Is Putin on the way out?

Feb 17 2023

Gone Phishing Banner

Welcome to Gone Phishing, your daily cybersecurity newsletter that’s popping off like Rhianna at the Superbowl.

Today’s hottest cyber security stories:

  • Russian malware close to Putin U.S. gas & electric ‘offline’ last year
  • Anarchy in the USA! Ransomware attack triggers ‘state of emergency’
  • Eat da rich cyberattack targets wealth management business

RUSSIAN MALWARE CLOSE TO PUT-IN U.S. GAS & ELECTRIC ‘OFFLINE’ LAST YEAR

Take a day off will-ya, Russia?

Our neighbours to the east were reportedly a gnat’s nibbler away from dunking on the U.S. in showstopping fashion by plunging them into the dark ages with a double trouble attack on gas and electric infrastructure.

About a dozen gas and electric facilities were targeted by the Russians in the opening weeks of its invasion of Ukraine.

Sounds like a plot from a James Bond movie, we know; but that’s the world we’re living in, unfortunately. Hmm, was it Quantum of Solace? Nope, apparently that was water. Close, mind.

Anyway, rumours continue to circulate regarding the health/mental state of Russia’s benevolent leader and this new report from a top cybersecurity firm will only add to speculation.

The question is: is he senile, dying, or just a genocidal megalomaniac? And let’s not rule out the possibility that it’s all three. Just Putin it out there… Apologies.

In all seriousness, you’d have to be a bit mad to essentially pick a fight with the most powerful nation on earth just a few weeks after invading a neighbouring country, unprovoked (arguably, *cough* NATO).

Robert M. Lee (wasn’t there a statue of him ????), the founder and CEO of Dragos (aforementioned ‘top cybersecurity firm’) which helps said hacker group “Chernovite” was using a malicious software to try to take down “around a dozen” U.S. electric and liquid natural gas sites.

“This is the closest we’ve ever been to having U.S. or European infrastructure go offline”, Lee added.

If Russia (or Russian threat actors, we should say) pulled this off, our guess is that good ol’ Sleepy Joe Biden would be sending more than just dollars.

RANSOMWARE ATTACK TRIGGERS ‘STATE OF EMERGENCY’ IN OAKLAND, CA

Does anyone remember the PS2 game State of Emergency? It was like Grand Theft Auto; but more violent, if you can imagine that.

Well anyway, that’s basically what’s going down in the city of Oakland in California, according to city officials at least who made the declaration yesterday following last Wednesday’s ransomware attack.

Ransomware attacks lock users out of their files and demand cash (often crypto) in return for re-access. Essentially, the sensitive/valuable data is held hostage. One can only assume that the City of Oakland is currently in a stalemate with the hackers.

Cyber-prats have been targeting cities all over America with these ransomware attacks and sadly (and infuriatingly!) the criminals often get they want. Why, you ask?

Quite simply, the cost of recovering the files often dwarfs the amount demanded by the scammers. That’s by design, presumably.

Take Atlanta, for example: they admirably stuck to their guns and refused to pay the $51,000 ransom. But afterwards they had to spend millions to recover the impacted systems. Begs the question, is it easier to just comply?

Cities such as Florence City, Lake City, and Riviera Beach City did just that.

Crime pays after all, kids. ????

SUCCESS-ION WEALTH FAILS… TO EVADE CYBER-ATTACK

Succession Wealth, A top UK ‘independent financial planning and wealth management business’ (wow, mouthful), fell victim to another hack-attack extravaganza yesterday morning.

Details are super scarce at time of writing, but it has the hallmarks of another ransomware attack, folks.

Aviva bought Succession Wealth last March in a deal worth £385m; there’s no indication that Aviva has been targeted in the attack.

Ransomware scare?

Attacks of this nature have become rather formulaic, probably because they’re so bloody effective.

“If it ain’t broke, don’t fix it” appears to be the mantra in play.

So, listen to the chain of events and tell us what you think.

First, it’s “technical difficulties”. Then, the company in question acknowledges that a cyberattack has indeed taken place.

Next, it assures its customers that no important stuff has been leaked. Then, the days and sometimes weeks begin to go by with little to no updates from the victim. We can see it going that way with this latest Succession Wealth attack, to be honest.

Will Succession Wealth have to put its money where its files are? Only time will tell.

So long and thanks for reading all the phish!

Cyber Dawgs top picks from the week, he’s your Dawg, he got you.

footer graphic cyber security newsletter

Recent articles