Cyber Command News Archive | CYBERCOM Or USCYBERCOM Alerts For Cyber Threats
News Flashes
Privacy Is Important! Defcon Level Warning System currently highly recommends Express VPN to browse privately & securely. Use This Link to get 30 free days.
Want To Support What We Do? Keeping alerts, intel and news as informative and timely as possible takes a lot of research, time, effort and financial investment for required tools and services. There are many ways you can Contribute or Subscribe to Defcon Level Warning System today, for live email updates, early access for and exclusive news and alerts while supporting our work in the process. No contribution is too small. Thank you!
May 24, 2023 - A Chinese hacker group named "Volt Typhoon" injected malware code into telecommunications infrastructure in Guam and other locations within the United States. Read more
March 09, 2023 - There was a fake nuclear alert that went out alerting Russians about a nuclear strike. The Russian Emergencies Ministry said that the message was due to a false alarm as a result of a cyberattack. Read more
February 04, 2023 - A specialist in surveillance balloons says that balloons are difficult to shoot down and that the one over the United States flying over U.S. military sites looks to have been equipped with an advanced AI guidance system. Read more
January 29, 2023 - Netblocks Internet Observatory: "Confirmed: Network data show a disruption to internet connectivity in Iran with high impact to Mazandaran Province; authorities are attributing the incident to fiber optic cuts on the path between Babol and Sari". Read more
January 23, 2022 - The FBI Director Christopher Wray stated Thursday that he is "deeply concerned" regarding the artificial intelligence program run by the Chinese government. Read more
January 18, 2023 - Cloudflare Wins CISA Contract for Registry and Authoritative Domain Name System (DNS) Services. CISA is an operational component of the Department of Homeland Security (DHS). Read more
January 11, 2023 - The British postal service company Royal mail says that it's facing a major disruption in international export services after a "cyber incident" occurred. Read more
January 11, 2023 - Normal air traffic operations are resuming gradually across the United States following an overnight outage to the FAA’s Notice to Air Missions (NOTAM) system that provides safety information to flight crews. The ground stop has been lifted. Read more
January 11, 2023 - *Updates (2)* - The Federal Aviation Administration (FAA) has released an alert saying that it's working to restore its Notice to Air Missions System after it failed and caused an outage. Read more
January 07, 2023 - A Russian hacker group called Cold River targeted three different nuclear research labs in the United States between the months of August and September of 2022. Read more
November 19, 2022 - Nassau, The Bahamas - Thursday 17 November 2022 - On 12 November 2022, the Securities Commission of The Bahamas (“the Commission”), in the exercise of its powers as regulator acting under the authority of an Order made by the Supreme Court of The Bahamas, took the action of directing the transfer of all digital assets of FTX Digital Markets Ltd. (“FDM”) to a digital wallet controlled by the Commission, for safekeeping. Read more
November 17, 2022 - The entire North Korean internet was taken offline over a period of two and a half hours, according to a cybersecurity researcher. Read more
October 30, 2022 - The Pentagon said that although Russia is an "acute threat", China "is the only competitor out there with both the intent to reshape the international order, and increasingly the power to do so". Read more
October 11, 2022 - NATO Secretary General Stoltenberg: "Stoltenberg: "hybrid and cyber attacks can trigger Article 5," and, "We are closely monitoring every incident that may constitute a hybrid or cyber attack against the NATO Allies and we are ready to take the necessary measures if needed." Read more
October 09, 2022 - TEHRAN - Two Iranian hackers from a group called "al-Tahara" hacked into the websites for two natural gas companies: Energean, and Israel Natural Gas Lines. Read more
September 02, 2022 - The Taiwanese military have shot down an unidentified unmanned "civilian drone" near Kinmen, Taiwan on Thursday, September 1st. Japan's Ministry of Defense has also put out a statement, along with a map showing Taiwan's defensive strategy, meant to deter "Chinese aggression". The United States is also strengthening "alliance" with the Philippines. Read more
September 02, 2022 - UNITED STATES - Law enforcement agencies across the country are using a mysterious cellphone tracking tool that lies in an unregulated gray zone in regard to personal rights. Read more
August 20, 2022 - On August 18th, 2022 the Department of Defense released a statement on Deputy Secretary of Defense Dr. Kathleen Hicks visit U.S. to Transportation Command (TRANSCOM) at Scott Air Force Base, Illinois; and Purdue University in West Lafayette, Indiana. Read more
July 25, 2022 - A U.S. House Intelligence Committee member has put out a warning to Americans not to so easily share their genetic information to websites like the Biotechnology company 23andMe, as there are bio-weapons being developed that can target an individual's DNA and potentially kill them. Read more
July 15, 2022 - Chinese researchers have created an artificial intelligence (AI) program named 'lex ex machina' that is reportedly capable of identifying a crime and press charges. Read more
July 8, 2022 - Canada's internet and mobile connectivity nationwide is at "75% of ordinary levels" after a "disruption to the Rogers network" according to the Netblocks internet observatory. Canada's cyber intelligence agency says there is no evidence of it being caused by a cyber attack. Read more
March 22, 2022 - Washington says that the Kremlin is 'exploring options' for carrying out cyberattacks against the United States, Joe Biden said on Monday urging to strengthen the cybersecurity of America's private sector. Read more
March 14, 2022 - A number of Israeli websites, including government sites have crashed as a result of cyberattacks, including the websites of the interior, health, justice and welfare ministries. Read more
March 2, 2022 - The head of Russia's space agency has stated that Russia will be treating any hacking of its satellites as justification for war, after an alleged hack of their systems was claimed by a 'non-state' hacker group on Tuesday according to media reports. Read more
March 1, 2022 - An incident that affected the fiber cables to the mainland has reportedly put Tasmania, Australia largely offline. Internet, phone lines and television services have all gone down after the incident. Read more
February 25, 2022 - The Decentralized international hacker group 'anonymous' has declared cyber war on Russia via Twitter, seemingly over Russia's war declaration on Ukraine. Read more
February 15, 2022 - Our intel channels confirm that the Ukrainian Ministry of Defense website is still down. It is now not showing any custom error message at all, just the white default connection timeout message, indicating the server is completely shut down. Read more
February 15, 2022 - Netblocks monitoring service confirms that the Ukrainian ministry of defense website is down, along with Ukraine's State Savings Bank which is impacting ATM and banking services in Ukraine. Suspected ongoing DDOS attack on the servers. Read more
February 15, 2022 - Ukrainian Ministry of Defense: "The MOD website was probably attacked by DDoS: an excessive number of requests per second was recorded. Technical works on restoration of regular functioning are carried out. Communication via FB and Twitter pages" Read more
February 15, 2022 - Ukrainian media reports say there are issues with some Ukrainian banks, in addition with the Defense Ministry site being down. Privat and Oschad apps are not working and people can't pay with their cards. Read more
February 11, 2022 - *UPDATED* There have been many reports that Twitter is currently down or having problems (including the Defcon Level account) since 12:13 PM Eastern Time. Amazon Web Services are also having problems. *UPDATE: Both Twitter and Amazon Web Services are fully operational once again after a brief period of downtime. Read more
February 6, 2022 - The Washington State Department of Licensing says that they observed irregular activity on one of its systems last month and that personal data from professional licenses might have been breached and leaked out to hackers. Read more
February 5, 2022 - A cyberattack, discovered on January 20th was carried out against the New York based 'News Corp' which reportedly accessed emails and documents of various employees in the company, including that of journalists, which could possibly have been the main target of the attack. Dow Jones and New York Post also affected. Read more
February 4, 2022 - Multiple oil transport and storage facilities in Europe have been hit with cyber attacks. Oiltanking in Germany, SEA-Invest in Belgium and Evos in the Netherlands have all had cyberattacks carried out against them, including 'dozens of terminals with oil storage and transport' across the world having been affected over the weekend according to BBC News. Read more
February 3, 2022 - British snack brand KP snacks Hit with a ransomware attack which has disrupted deliveries causing fears of shortages. Read more
February 2, 2022 - US State Department: We are concerned by the breach, announced last month, of sensitive data held by the International Committee of the Red Cross ICRC. Read more
January 27, 2022 - The Department Of Homeland Security has released an intelligence bulletin stating that Russia would consider carrying out a cyberattack on the United States homeland if Moscow deems that the written response given by the U.S. and NATO threatens Russia's 'long-term national security'. Read more
January 26, 2022 - Apple has confirmed that its iCloud service is currently experiencing international service outages Read more
January 25, 2022 - There has reportedly been a cyber attack on the Belarus railway system by hacktivists who say they hacked the rail system to stop the Russian military buildup near the Ukrainian borders. Read more
January 25, 2022 - The Department of Homeland Security is warning of an 'imminent cyber threat' against both American companies and government agencies from Russia Read more
January 19, 2022 - Poland has raised its nationwide cybersecurity threat level following the cyberattack on Ukrainian government sites last week. Read more
January 17, 2022 - NATO has signed a deal with Ukraine to 'deepen' cyber cooperation between the two countries after the latest cyber attack on Ukrainian government websites, and worries about a coming full scale Russian invasion on the country. Read more
January 14, 2022 - The Ukrainian Information Ministry said that 'the first data suggests' today's cyberattack on Ukrainian websites was 'carried out by the Russian Federation'. Read more
January 14, 2022 - The North Atlantic Treaty Organization (NATO) is set to sign a cyber deal with Ukraine and increase cyber warfare cooperation after Ukrainian websites were hacked according to NATO Secretary General Jens Stoltenberg on Friday. Read more
January 14, 2022 - Russia has conducted a special operation against the hacker group REvil on Friday, dismantled the group and charged 15 of the group's members at the request of the United States, according to the FSB domestic intelligence service. Read more
January 14, 2022 - Ukrainian government websites have been hacked in a massive cyberattack and are temporarily down. Read more
January 13, 2022 - U.S. Cyber Command has officially confirmed that Iran's intelligence ministry is connected to the cyber espionage group MuddyWater which steals data from computer networks globally. Read more
January 3, 2022 - The Jerusalem Post website was hacked and replaced with a photo of a rocket coming out of a ring, similar to the ring worn by top Iranian general Qassem Soleimani with the message "We are close to you where you do not think about it". Read more
December 15, 2021 - There is a widespread outage of internet services due to Amazon servers (AWS) being down. Thousands of people have reported a problem with the service and down detector shows a recent spike in downtime. Read more
December 12, 2021 - China, who has long been the world's top cyberattack country responsible for a whopping 41.4% of the world's cyberattacks has admitted that both Taiwan and India are striking back with cyberattacks of their own. Read more
December 7, 2021 - The outages that have taken down many web services appear to have all been caused by problems with Amazon Web Services which many of the other apps experiencing downtime depend on. Read more
December 7, 2021 - Web services including Amazon, Ring, Disney+, AWS, Chime, Netflix appear to have went down for many users all over the world. Read more
December 7, 2021 - Both the Amazon web and services crashed worldwide on Tuesday at around 10:30AM ET. Web and services crashed at around the same time. Read more
November 14, 2021 - The Federal Bureau of Investigation (FBI) website was hacked, allowing hackers to blast out fake cybercrime investigation spam emails. Read more
August 21, 2021 - CYBERCOM has announced that the State Department has been hit with a cyber attack and put out a notification of a possible serious breach. Although it's not clear when the breach was discovered, it is believed that the incident happened a few weeks ago according to Jacqui Heinrich, a White House correspondent. Read more
July 28, 2021 - WASHINGTON - On Tuesday Joe Biden stated that if it ends up that the United States gets into a "real shooting war" with a "major power" it could be the result of a large scale cyber attack on the United States. Read more
July 4, 2021: Biden has stated that the United States will respond if Russia is behind the cyberattack that struck more than 200 companies on Friday, just before the start of the Independence Day weekend. Read more
June 23, 2021: The United States has seized multiple Iranian media sites, including Iran's state run TV website, replacing the website with a Department of Justice message. Read more
June 12, 2021: The Federal Bureau of Investigation has warned companies and businesses not to pay the ransom for ransomware attacks, but to contact law enforcement as quickly as possible. Also tips on how to remove yourself. Read more
May 10, 2021: The fuel supply to most of the east coast has been cut off for three consecutive days in a row after a hacker group knocked out a major pipeline. Read more
Chinese Vessels Sever Multiple Undersea Cables Linking Taiwan To Malaysia - TAIWAN - Chinese fishing vessels have been linked to the severing of multiple Taiwanese undersea cables in February according to Chunghwa Telecom, a telecommunications firm that handles Taiwan's undersea cables. Get All [And Early] Alerts
Over the past five years, damage to cables between Taiwan and the Matsu islands has been reported over 20 times. It should be noted that it is not known whether the cables are being severed by the Chinese vessels by accident, or deliberately.
Deputy head of Taiwan’s National Communications Commission Wong Po-tsung (翁柏宗) said that on February 2nd, one cable was reported to have been severed by a Chinese fishing vessel. On February 8th damage to the Taima 3 submarine cable was reported to have been linked to a Chinese cargo ship identified by MMSI.
Chunghwa Telecom has filed incident reports with the Taiwanese Coast Guard Administration, according to Central News Agency (CNA) Taiwan.
This is the second time in the last year that two Taiwanese undersea cables were severed at the same time. Last year another incident occurred which resulted in multiple damaged cables.
Vessels are expected to arrive at the location to repair the damaged cables but aren't expected to begin repairs until April 20th, which is the earliest possible date to begin repairs, which will cost between $329,000 and $658,000. Australian Senator Says China Would Take Out Internet Cables On Ocean Floor If Invades Taiwan
Surveillance Balloon May Be Guided By Artificial Intelligence - A specialist in surveillance balloons says that balloons are difficult to shoot down and that the one over the United States flying over U.S. military sites looks to have been equipped with an advanced AI guidance system. Read Full Article
Netblocks: Iranian Internet Network Cut, Disruption In Connectivity - Netblocks Internet Observatory: "Confirmed: Network data show a disruption to internet connectivity in #Iran with high impact to Mazandaran Province; authorities are attributing the incident to fiber optic cuts on the path between Babol and Sari".Read Notice
FBI Director Deeply Concerned About Chinese Government's AI Program - WASHINGTON - The FBI Director Christopher Wray stated Thursday that he is "deeply concerned" regarding the artificial intelligence program run by the Chinese government.
During the panel session at the World Economic Forum held in Davos, Switzerland he said Chinese ambitions with artificial intelligence has been “built on top of massive troves of intellectual property and sensitive data that they’ve stolen over the years".
He also said that China could use the artificial intelligence technology to advance its methods regarding cyberattacks, repress people that China sees as dissidents, as well as those located overseas, use it to steal intellectual property.
“That’s something we’re deeply concerned about, and I think everyone here should be deeply concerned about,” he said.
“AI is a classic example of a technology where I have the same reaction every time. I think, ‘Wow, We can do that?’ And then I think, ‘Oh god, they can do that.'" he stated.
While speaking at the World Economic Forum panel session Wray also said that "The level of collaboration between the private sector and the government, especially the FBI, has made significant strides".
Cloudflare Wins CISA Contract for Registry and Authoritative Domain Name System (DNS) Services - Cloudflare Wins CISA Contract for Registry and Authoritative Domain Name System (DNS) Services. CISA is an operational component of the Department of Homeland Security (DHS). Read Full Article
British Royal Mail Has "Cyber Incident" Disrupting Services - BRITAIN - The British postal service company Royal mail says that it's facing a major disruption in international export services after a "cyber incident" occurred.
"We are temporarily unable to despatch items to overseas destinations. "Some customers may experience delay or disruption to items already shipped for export," Royal Mail stated.
It added, "Our import operations continue to perform a full service with some minor delays."
The "cyber incident" has occurred around the same time that the Federal Aviation Administration (FAA) in the United States released an alert saying that the Notice to Air Missions System (NOTAM) failed and caused an outage resulting in grounded flights.
It is not yet clear if that incident was related to a cyberattack.
Federal Aviation Administration: FAA NOTAMS Statement - Normal air traffic operations are resuming gradually across the United States following an overnight outage to the FAA’s Notice to Air Missions (NOTAM) system that provides safety information to flight crews. The ground stop has been lifted.
The agency continues to look into the cause of the initial problem.
FAA STATEMENT 0815 EST
The FAA is making progress in restoring its Notice to Air Missions system following an overnight outage.
Departures are resuming at Newark Liberty (EWR) and Atlanta Hartsfield-Jackson (ATL) airports due to air traffic congestion in those areas.
We expect departures to resume at other airports at 9 a.m. Eastern Time.
FAA STATEMENT 0715 EST
The FAA is still working to fully restore the Notice to Air Missions system following an outage.
The FAA has ordered airlines to pause all domestic departures until 9 a.m. Eastern Time to allow the agency to validate the integrity of flight and safety information.
FAA Releases Alert Reporting System Glitch That Caused Failure - UNITED STATES - The Federal Aviation Administration (FAA) has released an alert saying that it's working to restore its Notice to Air Missions System after it failed and caused an outage. *This message will be updated with further information as its released*.
Messages by the FAA: "The United States NOTAM system failed at 2028Z. Since then no new NOTAMS or amendments have been processed. Technicians are currently working to restore the system and there is no estimate for restoration of service at this time. There is currently a hotline in effect which has NAIMES/FAA facilities/stakeholders in attendence. This hotline information is contained within ADVZY 004. This ADVZY will be updated as necessary."
FAA Message 2: "The FAA is working to restore its Notice to Air Missions System. We are performing final validation checks and reloading the system now. Operations across the National Airspace System are affected. We will provide frequent updates as we make progress."
FAA Message 3: "The FAA is still working to fully restore the Notice to Air Missions system following an outage. While some functions are beginning to come back on line, National Airspace System operations remain limited."
FAA Message 4: "Update 3: The FAA is still working to fully restore the Notice to Air Missions system following an outage. The FAA has ordered airlines to pause all domestic departures until 9 a.m. Eastern Time to allow the agency to validate the integrity of flight and safety information."
Flight Radar 24: "Flights to US airports have been groundstopped by the FAA until at least 09:30 ET (1430 UTC). This means any flight not in the air already will not be allowed to depart. Image: flights over US now compared to same time last week. About 700 fewer flights airborne now."
FAA Releases Alert Reporting System Glitch That Caused Failure - UNITED STATES - The Federal Aviation Administration (FAA) has released an alert saying that it's working to restore its Notice to Air Missions System after it failed and caused an outage. *This message will be updated with further information as its released*.
Messages by the FAA: "The United States NOTAM system failed at 2028Z. Since then no new NOTAMS or amendments have been processed. Technicians are currently working to restore the system and there is no estimate for restoration of service at this time. There is currently a hotline in effect which has NAIMES/FAA facilities/stakeholders in attendence. This hotline information is contained within ADVZY 004. This ADVZY will be updated as necessary."
FAA Message 2: "The FAA is working to restore its Notice to Air Missions System. We are performing final validation checks and reloading the system now. Operations across the National Airspace System are affected. We will provide frequent updates as we make progress."
FAA Message 3: "The FAA is still working to fully restore the Notice to Air Missions system following an outage. While some functions are beginning to come back on line, National Airspace System operations remain limited."
FAA Message 4: "Update 3: The FAA is still working to fully restore the Notice to Air Missions system following an outage. The FAA has ordered airlines to pause all domestic departures until 9 a.m. Eastern Time to allow the agency to validate the integrity of flight and safety information."
Flight Radar 24: "Flights to US airports have been groundstopped by the FAA until at least 09:30 ET (1430 UTC). This means any flight not in the air already will not be allowed to depart. Image: flights over US now compared to same time last week. About 700 fewer flights airborne now."
U.S. President Joe Biden commented on the outage and said that “They don’t know what the cause is,” and said “I told them to report directly to me when they find out. Aircraft can still land safely, just not take off right now. They don’t know what the cause of it is, they expect in a couple of hours they’ll have a good sense of what caused it and will respond at that time.”
The White House Press Secretary Karine Jean-Pierre said, “there is no evidence of a cyberattack at this point, but the President directed DOT to conduct a full investigation into the causes.”
Russian Hacker Group Targeted Three US Nuclear Research Labs - WASHINGTON - A Russian hacker group called Cold River targeted three different nuclear research labs in the United States between the months of August and September of 2022.
During the months the attacks were carried out, Russian President Vladimir Putin had been voicing Russia's willingness to use nuclear weapons in response to threats to its territory.
The three nuclear research labs that were targeted were: Argonne National Laboratory (ANL), Brookhaven National Laboratory (BNL) and the Lawrence Livermore National Laboratories (LLNL) according to a Reuters Report citing internet records.
The internet records that Reuters cited showed login pages that had been faked for each laboratory, as well as emails from hackers sent to nuclear scientists at each location attempting to get them to disclose their login passwords.
The report cites Adam Meyers, senior vice president of intelligence at the cybersecurity firm CrowdStrike located in the United States that the Cold River hacking group is "directly involved in supporting Kremlin information operations".
A report posted on a blog by the European cybersecurity SAAS company Sekoia said that Calisto, which is another name for the Cold River group was showing interest in entities showing war support for Ukraine.
Sekoia said that the group is suspected to be a "Russian-nexus intrusion set" active since April of 2017 who's operations showed "objectives" and "victimology" closely in alignment with Russian strategic interests.
Cold River had also Hacked Into and then leaked emails from a Proton account belonging to the head of the British MI6 intelligence agency last year.
At the time Richard Dearlove had said, "I am well aware of a Russian operation against a Proton account which contained emails to and from me".
Methods Used To Harvest Victims Credentials
One of the methods that Sekoia says the hacker group uses to compromise systems is through the exploitation of an error in the PDF renderer engine.
The group sends "malicious" PDF files as attachments to their victims in which the first page of the PDF file "mimics an error in the PDF renderer engine", leading the victim to open a link that brings them to a malicious web page that harvests the users credentials using EvilGinx.
Securities Commission of The Bahamas Assumes Control of Assets of FTX Digital Markets Ltd. - Nassau, The Bahamas - Thursday 17 November 2022 - On 12 November 2022, the Securities Commission of The Bahamas (“the Commission”), in the exercise of its powers as regulator acting under the authority of an Order made by the Supreme Court of The Bahamas, took the action of directing the transfer of all digital assets of FTX Digital Markets Ltd. (“FDM”) to a digital wallet controlled by the Commission, for safekeeping. Read Official PDF
Urgent interim regulatory action was necessary to protect the interests of clients and creditors of FDM. Under the Digital Assets and Registered Exchanges Act, 2020 (“DARE Act”), the Commission has the authority to apply for a judicial order to protect the interests of clients or customers of a registrant of the Commission under the DARE Act.
It is not the understanding of the Commission that FDM is a party to the US Chapter 11 Bankruptcy proceedings. Over the coming days and weeks, the Commission will engage with other regulators and authorities, in multiple jurisdictions, to address matters affecting the creditors, clients and stakeholders of FDM globally to obtain the best possible outcome.
Entire North Korean Internet Taken Offline - PYONGYANG - The entire North Korean internet was taken offline over a period of two and a half hours, according to a cybersecurity researcher who Spoke To Reuters. Read Full Article
Reuters cited Junade Ali as saying, "This isn’t like a single web server is being taken offline. The network stress is so great their Domain Name System (DNS) servers have been taken offline and eventually the key routers allowing traffic in and out of the country entirely."
Ali told Reuters that the North Korean Ministry of Foreign Affairs website and Naenara, another North Korean government website appeared to be hit with the 'brunt' of the "suspected attack" before the internet was taken completely offline.
Other sites affected by the suspected cyberattack was the Air Koryo national airline and "major" internal email servers.
2022 National Defense Strategy Of The United States Of America - WASHINGTON - The Pentagon said that although Russia is an "acute threat", China "is the only competitor out there with both the intent to reshape the international order, and increasingly the power to do so". Read Full Article
By NATO Secretary General Jens Stoltenberg ahead of the meetings of NATO Defense Ministers - NATO Secretary General Stoltenberg: "Stoltenberg: "hybrid and cyber attacks can trigger Article 5," and, "We are closely monitoring every incident that may constitute a hybrid or cyber attack against the NATO Allies and we are ready to take the necessary measures if needed."
We will also address the protection of our critical infrastructure. NATO has been working on this for many years. And following the sabotage of the Nord Stream pipelines, we have further enhanced our vigilance across all domains.
Stoltenberg also said, "We have doubled our presence in the Baltic and North Seas. To over 30 ships. Supported by maritime patrol aircraft and undersea capabilities. These efforts are closely coordinated by NATO’s Maritime Command."
"Allies are also increasing security around key installations. And stepping up intelligence and intelligence sharing. We will take further steps to strengthen our resilience and protect our critical infrastructure. Any deliberate attack against Allies’ critical infrastructure would be met with a united and determined response."
Lorne Cook (Associated Press): "Yes, Lorne Cook from the Associated Press. I have a question on infrastructure. Germany was, how can I put it … Deutsche Bahn had its communications cables severed over the weekend in Germany, cut off transport in the north of the country. We've also seen the leaks to the pipelines, obviously Nord Stream going to Germany. At what point do these attacks… sorry, do these incidents then become acts of war? And how does NATO respond to that as a collective Alliance? You said the Allies would respond, but how do you do that in this kind of instance? Thank you."
NATO Secretary General: "Over the last years, NATO has implemented the biggest transformation of our collective defence since the end of the Cold War, and part of that is to take fully into account hybrid threats, cyber threats. And therefore we also stated a few years ago that hybrid and cyber attacks can trigger Article 5; it can constitute an armed attack against a NATO ally. And we have stepped up both our work on resilience, the protection of critical infrastructure, we are conducting more exercises both on hybrid threats and cyber threats. And we are exchanging best practices and have also agreed guidelines on the protection of critical infrastructure. All of this is about protecting, for instance, undersea capabilities for undersea infrastructure, pipelines, cables, but also of course, energy grids, energy production, transportation infrastructure. Of course, I cannot comment on those specific incidents because there are ongoing investigations, and I think we need to await the outcome of this investigation before we make any final judgement. But in general, I can say that of course we are closely monitoring every incident that may constitute a hybrid or cyber attack against the NATO Allies and we are ready to take the necessary measures if needed. Exactly what kind of measure, depends on the nature of the attack. And we will never give our potential adversaries the privilege of defining exactly where the threshold for Article 5 goes. That will be a decision we make as Allies, taking into account the precise context, the specific situation we will face, if there is a hybrid or cyber attack against a NATO Ally."
Iryna Somer (Interfax Ukraine): "Thank you. Thank you, Oana. Secretary General, according to Americans and Ukrainians yesterday’s strikes on Ukraine were planned in advance and nothing to do with Kerch Bridge as Russian claims. And moreover some analysts also said that Ukraine has nothing to do with Kerch Bridge, which was simply used as pretext for this strike. Does NATO share the same assessment? And do you think, is this a turning point of this war? What could it change on the battlefield? And some short follow up to Teri’s question, you said that ministers will discuss how to refill stocks only tomorrow. But war is going on already for seven months, why it was not done before? Thank you."
NATO Secretary General: "First, we have already of course started the dialogue with the industry and with the different Allies on how to ramp up production and refill or replenish our stocks. We had a meeting of the NATO Armament Directors a couple of weeks ago here in NATO. So this is an ongoing work, but when all the ministers meet tomorrow, of course, that provides an excellent opportunity to take stock of what we have achieved, how far we have been able to move on ramping up production. But also then to make new decisions on how to further ensure that we are not only digging into existing stocks to provide support to Ukraine, but actually also able to ramp up production. And we need to ramp up production of ammunitions and weapons to both ensure the deterrence and defence of our own Allies, NATO Allies, but also to have enough to continue for the long haul to provide support to Ukraine. But just to prevent any misunderstanding, this work doesn't start now. It has been going on for some time. But of course the longer the war in Ukraine continues, this work with the industry becomes more and more important, because then they need the decisions. They need the NATO defence planning process decisions, capability targets, to be sure that actually they can make the necessary investments to be able to produce more.
Then if the question was about how the attacks yesterday will change the situation on the battlefield, I think what we saw yesterday is actually a sign of weakness. Because the reality is that they're not able to make progress on the battlefield. Russia is actually losing the battlefield. They are giving up territory because they don't have the capabilities to stop the Ukrainian forces making advances. So the way they are able to then respond is by indiscriminate attacks on Ukrainian cities, hitting civilians, critical infrastructure. And of course, this causes suffering, damage on Ukraine, but in many ways it actually reflects the lack of alternatives for President Putin. They are losing ground, they have lost the momentum, and then they had to revert to missile strikes and airstrikes in a way we saw yesterday and actually also today.
Then the first question… [inaudible] Well, Russia has conducted similar attacks earlier in the war, we have seen… Of course it has been some time since we have seen similar attacks against Kyiv and some of the cities in the western part of the country, but we have seen attacks against cities in Kherson, in Zaporizhzhia, and other parts of Ukraine actually quite regularly. So they had these capabilities exactly when these attacks were planned. I will not go into it but the reality is that it doesn't change the nature of the attack. These are attacks against cities, civilians are killed, civilian infrastructure is targeted, and this is unacceptable. And this is something which goes against international law."
Henry Foy (Financial Times): "Henry Foy, Financial Times. Thank you so much for the question. I want to ask about the nuclear exercises. Was there any discussion amongst the 30 Allies whether this was such a good idea to practice flying nuclear weapons around given the heightened threats from Russia and the potential for miscalculation or misunderstanding? And secondly, will this year's exercise be different to previous years given the context, which of course is incredibly important here. And I'm aware that it's an annual exercise, it's routine, so that's all understood, but I'm asking about whether or not there was a discussion inside the Alliance about whether now is really the right time to do this. Thank you".
NATO Secretary General: "Now is the right time to be firm and to be clear that NATO is there to protect and defend all Allies. And this is a long time planned exercise, actually planned before the invasion of Ukraine. It's a routine exercise, and it's an exercise to ensure that our nuclear deterrent remains safe, secure and effective. I visited this exercise a few years ago. We have been open about the exercise and I think it would send a very wrong signal if we suddenly now cancelled a routine, long time planned exercise because of the war in Ukraine. That would be absolutely the wrong signal to send. And we need to understand that NATO's firm, predictable behavior, our military strength, is the best way to prevent escalation. We are there to preserve peace, to prevent escalation and prevent any attack on NATO Allied countries. So if we now created the grounds for any misunderstanding, miscalculation in Moscow about our willingness to protect and defend all Allies, we would increase the risk of escalation and that's the last thing we will do."
Beata Płomecka (Polish Radio): "Thank you. Beata Płomecka, Polish Radio, public broadcaster. Secretary General, there are some suggestions from various politicians from various member states that in the light of yesterday's and today's attacks on the critical infrastructure, civilian infrastructure, killing civilians, it's high time to call Russia as a terrorist state. Will you call Russia as a state that sponsored terrorism? And the second question is there are also suggestions to call the summit on the level of the leaders of NATO. Are you planning to do such a summit? Thank you."
NATO Secretary General: "We are constantly consulting among NATO Allies. We have already conducted three NATO Summits this year. We will convene a summit when needed, so we have the meetings we need, when we need them. And we are constantly assessing also the need to then convene yet another summit to ensure that we have consultations and the right messages from NATO at all levels. We will have a ministerial meeting this week, and that provides a good opportunity to send a clear message and then we'll make decisions on a potential summit when we think the right the time is right.
Then on the nature of the war. Well, this is an illegal invasion of another country. It is a clear violation of international law. Russia invaded a sovereign independent nation, violated its territorial integrity and sovereignty. That actually didn't start in 2022 or in February of this year. It started in 2014. But of course they scaled up their aggressive actions against Ukraine in February, and they have violated international law in a blatant way. And we have also seen horrendous and horrific attacks against civilians, we have seen the reports from Bucha, from many other places in Ukraine. And the important thing now is that all facts are made available, that we have thorough investigations, NATO Allies support the ongoing investigations, and that those responsible are held accountable for these atrocities."
Thomas Gutschker (FAZ): "Thanks a lot. Thomas Gutschker, Frankfurt Allgemeine Zeitung. Secretary General, two questions. The first one, is the bridge across the Strait of Kerch a legitimate military target, in your view, and does that include a terrorist attack? And the second question, when you speak about stepping up support to Ukraine you mentioned air defence systems. Which other systems or types of weapons does Ukraine need now that it has not received yet to cope with their situation? Thank you".
NATO Secretary General: "Ukraine needs a wide range of different systems and that is, of course, a lot of lethal weapons, artillery, armoured vehicles, air defence systems and many other anti-tank weapons. But also, of course, non-lethal support: fuel and winter clothing, and communications systems and a lot of different types of support. And that is the reason why it was also so useful to meet, because when we meet tomorrow in the U.S.-led Contact Group for Ukraine but also at the NATO Defence Ministerial Meeting, with Defence Minister Reznikov, we have the best possible opportunity to go into details to discuss different lists and match these lists of needs from Ukraine with what NATO Allies and partners are able to provide. And that is what has been going on in this framework for now several months and also the reason why we have been able to mobilise so much support from NATO Allies and partners. There's an urgent need for air defence, but of course also many other capabilities: precision guided ammunition, HIMARS and other advanced modern NATO-standard systems. And we see that they are making a difference and we see that Ukrainian soldiers are able to utilise these modern systems in a very effective way, making gains on the battlefield.
Then it's not only a question of, you know, adding more and different systems. It is also to ensure that we have the fuel or the ammunition to existing systems. So since the war is continuing, logistics, resupplies of spare parts, ammunition, fuel to systems that are already delivered becomes more and more important. So they need almost everything and Allies are providing unprecedented support because they understand that we have a moral, political and security interest in ensuring that Ukraine wins the war against President Putin."
NATO Secretary General: "Sorry. Well, I… First of all, I think that we have to remember the starting point of this discussion. Crimea is illegally annexed by Russia. Crimea belongs to Ukraine, and NATO Allies and NATO have made it clear that we will not recognise and never recognise the illegal annexation of Crimea. And it was Russia that started this war, President Putin started this war. And then I will not go into who was behind the attack against that bridge, I will leave that to the Ukrainians to comment on that".
Lili Bayer (Politico): "Thank you very much. Lili from Politico. I have two brief questions. Going back to the issue of air defence, in the coming weeks – so in the short term – do you believe that NATO Allies have the capacity to provide Ukraine with all the air defence systems that Kyiv is asking for? Are you expecting any further announcements in the coming days? And the second question is more looking toward the future, given the domestic pressures in Russia, what kind of planning is there at NATO for the possibility of President Putin leaving office and the destabilisation that might follow? Is this something you are discussing? Thank you".
NATO Secretary General: "Just over the last days we have had two new announcements from NATO Allies – from Germany and United States – to provide more advanced air defence systems. The Germans announced it yesterday, and we welcome of course that. And United States has announced further delivery and we know also that they have announced that they're also ready to provide and deliver NASAMS, which are actually one of the many advanced systems that Ukraine has received over the last months. And again, we need more and we need also more ammunition to these systems and I welcome that Allies are doing that.
These air defence systems are making a difference because many of the incoming missiles were actually shot down by the Ukrainian air defence systems provided by NATO Allies. But of course, as long as not all of them are shot down, of course there is a need for more. And therefore we are going to address at the meeting this week, tomorrow, with Defence Minister Reznikov how, what type, and how can we ensure not only the delivery of the systems as soon as possible, but also training, spare parts and ammunition to their air defence capabilities.
Then, it was one more question? […] So first of all, I think that we just have to be prepared for the long haul. I will be careful speculating too much about the domestic political situation in Russia. Regardless of what different analysis may indicate, I think what we need to do at NATO is to be prepared for all eventualities and when it comes to Ukraine, be prepared to continue to support them."
Dejan Sajinovic (Nezavisne): "Thank you very much. Dejan Sajinovic, Nezavisne from Bosnia-Herzegovina. So next month, there's an important vote in Security Council about the extending the European Union military mission in Bosnia-Herzegovina. After this year it was a routine, now maybe Russia could put a veto to the mission. What is your… Are you concerned about the situation, security situation, in Bosnia-Herzegovina? And maybe more broadly, what's your assessment of the situation in Western Balkans in security? Thank you."
NATO Secretary General: "We are of course following the situation in the Western Balkans very closely. We have several Allies who are Western Balkan countries and part of the successful NATO enlargement over the last years has been actually with countries from the Western Balkans, including most recently North Macedonia and Montenegro. NATO has a history in the Western Balkans; we helped to end the two brutal ethnic wars including the war in Bosnia-Herzegovina. We still have a presence in the Western Balkans with a KFOR mission in Kosovo and also our support for a NATO headquarters in Sarajevo and the support for the EU Operation Althea. I will not speculate about whether the mandate for Operation EUFOR Althea will be renewed or not. The only thing I will say is that it is in nobody's interest that the mandate is not renewed, because the EU presence there and with the support from NATO is helping to address the challenges Bosnia-Herzegovina faces. And of course, there are many concerns and many, many challenges we all face. But if we reduce the international presence of Althea, or our international presence in Bosnia, we're only making a difficult situation even more difficult."
Güldener Sonumut (NTV Turkey): "Güldener from NTV Turkey. Secretary General, there is a growing rhetoric, nuclear rhetoric, banalisation of the nuclear rhetoric in Moscow, and NATO is assessing the nuclear situation in Russia. So therefore, I have two short questions. The first is, what is your assessment about a nuclear risk? Is it true or not? And second, should this risk increase, are you ready to either warn the citizens and do the necessary to reassure the public opinion on that? Thank you."
NATO Secretary General: "NATO is prepared for any threat, any attack, against any NATO Ally. And that's the reason why we have NATO, to be able to deter also nuclear threats. And this was important before the invasion of Ukraine, it has become even more important after. Not least in light of the nuclear rhetoric from President Putin and from Russia. This nuclear rhetoric, or veiled threats, are dangerous and reckless. Russia knows that a nuclear war cannot be won and must never be fought. And we also conveyed clearly to Russia that they will have severe consequences if they use nuclear weapons in any way, including low yield nuclear weapons in Ukraine. Then, by ensuring that we have credible deterrence and defence, we are helping to reduce the risk of escalation. And therefore it is important that since 2014, we have implemented the biggest reinforcement of our collective defence since the end of the Cold War. So we were prepared when Russia invaded Ukraine in February. And since then, we have further stepped up, increased our presence in the eastern part of the Alliance. We activated our defence plans the morning of the invasion, and we made decisions in Madrid in June to further strengthen our collective defence. The purpose of this is to prevent war, preserve peace, and including prevent any use of nuclear weapons".
Two Iranian Hackers Break Into Websites For Two Natural Gas Companies Linked To Israel - TEHRAN - Two Iranian hackers from a group called "al-Tahara" hacked into the websites for two natural gas companies: Energean, and Israel Natural Gas Lines.
Energean is an international gas company that The Jerusalem Post reports has done "extensive business with Israel," and had acquired the Karish and Tanin natural gas fields from Delek Drilling, and Avner oil in 2016, according to the JP.
Israel Natural Gas Lines is a gas corporation that is owned by the Israeli government.
Tools Of Mass Surveillance In Use, Right In Your Hands - UNITED STATES - Law enforcement agencies across the country are using a mysterious cellphone tracking tool that lies in an unregulated gray zone in regard to personal rights. Read Full Article
Deputy Secretary of Defense Dr. Kathleen Hicks Visits U.S. Transportation Command and Purdue University - On August 18th, 2022 the Department of Defense released a statement on Deputy Secretary of Defense Dr. Kathleen Hicks visit U.S. to Transportation Command (TRANSCOM) at Scott Air Force Base, Illinois; and Purdue University in West Lafayette, Indiana.
The deputy met with TRANSCOM Commander Air Force General Jacqueline Van Ovost, Deputy Commander Army Lt. Gen. John Sullivan, and other senior leadership.
During the visit, Deputy Secretary Hicks gained insight into future mobility, lift, and sustainment requirements in contested logistics environments, and received an update on efforts to integrate artificial intelligence and Joint All-Domain Command and Control (JADC2) into U.S. logistics systems. She also received an update on TRANSCOM progress toward to leveraging tools to better integrate, analyze, and visualize data to improve situational awareness of global mobility operations; and data modernization initiatives.
Dr. Hicks also received briefings from TRANSCOM leadership on the challenges and opportunities related to the organization’s large global operations footprint, integrating data for global mobility operations, future mobility lift and sustainment requirements, global bulk fuel management, and cyber security mission assurance.
She also met with junior enlisted leaders and junior officers to thank them for their work and dedication to support global supply and transportation operations, and hear directly from them about their perspectives on the department’s challenges and opportunities.
Deputy Secretary Hicks then flew to Purdue University, Ind., where she visited a range of facilities dedicated to advancements in hypersonics testing and research and visited faculty and PhD students who are focusing their work on hypersonics. At Zucrow Lab, she visited the Scramjet Test Cell; the Hypersonics and Applied Research Facility, which will be home to two wind tunnels; and the Hypersonics Advanced Manufacturing Technology Center (HAMTC) to gain greater insight into future approaches to hypersonic systems. Teams also discussed end-to-end manufacturing energetics programs.
At the Birck Nanotechnology Center, Dr. Hicks received briefings on microelectronics programs; the Scalable Asymmetric Lifecycle Engagement (SCALE) microelectronics workforce development program; quantum computing; cybersecurity; and Purdue’s new research support facility.
Following her tours and discussions, Deputy Secretary Hicks met with ROTC students to discuss their academic progress and career goals and delivered a speech to students and faculty highlighting the spirit of American innovation and experimentation which continues to provide the U.S. with an enduring advantage against strategic competitors like Russia and China.
The deputy secretary is finishing a two-day, four-state tour of the Midwest. Throughout her travel, Deputy Secretary Hicks focused on linking the department’s resources to our strategic competition priorities, including the pacing threat of China, and ensuring DoD remains the world leader in cutting-edge innovation.
Read Full DOD Article
US Intelligence: Bio-Weapons Being Made That Target People's Unique DNA - A U.S. House Intelligence Committee member has put out a warning to Americans not to so easily share their genetic information to websites like the Biotechnology company 23andMe, as there are bio-weapons being developed that can target an individual's DNA and potentially kill them. Read Full Article
Chinese Researchers Create AI Prosecutor Called 'Lex Ex Machina - Chinese researchers have created an artificial intelligence (AI) program named 'lex ex machina' that is reportedly capable of identifying a crime and press charges. Read Full Article
Canada's Nationwide Internet And Mobile Connectivity At 75% After Outage - Canada's internet and mobile connectivity nationwide is at "75% of ordinary levels" after a "disruption to the Rogers network" according to the Netblocks internet observatory. Canada's cyber intelligence agency says there is no evidence of it being caused by a cyber attack.
The internet outage, which extends to mobile services began early in the day on July 8th, 2022, and is "ongoing" according to the Cloudflare monitoring service Cloudflare Radar, which posted that there has been a partial recovery of traffic from the Rogers network since the beginning of the outage.
The disruption has affected internet, mobile access, banking, transport, and even government access, and reports of disruptions across Canada on social media.
Walter Bloomberg announced that Canada's border services agency says that they may not be able to complete their arrivecan submission due to the current Rogers network outage.
Community food coordinator Sophia Bank wrote, "With the outage across Canada I feel terrible for folks who can’t buy groceries. Can’t access their money".
The issue with Rogers Communications Inc. network has caused some consumer advocates and antitrust experts to call for more competition within Canada's telecommunications industry, as well as a public probe into what caused the disruption.
Canada's cyber intelligence agency, however, says that there is no evidence that the Rogers outage was caused by a cyber attack, saying "As of right now, Rogers remains best placed to address questions related to the nature of the outage. At this time, CSE has no indication this is related to malicious cyber threats".
Rogers Communications Inc. has announced that wireless services are beginning to return for most of its users.
A statement put out by Rogers President and CEO Tony Staffieri said, "We know going a full day without connectivity has real impacts on our customers and all Canadians. On behalf of all of us here at Rogers, Rogers for Business, Fido, chatr and cityfone, I want to sincerely apologize for this service interruption and the impact it is having on people from coast to coast to coast".
“As our teams continue working to resolve the situation, I want to make two commitments to you:
First, we are working to fully understand the root cause of this outage and we will make all the changes necessary to ensure that in the future we meet and exceed your expectations for our networks.
Second, we will make this right for our valued customers. We will proactively apply a credit to all our customers impacted by the outage and will share more details shortly.”
“I take full responsibility for ensuring we at Rogers earn back your full trust and are once again there to connect you to what matters.”
Interac spokesperson Bryan Bossin said that his company's debit and e-transfer services are still experiencing disruptions across Canada as of Friday night.
Police agencies in Canada have also warned that the outage may also affect people's ability to call 911 emergency services. The Toronto Police Department put out an alert saying that they were "working to resolve these issues" and said that some people "will have trouble connecting" in order to call 911.
The advisory said, "ADVISORY: City of Toronto - The Rogers Network is experiencing some technical difficulties - Some people will have trouble connecting - There are some connection problems calling 9-1-1 - We are working to resolve these issues ^dh".
E-Comm 9-1-1 tweeted, "cellphone customers in #BC. If you are experiencing an emergency, dial 9-1-1. If your call fails, please call back from another carrier or a landline if possible. #911BC.We are getting reports of possible service issues impacting@rogers".
White House: Russia Exploring Options For Cyberattacks Against United States - Washington says that the Kremlin is 'exploring options' for carrying out cyberattacks against the United States, Joe Biden said on Monday urging to strengthen the cybersecurity of America's private sector.
The White House statement, according to Biden spoke of 'evolving intelligence' on potential cyberattacks by Russia as Biden reiterated previous warnings from Washington about potential cyberattacks coming from Russia.
"I have previously warned about the potential that Russia could conduct malicious cyber activity against the United States. It is part of Russia’s playbook", he stated.
"Today, my administration is reiterating those warnings based on evolving intelligence that the Russian government is exploring options for potential cyberattacks".
Biden called on America's private sector to harden its security defenses 'immediately' and said that the federal government "cannot defend against this threat alone".
He also said that "vigilance and urgency today can prevent or mitigate attacks tomorrow".
Railway From Belarus To Ukraine Cut Due To Belarusian Sabotage - The head of the Ukrainian Railways Alexander Kamyshin has confirmed that there is no longer any railway connection between Ukraine and Belarus, "thanks to Belarusian railway workers" who decided to launch what they have called a "railway war" by sabotaging Russian equipment in various ways. Read Full Article
Israeli Government Sites Have Crashed Due To Cyberattacks - A number of Israeli websites, including government sites have crashed as a result of cyberattacks, including the websites of the interior, health, justice and welfare ministries.
A number of Israeli websites, including government sites have crashed as a result of cyberattacks, including the websites of the interior, health, justice and welfare ministries.
This is reported to be the largest ever cyberattack ever carried out against Israel. No one has yet been able to determine who has carried it out, or why.
The Defense establishment and National Cyber Directorate has declared a state of emergency 'in order to study the extent of the damage' and determining whether or not the Israeli electric and water companies were also attacked.
Israeli Defense says that the cyberattacks targeted the .gov.il domain which is used for all government websites except for Defense related sites. The government database also uses the .gov.il extension.
Harretz news says that despite the cyberattacks, 'some of the websites can still be accessed via smartphone'.
Russia: We Will Treat Any Hacking Of Our Satellites As Justification For War - The head of Russia's space agency has stated that Russia will be treating any hacking of its satellites as justification for war, after an alleged hack of their systems was claimed by a 'non-state' hacker group on Tuesday according to media reports.
Head of the Russian State Space Corporation "Roscosmos" Dmiry Rogozin denied media reports however that Russian satellite control centers had been hacked during Russia's campaign against Ukraine while at the same time warned against any attempt to hack their systems saying that it would be treated as justification for war.
Interfax quoted Rogozin saying "Off-lining the satellites of any country is actually a casus belli, a cause for war" after the hacker group Network Battalion 65 had claimed responsibility for hacking Russia's satellite systems.
The claim by Network Battalion 65 came out on March 1st, with a Twitter post saying "we won't stop until you stop" and a message saying "The Russian Space Agency sure does love their satellite imaging. Better yet, they sure do love their Vehicle Monitoring System. The WS02 was deleted, credentials were rotated and the server is shut down".
The message continues to read "Network Battalion isn't going to give you the IP, that would be too easy, now wouldn't it? Have a nice Monday fixing your spying tech. Glory to Ukraine. We won't stop until you stop dropping bombs, killing civilians and trying to invade" (we left out the colorful part at the end).
Another message by the hacking group says "Anonymous is not alone. NB65 has officially declared cyber war on Russia as well. You want to invade Ukraine? Good. Face resistance from the entire world" and then "All of us are watching. All of us are fighting".
Island State In Tasmania, Australia Largely Offline After Incident Affecting Fiber Cables To Mainland - An incident that affected the fiber cables to the mainland has reportedly put Tasmania, Australia largely offline. Internet, phone lines and television services have all gone down after the incident. Real-time network monitoring shows that connectivity of the region is at 30% of its ordinary levels. The incident is marked as 'ongoing' by the NetBlocks internet observatory.
Netblocks put out an update over Twitter with a graph showing the downtime saying "Confirmed: The island state of #Tasmania in #Australia has fallen largely offline, with internet, phone lines and TV services down after an incident affecting fibre cables to the mainland; real-time network data show connectivity at 30% of ordinary levels; incident ongoing".
Decentralized International Hacker Group 'Anonymous' Declares Cyber War On Russia - The Decentralized international hacker group 'anonymous' has declared cyber war on Russia via Twitter, seemingly over Russia's war declaration on Ukraine.
The group tweeted on February 25th saying "The Anonymous collective is officially in cyber war against the Russian government. #Anonymous #Ukraine".
Ukrainian Ministry Of Defense Website Still Under Suspected DDOS Attack - Our intel channels confirm that the Ukrainian Ministry of Defense website is still down. It is now not showing any custom error message at all, just the white default connection timeout message, indicating the server is completely shut down.
Netblocks Confirms Loss Of Connectivity To Ukraine's Banks and ATM Services As Well As Ukrainian MOD - Netblocks monitoring service confirms that the Ukrainian ministry of defense website is down, along with Ukraine's State Savings Bank which is impacting ATM and banking services in Ukraine. Suspected ongoing DDOS attack on the servers.
Ukrainian Ministry Of Defense Says Probably Hit With DDOS Attack - Ukrainian Ministry of Defense: "The MOD website was probably attacked by DDoS: an excessive number of requests per second was recorded. Technical works on restoration of regular functioning are carried out. Communication via FB and Twitter pages"
Large-Scale Cyber Attack On Ukrainian Banks And Defense Website Currently Underway - Ukrainian media reports say there are issues with some Ukrainian banks, in addition with the Defense Ministry site being down. Privat and Oschad apps are not working and people can't pay with their cards.
Ukrainian Ministry of Defense website is currently down. None of the members in our intel channel can open it. When I finally was able to get in, the site was not operational but a message displayed about the site being under maintenance. The time it took for the page to load indicated a DDOS attack on the server.
The fact that the Ukrainian banks and Defense Ministry site would not be hosted on the same server indicates it's a large-scale attack hitting a number of Ukrainian servers. DDOS attack suspected.
Many Reporting Twitter Is Currently Down - *UPDATED* There have been many reports that Twitter is currently down or having problems (including the Defcon Level account) since 12:13 PM Eastern Time. Amazon Web Services are also having problems. *UPDATE: Both Twitter and Amazon Web Services are fully operational once again after a brief period of downtime.
Defcon Warning System Twitter account began logging off and throwing up an error message at attempted logins. Many other users have been reporting similar experiences with Twitter starting at 12:13PM EST.
Washington State Department Of Licensing Possible Cyberattack Breach - The Washington State Department of Licensing says that they observed irregular activity on one of its systems last month and that personal data from professional licenses might have been breached and leaked out to hackers. Read more
Cyberattack Against New York Based News Corp, China Suspected In Stealing Data On Journalists - New York - A cyberattack, discovered on January 20th was carried out against the New York based 'News Corp' which reportedly accessed emails and documents of various employees in the company, including that of journalists, which could possibly have been the main target of the attack. Dow Jones and New York Post also affected. Full Article
Oil Facilities In Europe hit With Cyber Attacks - Multiple oil transport and storage facilities in Europe have been hit with cyber attacks. Oiltanking in Germany, SEA-Invest in Belgium and Evos in the Netherlands have all had cyberattacks carried out against them, including 'dozens of terminals with oil storage and transport' across the world having been affected over the weekend according to BBC News.
All of the companies listed either went completely down or were 'severely' disrupted, though security experts are reportedly cautioning against making assumptions that the attacks were all coordinated.
Oiltanking Deutschland GmbH & Co. KG stated that it had been hacked Monday and said they were forced to operate a 'limited capacity'. The company is currently investigating the incident.
Threat Analyst Berett Callow at cyber-security company Emsisoft said that the reason we need to be careful about jumping to conclusions that multiple cyberattacks are related is that "Some types of malware scoop up emails and contact lists and use them to automatically spam malicious attachments or links, so companies with shared connections can sometimes be hit in quick succession".
"This is why you sometimes see sector-based or geographic-based clusters of incidents" he stated. Another possibility, according to BBC is that all of the companies that were affected may be using the same software for their operations which could have been compromised by hackers who found a vulnerability in the software's code.
British Snack Brand KP Snacks Hit With Ransomware Attack - In another disruptive attack on food suppliers, British snack brand KP Snacks has been hit with a ransomware attack with retailers warning of a crisps and nuts shortage post attack do to deliveries being disrupted.
U.S. Department Of State Statement on the Hack of the ICRC - "We are concerned by the breach, announced last month, of sensitive data held by the International Committee of the Red Cross (ICRC). For 150 years, the ICRC and the wider Red Cross and Red Crescent Movement have played a unique and essential role in protecting vulnerable populations from the harms of armed conflicts, natural disasters, and other emergencies". Full Article
DHS Warns Of Russian Cyberattacks On U.S. Homeland - WASHINGTON - The Department Of Homeland Security has released an intelligence bulletin stating that Russia would consider carrying out a cyberattack on the United States homeland if Moscow deems that the written response given by the U.S. and NATO threatens Russia's 'long-term national security'. Full Article
Apple iCloud Experiencing International Service Outages - Apple has confirmed that its iCloud service is currently experiencing international service outages that is not related to country-level internet disruptions according to Netblocks.
Apple's iCloud backup, iCloud mail, iCloud photos have all been reported to have service disruptions.
Apple stated that "some users are affected" and that they might be "experiencing a problem with this service" regarding the service outages.
The service interruptions began at 6:15 PM ET and has been ongoing since that time. Apple has not given an estimate on when services will be back up and running.
Cyberattack On Belarus Rail System To Stop Russian Military Buildup - There has reportedly been a cyber attack on the Belarus railway system by hacktivists who say they hacked the rail system to stop the Russian military buildup near the Ukrainian borders. Full Article
DHS: Imminent Cyber Threat Against America From Russia - The Department of Homeland Security is warning of an 'imminent cyber threat' against both American companies and government agencies from Russia, a national security source reportedly informed Fox News.
The source says that Russia 'may soon launch attacks against critical U.S infrastructure" after the Cybersecurity and Infrastructure Security Agency (CISA) put out a statement last week saying that every organization within the United States is 'at risk from cyber threats'.
CISA stated "[e]very organization in the United States is at risk from cyber threats that can disrupt essential services and potentially result in impacts to public safety".
CISA also warned companies and organizations in the United States to take immediate steps to guard against a cyberattack and referred to the recent attacks against Ukrainian government websites which Ukraine intelligence says Russia and Belarus had a hand in carrying out.
Poland Raises Cybersecurity Terror Threat Level Following Attack On Ukrainian Government Sites - Poland has raised its nationwide cybersecurity threat level following the cyberattack on Ukrainian government sites last week.
The Polish Defense Ministry stated "The introduction of this alert level means that public administration will be obliged to conduct increased monitoring of the security of ICT systems. It is due to the possibility of a possible security breach of electronic communications".
Microsoft had responded to the Ukrainian government cyberattack by saying "These systems span multiple government, non-profit, and information technology organizations, all based in Ukraine".
Serhiy Demedyuk, deputy secretary of the Ukrainian National Security and Defense Council stated "We believe preliminarily that the group UNC1151 may be involved in this attack".
NATO Signs Deal With Ukraine To Deepen Cyber Cooperation - NATO has signed a deal with Ukraine to 'deepen' cyber cooperation between the two countries after the latest cyber attack on Ukrainian government websites, and worries about a coming full scale Russian invasion on the country.
Ukraine says that it has evidence that Russia was behind the cyber attacks on its government websites, something that Russia has denied involvement in.
NATO Secretary General Jens Stoltenberg stated on Friday that cyber experts from NATO are already on the ground in Ukraine working with them regarding the latest cyber attack.
Stoltenberg said that the new cyber agreement with Ukraine will 'enhanced cyber cooperation, including Ukrainian access to NATO’s malware information sharing platform'.
Ukraine: Data Suggests Cyberattack Carried Out By Russian Federation - The Ukrainian Information Ministry said that 'the first data suggests' today's cyberattack on Ukrainian websites was 'carried out by the Russian Federation'.
"Contrary to the allegations of the attackers, the leakage of data, including personal data, did not occur" the Ministry stated.
NATO Signing Cyber Deal With Ukraine After Cyber Attack On Ukrainian Websites - The North Atlantic Treaty Organization (NATO) is set to sign a cyber deal with Ukraine and increase cyber warfare cooperation after Ukrainian websites were hacked according to NATO Secretary General Jens Stoltenberg on Friday.
Stoltenberg put out a statement on Friday saying "Allied experts in (the) country are also supporting the Ukrainian authorities on the ground".
"In the coming days, NATO and Ukraine will sign an agreement on enhanced cyber cooperation, including Ukrainian access to NATO’s malware information sharing platform" he said.
Russia Dismantles REvil Hacker Group At Request Of U.S. - Russia has conducted a special operation against the hacker group REvil on Friday, dismantled the group and charged 15 of the group's members at the request of the United States, according to the FSB domestic intelligence service.
The FSB stated "The organized criminal association has ceased to exist and the information infrastructure used for criminal purposes was neutralized".
In November the United States stated that it was offering a reward of up to $10 million for information leading to the identification or location of anyone holding a key position within the REvil hacker organization.
Ukrainian Government Sites Hacked In A Massive Cyberattack - Ukrainian government websites have been hacked in a massive cyberattack and are temporarily down.
A Ukrainian Ministry of Foreign Affairs spokesman stated "Our specialists are already working on restoring the work of IT systems & the cyber police opened an investigation".
The hacked message on the websites include the following text written in Ukrainian, Russian and Polish: "Ukrainian! All your personal data has been uploaded to the public network. All data on the computer is destroyed, it is impossible to recover them. All information about you has become public, be afraid and expect the worst".
Ukraine's Ministry of Defense websites, e-government services website and education ministry are also temporarily down.
US Cyber Command Confirms Iran's Intelligence Ministry Connected To MuddyWater Hacker Group - U.S. Cyber Command has officially confirmed that Iran's intelligence ministry is connected to the cyber espionage group MuddyWater which steals data from computer networks globally.
MuddyWater is an Iranian threat group, and a 'subordinate element' of Iran's intelligence ministry 'that conducts domestic surveillance to identify regime opponents. It also surveils anti-regime activists abroad through its network of agents placed in Iran’s embassies' according to a notice by the Cyber National Mission Force Public Affairs.
Israeli News Site Hacked With Picture Of Rocket Attack, Evidence Points To Iran - The Jerusalem Post website was hacked and replaced with a photo of a rocket coming out of a ring, similar to the ring worn by top Iranian general Qassem Soleimani with the message "We are close to you where you do not think about it".
The Jerusalem Post tweeted "We are aware of the apparent hacking of our website, alongside a direct threat of Israel. We are working to resolve the issue & thank readers for your patience and understanding".
Two weeks prior, a Twitter account with the handle @iraninarabic_ir in Arabic that is known to be associated with Iran had tweeted an image that threatens to destroy Israel in 2022.
The Twitter account posted an image of the nation of Israel built with nails and matches, along with a book of matches and reads "Ballistic Matchstick" in both Hebrew and English along with an Iranian flag. The text also reads "Just try and you will see".
That threat came only days after Iranian newspaper "Tehran Times" posted an image marking all of Iran's alleged targets in Israel with the caption "Just one wrong move".
Widespread Internet Service Outages - There is a widespread outage of internet services due to Amazon servers (AWS) being down. Thousands of people have reported a problem with the service and down detector shows a recent spike in downtime.
Taiwan And India Strike Back At China With Cyberattacks Of Their Own - China, who has long been the world's top cyberattack country responsible for a whopping 41.4% of the world's cyberattacks has admitted that both Taiwan and India are striking back with cyberattacks of their own.
These new dynamics have struck fear into China. In fact so much so that their mouthpiece Global Times has openly admitted that both India and China have become a threat to China.
The Global Times stated that an advanced Taiwanese persistent threat (APT) organization named GreenSpot has been targeting Beijing and the Fujian Province with cyberattacks.
China's security company says that the Taiwan company called ThreatBook targets Chinese government agencies and aerospace and scientific military research institutes stealing high valued data and classified intel.
GreenSpot has carried out large-scale phishing attacks on Chinese universities stealing not just intelligence but also releasing Trojan Horse viruses into Chinese systems.
India is also giving China a headache and giving China a difficult time. A Delhi based hacker team has been carrying out cyberattacks on Chinese government agencies and defense departments in both China as well as Pakistan. China says that this hacker group may become the largest cyberattack team in South Asia.
The CEO of Antiy Labs, China's top cybersecurity company stated "In 2021, the group began targeted attacks on Chinese institutions for intelligence theft".
The hackers set up phishing websites, attacked mobile devices with malicious applications and embedded Trojans written using Python to steal documents, passwords from browser caches and information about the hacked systems.
Outages With Internet Services Appear To Be Related To AWS - The outages that have taken down many web services appear to have all been caused by problems with Amazon Web Services which many of the other apps experiencing downtime depend on.
*BREAKING* Websites Go Down Across The Globe - Web services including Amazon, Ring, Disney+, AWS, Chime, Netflix appear to have went down for many users all over the world.
Amazon Goes Down Worldwide: Both Web And Service Crash - Both the Amazon web and services crashed worldwide on Tuesday at around 10:30AM ET. Web and services crashed at around the same time.
Many Amazon customers attempting to purchase Christmas gifts were left frustrated when they found out that the services were down. The website is down for most people, though only some users were reporting problems with the app.
FBI Website Hacked, Allowing Hackers To Carry Out Email Blasts From FBI Server - The Federal Bureau of Investigation (FBI) website was hacked, allowing hackers to blast out fake cybercrime investigation spam emails.
On November 12th, the fbi.gov domain was used for thousands of fake email blasts regarding investigations on cybercrime. The domain was compromised due to insecure code in the online portal on the FBI website allowing the FBI to share information with both state and local authorities.
The FBI confirmed the existence of the unauthorized messages sent but refused to comment further on the matter.
"The FBI and CISA [the Cybersecurity and Infrastructure Security Agency] are aware of the incident this morning involving fake emails from an @ic.fbi.gov email account,” reads the FBI statement. “This is an ongoing situation and we are not able to provide any additional information at this time. The impacted hardware was taken offline quickly upon discovery of the issue. We continue to encourage the public to be cautious of unknown senders and urge you to report suspicious activity to www.ic3.gov or www.cisa.gov".
U.S. Department Of State Offers $10 Million Dollar Reward To Bring DarkSide To Justice - The U.S. Department of State has announced that it is now offering up to $10,000,000 reward for any information that leads to the identification or location of any person who holds a key leadership position within the DarkSide ransomware hacker group.
The Department of State is also offering up to $5,000,000 for any information leading to the arrest and/or conviction in any country of any individual planning or conspiring to take part in a DarkSide variant ransomware incident.
The DarkSide ransomware hacker group was responsible for the ransomware hacking of the Colonial Pipeline company in May of 2021 causing a massive shutdown of the pipeline carrying 45 percent of the East Coast's fuel.
The reward being offered is under the Department of State's Transitional Organized Crime Rewards Program, or TOCRP. The Department of State has paid over $135 million in rewards to date.
State Department Hit With Cyber Attack - CYBERCOM has announced that the State Department has been hit with a cyber attack and put out a notification of a possible serious breach. Although it's not clear when the breach was discovered, it is believed that the incident happened a few weeks ago according to Jacqui Heinrich, a White House correspondent.
Heinrich also said, "The extent of the breach, investigation into the suspected entity behind it, efforts taken to mitigate it, and any ongoing risk to operations remains unclear".
Biden Says Cyber Attacks Could Result In Shooting War With Major Power - WASHINGTON - On Tuesday Joe Biden stated that if it ends up that the United States gets into a "real shooting war" with a "major power" it could be the result of a large scale cyber attack on the United States. Read more
Biden Says U.S. Will Respond If Russia Is Responsible For Cyberattack On Friday - Biden has stated that the United States will respond if Russia is behind the cyberattack that struck more than 200 companies on Friday, just before the start of the Independence Day weekend.
"We're not sure who it is", Biden admitted to reporters on Saturday as he pulled out a page of notes to help him answer questions. "The initial thinking was it was not the Russian government, but if it is Russia, I told Putin we will respond", he added.
U.S. Seizes Iranian Media Websites Including Iran's State Run TV Site - The United States has seized three dozen Iranian media sites for spreading misinformation, including Iran's state run TV website, replacing the website with a Department of Justice message that reads "This website has been seized by the United States Government in accordance with a seizure warrant issued pursuant to the 18 U.S.C. §§ 981, 982, and 50 U.S.C. 1701-1705 as part of a law enforcement action by the Bureau of Industry and Security, Office of Export Enforcement and Federal Bureau of Investigation".
The seizure comes only days after Ebrahim Raisi won the Iranian presidential elections and stated that he will not be meeting with Joe Biden and said that there will be no negotiations on its missile program or its sponsorship of terrorist activities in any new nuclear deal negotiations.
Warning From FBI Director: Do Not Pay Ransom For Ransomware Attacks - The Federal Bureau of Investigation has warned companies and businesses not to pay the ransom for ransomware attacks, but to contact law enforcement as quickly as possible. Also tips on how to remove yourself. Read more
East Coast Fuel Supply Cut Off By Ransomware Hackers - The fuel supply to most of the east coast has been cut off for three consecutive days in a row after a hacker group knocked out a major pipeline, causing gas futures on the stock market to surge by over 4%, and fuel suppliers to become nervous about gasoline shortages across the eastern United States. Read more