The CyberWire Daily Podcast 3.18.22
Ep 1538 | 3.18.22

Hacktivism and other cyberattacks continue against Russian targets, but some hacktivism may go too far. C2C market notes. Advice from CISA and NIST. Prank calls as statecraft.

Show Notes

Hacktivism and other cyberattacks continue against Russian targets, but some hacktivism that affects software supply chains may go too far. An initial access broker in the criminal-to-criminal market. BlackMatter may be working with BlackCat. CISA offers a warning and advice to SATCOM operators. NIST offers some guidance on industrial control system security. Johannes Ullrich reminds us to patch our backup tools. Our guest is Armando Seay from MISI with insights on maritime port security. And Rear Admiral Mehoff, call your office.


Selected reading.

Popular NPM Package Updated to Wipe Russia, Belarus Systems to Protest Ukraine Invasion (The Hacker News) 

Software Supply Chain Weakness: Snyk Warns of 'Deliberate Sabotage' of NPM Ecosystem (SecurityWeek) 

Russian government websites face ‘unprecedented’ wave of hacking attacks, ministry says (Washington Post) 

Ukraine’s Digital Ministry Is a Formidable War Machine (Wired)

Exposing initial access broker with ties to Conti (Google) 

Experts Find Some Affiliates of BlackMatter Now Spreading BlackCat Ransomware (The Hacker News)

Strengthening Cybersecurity of SATCOM Network Providers and Customers (CISA) 

NIST SPECIAL PUBLICATION 1800-10 Protecting Information and System Integrity in Industrial Control System Environments: Cybersecurity for the Manufacturing Sector (NIST)

Hoax caller claiming to be Ukrainian PM got through to UK defence secretary (the Guardian) 

Russians target Priti Patel and Ben Wallace with fake video calls (The Telegraph)