Two interrelated headlines about nation-state cyber attacks have been circulating early this week that could represent changes on the ground in the pseudo-cyber war playing out on the world stage.
The United States, Australia, and the United Kingdom, via the FBI, the U.S. Department of Homeland Security, and the U.K. National Cyber Security Centre (NCSC), issued a joint warning of a global cyber attack on networking equipment directing internet traffic. The attacks exposed the data passing through the infected equipment and tried to subvert firewalls and threat detection systems. According to official statements, the full scope of the attack is not yet clear.
The warning accused Russia of being behind the cyber attack. This would not be the first time that Russia would be behind a nation-state cyber attack: they have been linked to attacks interfering in the 2016 U.S. Presidential Elections. At time of writing, Russia has not responded to the accusation, although they have denied similar charges in the past.
The warning was issued because the attacks affect a wide range of enterprises, although no victims were identified in the official statement. Enterprises should take steps to protect themselves, identify if they have been affected, and alert authorities if so.
Meanwhile, 34 tech companies including Facebook and Microsoft have signed a pledge committing to strong cybersecurity defense and to not assisting the government in nation-state cyber attacks. The exact clause states: “The companies will not help governments launch cyber attacks and will protect against tampering or exploitation of their products and services through every stage of technology development, design and distribution.”
Google, Apple, Amazon, and Twitter were notably absent from the pledge. It is unclear if this pledge may hinder the effectiveness of future nation-state cyber attacks by the U.S or any retaliatory attacks on Russia.
The full pledge can be read here.
- The Best SOAR Tools and Vendors to Consider in 2023 - November 26, 2022
- The 10 Best Open Source SIEM Tools for Businesses - October 13, 2022
- The Best Managed Detection and Response Vendors to Consider in 2023 - October 2, 2022