Cyber Command News | CYBERCOM Or USCYBERCOM Alerts For Cyber Threats
Current News Flashes
Privacy Is Important! Defcon Level Warning System currently highly recommends Express VPN to browse privately & securely. Use This Link to get 30 free days.
Want To Support What We Do? Keeping alerts, intel and news as informative and timely as possible takes a lot of research, time, effort and financial investment for required tools and services. There are many ways you can Contribute or Subscribe to Defcon Level Warning System today, for early access for and exclusive news and alerts while supporting our work in the process. No contribution is too small. Thank you!
March 22, 2022 - Washington says that the Kremlin is 'exploring options' for carrying out cyberattacks against the United States, Joe Biden said on Monday urging to strengthen the cybersecurity of America's private sector. Read more
March 14, 2022 - A number of Israeli websites, including government sites have crashed as a result of cyberattacks, including the websites of the interior, health, justice and welfare ministries. Read more
March 2, 2022 - The head of Russia's space agency has stated that Russia will be treating any hacking of its satellites as justification for war, after an alleged hack of their systems was claimed by a 'non-state' hacker group on Tuesday according to media reports. Read more
March 1, 2022 - An incident that affected the fiber cables to the mainland has reportedly put Tasmania, Australia largely offline. Internet, phone lines and television services have all gone down after the incident. Read more
February 25, 2022 - The Decentralized international hacker group 'anonymous' has declared cyber war on Russia via Twitter, seemingly over Russia's war declaration on Ukraine. Read more
February 15, 2022 - Our intel channels confirm that the Ukrainian Ministry of Defense website is still down. It is now not showing any custom error message at all, just the white default connection timeout message, indicating the server is completely shut down. Read more
February 15, 2022 - Netblocks monitoring service confirms that the Ukrainian ministry of defense website is down, along with Ukraine's State Savings Bank which is impacting ATM and banking services in Ukraine. Suspected ongoing DDOS attack on the servers. Read more
February 15, 2022 - Ukrainian Ministry of Defense: "The MOD website was probably attacked by DDoS: an excessive number of requests per second was recorded. Technical works on restoration of regular functioning are carried out. Communication via FB and Twitter pages" Read more
February 15, 2022 - Ukrainian media reports say there are issues with some Ukrainian banks, in addition with the Defense Ministry site being down. Privat and Oschad apps are not working and people can't pay with their cards. Read more
February 11, 2022 - *UPDATED* There have been many reports that Twitter is currently down or having problems (including the Defcon Level account) since 12:13 PM Eastern Time. Amazon Web Services are also having problems. *UPDATE: Both Twitter and Amazon Web Services are fully operational once again after a brief period of downtime. Read more
February 6, 2022 - The Washington State Department of Licensing says that they observed irregular activity on one of its systems last month and that personal data from professional licenses might have been breached and leaked out to hackers. Read more
February 5, 2022 - A cyberattack, discovered on January 20th was carried out against the New York based 'News Corp' which reportedly accessed emails and documents of various employees in the company, including that of journalists, which could possibly have been the main target of the attack. Dow Jones and New York Post also affected. Read more
February 4, 2022 - Multiple oil transport and storage facilities in Europe have been hit with cyber attacks. Oiltanking in Germany, SEA-Invest in Belgium and Evos in the Netherlands have all had cyberattacks carried out against them, including 'dozens of terminals with oil storage and transport' across the world having been affected over the weekend according to BBC News. Read more
February 3, 2022 - British snack brand KP snacks Hit with a ransomware attack which has disrupted deliveries causing fears of shortages. Read more
February 2, 2022 - US State Department: We are concerned by the breach, announced last month, of sensitive data held by the International Committee of the Red Cross ICRC. Read more
January 27, 2022 - The Department Of Homeland Security has released an intelligence bulletin stating that Russia would consider carrying out a cyberattack on the United States homeland if Moscow deems that the written response given by the U.S. and NATO threatens Russia's 'long-term national security'. Read more
January 26, 2022 - Apple has confirmed that its iCloud service is currently experiencing international service outages Read more
January 25, 2022 - There has reportedly been a cyber attack on the Belarus railway system by hacktivists who say they hacked the rail system to stop the Russian military buildup near the Ukrainian borders. Read more
January 25, 2022 - The Department of Homeland Security is warning of an 'imminent cyber threat' against both American companies and government agencies from Russia Read more
January 19, 2022 - Poland has raised its nationwide cybersecurity threat level following the cyberattack on Ukrainian government sites last week. Read more
January 17, 2022 - NATO has signed a deal with Ukraine to 'deepen' cyber cooperation between the two countries after the latest cyber attack on Ukrainian government websites, and worries about a coming full scale Russian invasion on the country. Read more
January 14, 2022 - The Ukrainian Information Ministry said that 'the first data suggests' today's cyberattack on Ukrainian websites was 'carried out by the Russian Federation'. Read more
January 14, 2022 - The North Atlantic Treaty Organization (NATO) is set to sign a cyber deal with Ukraine and increase cyber warfare cooperation after Ukrainian websites were hacked according to NATO Secretary General Jens Stoltenberg on Friday. Read more
January 14, 2022 - Russia has conducted a special operation against the hacker group REvil on Friday, dismantled the group and charged 15 of the group's members at the request of the United States, according to the FSB domestic intelligence service. Read more
January 14, 2022 - Ukrainian government websites have been hacked in a massive cyberattack and are temporarily down. Read more
January 13, 2022 - U.S. Cyber Command has officially confirmed that Iran's intelligence ministry is connected to the cyber espionage group MuddyWater which steals data from computer networks globally. Read more
January 3, 2022 - The Jerusalem Post website was hacked and replaced with a photo of a rocket coming out of a ring, similar to the ring worn by top Iranian general Qassem Soleimani with the message "We are close to you where you do not think about it". Read more
˅
˅
White House: Russia Exploring Options For Cyberattacks Against United States - Washington says that the Kremlin is 'exploring options' for carrying out cyberattacks against the United States, Joe Biden said on Monday urging to strengthen the cybersecurity of America's private sector.
The White House statement, according to Biden spoke of 'evolving intelligence' on potential cyberattacks by Russia as Biden reiterated previous warnings from Washington about potential cyberattacks coming from Russia.
"I have previously warned about the potential that Russia could conduct malicious cyber activity against the United States. It is part of Russia’s playbook", he stated.
"Today, my administration is reiterating those warnings based on evolving intelligence that the Russian government is exploring options for potential cyberattacks".
Biden called on America's private sector to harden its security defenses 'immediately' and said that the federal government "cannot defend against this threat alone".
He also said that "vigilance and urgency today can prevent or mitigate attacks tomorrow".
Railway From Belarus To Ukraine Cut Due To Belarusian Sabotage - The head of the Ukrainian Railways Alexander Kamyshin has confirmed that there is no longer any railway connection between Ukraine and Belarus, "thanks to Belarusian railway workers" who decided to launch what they have called a "railway war" by sabotaging Russian equipment in various ways. Read Full Article
Israeli Government Sites Have Crashed Due To Cyberattacks - A number of Israeli websites, including government sites have crashed as a result of cyberattacks, including the websites of the interior, health, justice and welfare ministries.
A number of Israeli websites, including government sites have crashed as a result of cyberattacks, including the websites of the interior, health, justice and welfare ministries.
This is reported to be the largest ever cyberattack ever carried out against Israel. No one has yet been able to determine who has carried it out, or why.
The Defense establishment and National Cyber Directorate has declared a state of emergency 'in order to study the extent of the damage' and determining whether or not the Israeli electric and water companies were also attacked.
Israeli Defense says that the cyberattacks targeted the .gov.il domain which is used for all government websites except for Defense related sites. The government database also uses the .gov.il extension.
Harretz news says that despite the cyberattacks, 'some of the websites can still be accessed via smartphone'.
Russia: We Will Treat Any Hacking Of Our Satellites As Justification For War - The head of Russia's space agency has stated that Russia will be treating any hacking of its satellites as justification for war, after an alleged hack of their systems was claimed by a 'non-state' hacker group on Tuesday according to media reports.
Head of the Russian State Space Corporation "Roscosmos" Dmiry Rogozin denied media reports however that Russian satellite control centers had been hacked during Russia's campaign against Ukraine while at the same time warned against any attempt to hack their systems saying that it would be treated as justification for war.
Interfax quoted Rogozin saying "Off-lining the satellites of any country is actually a casus belli, a cause for war" after the hacker group Network Battalion 65 had claimed responsibility for hacking Russia's satellite systems.
The claim by Network Battalion 65 came out on March 1st, with a Twitter post saying "we won't stop until you stop" and a message saying "The Russian Space Agency sure does love their satellite imaging. Better yet, they sure do love their Vehicle Monitoring System. The WS02 was deleted, credentials were rotated and the server is shut down".
The message continues to read "Network Battalion isn't going to give you the IP, that would be too easy, now wouldn't it? Have a nice Monday fixing your spying tech. Glory to Ukraine. We won't stop until you stop dropping bombs, killing civilians and trying to invade" (we left out the colorful part at the end).
Another message by the hacking group says "Anonymous is not alone. NB65 has officially declared cyber war on Russia as well. You want to invade Ukraine? Good. Face resistance from the entire world" and then "All of us are watching. All of us are fighting".
Island State In Tasmania, Australia Largely Offline After Incident Affecting Fiber Cables To Mainland - An incident that affected the fiber cables to the mainland has reportedly put Tasmania, Australia largely offline. Internet, phone lines and television services have all gone down after the incident. Real-time network monitoring shows that connectivity of the region is at 30% of its ordinary levels. The incident is marked as 'ongoing' by the NetBlocks internet observatory.
Netblocks put out an update over Twitter with a graph showing the downtime saying "Confirmed: The island state of #Tasmania in #Australia has fallen largely offline, with internet, phone lines and TV services down after an incident affecting fibre cables to the mainland; real-time network data show connectivity at 30% of ordinary levels; incident ongoing".
Decentralized International Hacker Group 'Anonymous' Declares Cyber War On Russia - The Decentralized international hacker group 'anonymous' has declared cyber war on Russia via Twitter, seemingly over Russia's war declaration on Ukraine.
The group tweeted on February 25th saying "The Anonymous collective is officially in cyber war against the Russian government. #Anonymous #Ukraine".
Ukrainian Ministry Of Defense Website Still Under Suspected DDOS Attack - Our intel channels confirm that the Ukrainian Ministry of Defense website is still down. It is now not showing any custom error message at all, just the white default connection timeout message, indicating the server is completely shut down.
Netblocks Confirms Loss Of Connectivity To Ukraine's Banks and ATM Services As Well As Ukrainian MOD - Netblocks monitoring service confirms that the Ukrainian ministry of defense website is down, along with Ukraine's State Savings Bank which is impacting ATM and banking services in Ukraine. Suspected ongoing DDOS attack on the servers.
Ukrainian Ministry Of Defense Says Probably Hit With DDOS Attack - Ukrainian Ministry of Defense: "The MOD website was probably attacked by DDoS: an excessive number of requests per second was recorded. Technical works on restoration of regular functioning are carried out. Communication via FB and Twitter pages"
Large-Scale Cyber Attack On Ukrainian Banks And Defense Website Currently Underway - Ukrainian media reports say there are issues with some Ukrainian banks, in addition with the Defense Ministry site being down. Privat and Oschad apps are not working and people can't pay with their cards.
Ukrainian Ministry of Defense website is currently down. None of the members in our intel channel can open it. When I finally was able to get in, the site was not operational but a message displayed about the site being under maintenance. The time it took for the page to load indicated a DDOS attack on the server.
The fact that the Ukrainian banks and Defense Ministry site would not be hosted on the same server indicates it's a large-scale attack hitting a number of Ukrainian servers. DDOS attack suspected.
Many Reporting Twitter Is Currently Down - *UPDATED* There have been many reports that Twitter is currently down or having problems (including the Defcon Level account) since 12:13 PM Eastern Time. Amazon Web Services are also having problems. *UPDATE: Both Twitter and Amazon Web Services are fully operational once again after a brief period of downtime.
Defcon Warning System Twitter account began logging off and throwing up an error message at attempted logins. Many other users have been reporting similar experiences with Twitter starting at 12:13PM EST.
Washington State Department Of Licensing Possible Cyberattack Breach - The Washington State Department of Licensing says that they observed irregular activity on one of its systems last month and that personal data from professional licenses might have been breached and leaked out to hackers. Read more
Cyberattack Against New York Based News Corp, China Suspected In Stealing Data On Journalists - New York - A cyberattack, discovered on January 20th was carried out against the New York based 'News Corp' which reportedly accessed emails and documents of various employees in the company, including that of journalists, which could possibly have been the main target of the attack. Dow Jones and New York Post also affected. Full Article
Oil Facilities In Europe hit With Cyber Attacks - Multiple oil transport and storage facilities in Europe have been hit with cyber attacks. Oiltanking in Germany, SEA-Invest in Belgium and Evos in the Netherlands have all had cyberattacks carried out against them, including 'dozens of terminals with oil storage and transport' across the world having been affected over the weekend according to BBC News.
All of the companies listed either went completely down or were 'severely' disrupted, though security experts are reportedly cautioning against making assumptions that the attacks were all coordinated.
Oiltanking Deutschland GmbH & Co. KG stated that it had been hacked Monday and said they were forced to operate a 'limited capacity'. The company is currently investigating the incident.
Threat Analyst Berett Callow at cyber-security company Emsisoft said that the reason we need to be careful about jumping to conclusions that multiple cyberattacks are related is that "Some types of malware scoop up emails and contact lists and use them to automatically spam malicious attachments or links, so companies with shared connections can sometimes be hit in quick succession".
"This is why you sometimes see sector-based or geographic-based clusters of incidents" he stated. Another possibility, according to BBC is that all of the companies that were affected may be using the same software for their operations which could have been compromised by hackers who found a vulnerability in the software's code.
British Snack Brand KP Snacks Hit With Ransomware Attack - In another disruptive attack on food suppliers, British snack brand KP Snacks has been hit with a ransomware attack with retailers warning of a crisps and nuts shortage post attack do to deliveries being disrupted.
U.S. Department Of State Statement on the Hack of the ICRC - "We are concerned by the breach, announced last month, of sensitive data held by the International Committee of the Red Cross (ICRC). For 150 years, the ICRC and the wider Red Cross and Red Crescent Movement have played a unique and essential role in protecting vulnerable populations from the harms of armed conflicts, natural disasters, and other emergencies". Full Article
DHS Warns Of Russian Cyberattacks On U.S. Homeland - WASHINGTON - The Department Of Homeland Security has released an intelligence bulletin stating that Russia would consider carrying out a cyberattack on the United States homeland if Moscow deems that the written response given by the U.S. and NATO threatens Russia's 'long-term national security'. Full Article
Apple iCloud Experiencing International Service Outages - Apple has confirmed that its iCloud service is currently experiencing international service outages that is not related to country-level internet disruptions according to Netblocks.
Apple's iCloud backup, iCloud mail, iCloud photos have all been reported to have service disruptions.
Apple stated that "some users are affected" and that they might be "experiencing a problem with this service" regarding the service outages.
The service interruptions began at 6:15 PM ET and has been ongoing since that time. Apple has not given an estimate on when services will be back up and running.
Cyberattack On Belarus Rail System To Stop Russian Military Buildup - There has reportedly been a cyber attack on the Belarus railway system by hacktivists who say they hacked the rail system to stop the Russian military buildup near the Ukrainian borders. Full Article
DHS: Imminent Cyber Threat Against America From Russia - The Department of Homeland Security is warning of an 'imminent cyber threat' against both American companies and government agencies from Russia, a national security source reportedly informed Fox News.
The source says that Russia 'may soon launch attacks against critical U.S infrastructure" after the Cybersecurity and Infrastructure Security Agency (CISA) put out a statement last week saying that every organization within the United States is 'at risk from cyber threats'.
CISA stated "[e]very organization in the United States is at risk from cyber threats that can disrupt essential services and potentially result in impacts to public safety".
CISA also warned companies and organizations in the United States to take immediate steps to guard against a cyberattack and referred to the recent attacks against Ukrainian government websites which Ukraine intelligence says Russia and Belarus had a hand in carrying out.
Poland Raises Cybersecurity Terror Threat Level Following Attack On Ukrainian Government Sites - Poland has raised its nationwide cybersecurity threat level following the cyberattack on Ukrainian government sites last week.
The Polish Defense Ministry stated "The introduction of this alert level means that public administration will be obliged to conduct increased monitoring of the security of ICT systems. It is due to the possibility of a possible security breach of electronic communications".
Microsoft had responded to the Ukrainian government cyberattack by saying "These systems span multiple government, non-profit, and information technology organizations, all based in Ukraine".
Serhiy Demedyuk, deputy secretary of the Ukrainian National Security and Defense Council stated "We believe preliminarily that the group UNC1151 may be involved in this attack".
NATO Signs Deal With Ukraine To Deepen Cyber Cooperation - NATO has signed a deal with Ukraine to 'deepen' cyber cooperation between the two countries after the latest cyber attack on Ukrainian government websites, and worries about a coming full scale Russian invasion on the country.
Ukraine says that it has evidence that Russia was behind the cyber attacks on its government websites, something that Russia has denied involvement in.
NATO Secretary General Jens Stoltenberg stated on Friday that cyber experts from NATO are already on the ground in Ukraine working with them regarding the latest cyber attack.
Stoltenberg said that the new cyber agreement with Ukraine will 'enhanced cyber cooperation, including Ukrainian access to NATO’s malware information sharing platform'.
Ukraine: Data Suggests Cyberattack Carried Out By Russian Federation - The Ukrainian Information Ministry said that 'the first data suggests' today's cyberattack on Ukrainian websites was 'carried out by the Russian Federation'.
"Contrary to the allegations of the attackers, the leakage of data, including personal data, did not occur" the Ministry stated.
NATO Signing Cyber Deal With Ukraine After Cyber Attack On Ukrainian Websites - The North Atlantic Treaty Organization (NATO) is set to sign a cyber deal with Ukraine and increase cyber warfare cooperation after Ukrainian websites were hacked according to NATO Secretary General Jens Stoltenberg on Friday.
Stoltenberg put out a statement on Friday saying "Allied experts in (the) country are also supporting the Ukrainian authorities on the ground".
"In the coming days, NATO and Ukraine will sign an agreement on enhanced cyber cooperation, including Ukrainian access to NATO’s malware information sharing platform" he said.
Russia Dismantles REvil Hacker Group At Request Of U.S. - Russia has conducted a special operation against the hacker group REvil on Friday, dismantled the group and charged 15 of the group's members at the request of the United States, according to the FSB domestic intelligence service.
The FSB stated "The organized criminal association has ceased to exist and the information infrastructure used for criminal purposes was neutralized".
In November the United States stated that it was offering a reward of up to $10 million for information leading to the identification or location of anyone holding a key position within the REvil hacker organization.
Ukrainian Government Sites Hacked In A Massive Cyberattack - Ukrainian government websites have been hacked in a massive cyberattack and are temporarily down.
A Ukrainian Ministry of Foreign Affairs spokesman stated "Our specialists are already working on restoring the work of IT systems & the cyber police opened an investigation".
The hacked message on the websites include the following text written in Ukrainian, Russian and Polish: "Ukrainian! All your personal data has been uploaded to the public network. All data on the computer is destroyed, it is impossible to recover them. All information about you has become public, be afraid and expect the worst".
Ukraine's Ministry of Defense websites, e-government services website and education ministry are also temporarily down.
US Cyber Command Confirms Iran's Intelligence Ministry Connected To MuddyWater Hacker Group - U.S. Cyber Command has officially confirmed that Iran's intelligence ministry is connected to the cyber espionage group MuddyWater which steals data from computer networks globally.
MuddyWater is an Iranian threat group, and a 'subordinate element' of Iran's intelligence ministry 'that conducts domestic surveillance to identify regime opponents. It also surveils anti-regime activists abroad through its network of agents placed in Iran’s embassies' according to a notice by the Cyber National Mission Force Public Affairs.
Israeli News Site Hacked With Picture Of Rocket Attack, Evidence Points To Iran - The Jerusalem Post website was hacked and replaced with a photo of a rocket coming out of a ring, similar to the ring worn by top Iranian general Qassem Soleimani with the message "We are close to you where you do not think about it".
The Jerusalem Post tweeted "We are aware of the apparent hacking of our website, alongside a direct threat of Israel. We are working to resolve the issue & thank readers for your patience and understanding".
Two weeks prior, a Twitter account with the handle @iraninarabic_ir in Arabic that is known to be associated with Iran had tweeted an image that threatens to destroy Israel in 2022.
The Twitter account posted an image of the nation of Israel built with nails and matches, along with a book of matches and reads "Ballistic Matchstick" in both Hebrew and English along with an Iranian flag. The text also reads "Just try and you will see".
That threat came only days after Iranian newspaper "Tehran Times" posted an image marking all of Iran's alleged targets in Israel with the caption "Just one wrong move".
