The UK and the US have formally blamed Russia for a wave of disruptive, politically-themed website defacements that hit Georgia in October 2019. British Foreign Secretary Raab called the GRU's campaign "reckless and brazen," an unacceptable attack on a sovereign nation. US Secretary of State Pompeo said the attempts gave the lie to Russian claims of being a responsible actor in cyberspace. By ZDNet's count, this is the fifth time the allies have accused the GRU of cyberattacks against foreign states.
Dragos has concluded “with high confidence” that the ransomware incident CISA responded to at a natural gas facility was the same Ryuk infestation the US Coast Guard reported in December. Dragos researchers describe the infection as “well-known ransomware behavior," not "an ICS-specific or ICS targeted event.” They think the attack doesn’t show even the limited process-targeting observed with EKANS and MegaCortex. In any case, as Fifth Domain points out, ransomware now clearly bulks large among the threats enterprises face.
MGM Resorts sustained a data breach last summer that affected almost ten-million-six-hundred-thousand guests. This week much of the personal information lost was posted to a hacker forum. ZDNet and Under the Breach confirmed that the data were indeed from the MGM Resorts incident. MGM Resorts says it notified affected guests last year. The data posted this week included names, home addresses, phone numbers, emails, and dates of birth, MGM Resorts says no paycard information was compromised.
Switzerland's government would like small businesses to pay more attention to its cybersecurity checklist.