount of experience, drive our efforts to then clarify in writing what we believe is the right and proper way to describe that [organizational] chart in action,” he said.

Meanwhile, agencies are continuing to implement Biden’s May executive order on cybersecurity. CISA and the Office of Management and Budget have already released a federal definition for “critical software,” as well as new requirements for storing and sharing data, according to Chris DeRusha, federal chief information security officer at OMB.

OMB and the Department of Homeland Security have also developed recommendations for “new contract clauses that will enhance how the federal government and industry work together to address cyber threats,” according to DeRusha’s written testimony.

“These clauses will streamline the sharing of threat intelligence and notification of incidents,” he added.

During the hearing, DeRusha said OMB is additionally preparing new guidance for agencies on supply chain risk management.

Agencies are also likely to request new funding from Congress to implement the new cyber mandates. After Congress flushed the Technology Modernization Fund with $1 billion as part of the American Rescue Plan, agencies submitted more than 100 project proposals worth a collective $2.3 billion, with 75% of the proposals focused specifically on cybersecurity, according to DeRusha.

“We are focused and made a lot of progress already on baseline hygiene measures,” DeRusha said regarding the executive order. “We’ve also set in place a multi-year strategy and plan. And what we’re going to need from Congress is… some new resources to implement this plan.”

The Peters-Portman bill would also give CISA subpoena authority in the event a company refuses to comply with the reporting requirements. But Easterly said a subpoena “is not an agile enough mechanism to allow us to get the information that we need to share it as rapidly as possible to prevent other potential victims from threat actors.”

Source: https://federalnewsnetwork.com/cybersecurity/2021/09/biden-cybersecurity-leaders-back-incident-reporting-legislation-as-absolutely-critical/

Continue Reading

Trending