Researchers discovered the group after a long-time target of Pawn Storm, a hacking group connected to Russian intelligence, also known as Fancy Bear and APT28, said in March of 2020 that hackers targeted his wife with phishing emails. Trend Micro found that the indicators didn’t match Pawn Storm, and attributed the attacks to another Russian-language group it named Void Balaur.
Unlike APT28, Void Balaur appears to be an independent group willing to hack into the emails of targets as diverse as aviation companies in Russia to human rights activists in Uzbekistan, according to Trend Micro. That from CyberScoop.
Europol is reporting a 300% increase in the number of ransom payments between 2019 and 2020, and that’s without accounting for this year. The report highlights more aggressive tactics from the attackers to get paid – including further disruption via DDoS attacks to escalate.
As I wrap my own head around this, I want to mention that the DoD announced changes to their Cybersecurity Maturity Model Certification (CMMC) program for defense contractors. The new version is streamlined, reducing the levels from five to three, adds options for self-assessments, reduces the number of orgs that required third party certification, and increases oversight, among other changes.
And, sadly, if you’re a comic book fan… Diamond Comics was hit too, and are noting delays in shipments of books for Wednesday orders.
Why do we care?
Not the comic books!
The CMMC developments are my current area of focus. I admit, I don’t know enough about this framework, and am learning myself. Yesterday it was legislation, and today the frameworks. They’re both clearly linked, as a framework helps implement legislation within a business. Leveraging a framework also gives evidence to customers… and insurers.