Robinson & Cole LLP (LexBlog Russia)
-
Convicted Russian Cybercriminals Part of Prisoner Swap
It is heartwarming that 16 prisoners, including innocent ex-Marine Paul Whelan and Wall Street Journal reporter Evan Gershkovich, have been freed from their wrongful imprisonment in Russia in exchange for 24 convicted Russian prisoners. What is disturbing is that innocent individuals wrongfully convicted are being used to bargain for convicted individuals, including cybercriminals. Krebs on...
-
Privacy Tip #408 – Russian Cybercriminals Get 69% of Ransom Payments
Anecdotally, we know that cybercriminals hailing from Russia are a significant risk to U.S.-based and world companies and governmental entities. With two convicted Russian cybercriminals being released this week in the prisoner swap I was curious just how significant Russian cybercriminals play in cybercrime chaos. According to Bleeping Computer, “Russian-speaking threat actors accounted for at...
-
Commerce Department Bans Kaspersky Software in US
In the Biden Administration’s continuing effort to reduce the risk of cybersecurity spyware from foreign adversaries, including Russia, the United States Department of Commerce (Commerce) issued a final rule (Rule) on June 16, 2023, entitled “Protecting Americans’ Sensitive Data from Foreign Adversaries” and also amended a previously issued rule (“Securing the Information and Communications...
-
CISA + Partners Issue Alert for Protection of Water Systems, Dams, Energy + Food + Ag
In response to the growing threat by pro-Russia hacktivists, on May 1, 2023, CISA and other national agency partners issued an Alert to operators of industrial control systems and small-scale operational technology systems in North America and Europe on mitigation techniques for cyber operations to prevent a compromise of industrial control systems, including “Water and...
-
CISA + Partners Issue Alert for Protection of Water Systems, Dams, Energy + Food + Ag
In response to the growing threat by pro-Russia hacktivists, on May 1, 2023, CISA and other national agency partners issued an Alert to operators of industrial control systems and small-scale operational technology systems in North America and Europe on mitigation techniques for cyber operations to prevent a compromise of industrial control systems, including “Water and...
-
CISA + Partners Issue Alert for Protection of Water Systems, Dams, Energy + Food + Ag
In response to the growing threat by pro-Russia hacktivists, on May 1, 2023, CISA and other national agency partners issued an Alert to operators of industrial control systems and small-scale operational technology systems in North America and Europe on mitigation techniques for cyber operations to prevent a compromise of industrial control systems, including “Water and...
-
Five Eyes on Sanction Enforcement: Joint Guidance on Russia Sanctions Evasion From U.S. and Allies Identifies Detailed Expectations for Export Control Diligence in Sensitive Transactions
This week’s post was co-authored by Edward Heath and Kevin Daly. Attorneys Heath and Daly are members of Robinson+Cole’s Manufacturing Industry Team and regularly counsel clients on trade compliance, anti-corruption compliance, and other corporate compliance issues. On September 26, 2023, U.S. export enforcement authorities, jointly with enforcement authorities in four allied countries (the Five
-
Clop Claims Zero-Day Attacks Against 130 Organizations
Russia-linked ransomware gang Clop has claimed that it has attacked over 130 organizations since late January, using a zero-day vulnerability in the GoAnywhere MFT secure file transfer tool, and was successful in stealing data from those organizations. The vulnerability is CVE-2023-0669, which allows attackers to execute remote code execution. The manufacturer of GoAnywhere MFT notified...
-
New Round of Sanctions Relevant to Manufacturers Are Launched on the First Anniversary of Russia’s Invasion of Ukraine
This week’s post was co-authored with Edward Heath and Kevin Daly. Attorneys Heath and Daly are members of Robinson+Cole’s Manufacturing Industry Team and regularly counsel clients on trade compliance, anti-corruption compliance, and other corporate compliance issues. On the one-year anniversary of the invasion of Ukraine, the Biden administration has announced a series of additional sanction...
-
Killnet Takes Credit for Disabling State Websites
Killnet, a Russian-speaking hacking group that emerged shortly after Russia invaded Ukraine, took responsibility last week for deploying a denial-of-service attack that temporarily took several U.S. states’ websites offline. Although reported as unsophisticated, the attacks managed to affect the websites of Colorado, Connecticut, Kentucky, and Mississippi. The group’s goal is reportedly to...
-
What Is the Scope of Russian Sanctions?
Below in an excerpt from an article authored by Robinson+Cole Manufacturing Industry Team lawyers Edward J. Heath and Kevin Daly that was published by IndustryWeek. Since March 2022, U.S. companies doing business internationally have faced governmental sanctions imposed in response to Russia’s invasion of Ukraine. Controls affecting interactions with Russian, Belarussian and Ukrainian companies...
-
Small Businesses Don’t Recognize Risk of Cyber-Attack Despite Repeated Warnings
CNBC surveys over 2,000 small businesses each quarter to get their thoughts on the overall business environment and their small business’ health. According to the latest CNBC/SurveyMonkey Small Business Survey, despite repeated warnings by the Cybersecurity and Infrastructure Security Agency and the FBI that U.S.-based businesses are at an increased risk of a cyber-attack following...
-
Cyber-Attackers Politically Aligned
The most recent Accenture Global Incident Report (the Report) shows that cyber-attackers have political views and are divided between support for Russia or Ukraine. According to the Report, entitled “Global Incident Report: Threat Actors Divide Along Ideological Lines over the Russia-Ukraine Conflict on Underground Forums,” the war between Russia and Ukraine has caused an unusual...
-
Chinese APT41 Attacking State Networks
Although we are receiving frequent alerts from CISA and the FBI about the potential for increased cyber threats coming out of Russia, China continues its cyber threat activity through APT41, which has been linked to China’s Ministry of State Security. According to Mandiant, APT41 has launched a “deliberate campaign targeting U.S. state governments” and has...
-
Hackers Target Russia in Support Of Ukraine
The world has rallied around Ukraine since Russian forces invaded this past week, including, it seems, hackers. The hacktivist collective Anonymous, which gained prominence between 2008 and 2014 with a series of high-profile politically motivated cyber-attacks against such disparate groups as the Church of Scientology and PayPal, has come out of the woodwork once again...
-
FBI and DHS Warn of Russian Cyber-Attacks Against Critical Infrastructure
U.S. officials this week warned government agencies, cybersecurity personnel, and operators of critical infrastructure that Russia might launch cyber-attacks against Ukrainian and U.S. networks at the same time it launches its military offensive against Ukraine. The FBI and the Department of Homeland Security (DHS) warned law enforcement, military personnel, and operators of critical...
-
FBI and DHS Warn of Russian Cyber-Attacks Against Critical Infrastructure
U.S. officials this week warned government agencies, cybersecurity personnel, and operators of critical infrastructure that Russia might launch cyber-attacks against Ukrainian and U.S. networks at the same time it launches its military offensive against Ukraine. The FBI and the Department of Homeland Security (DHS) warned law enforcement, military personnel, and operators of critical...
-
CISA Warns “Every Organization” in U.S. to Assess + Respond to Cyber Risks
The Cybersecurity & Infrastructure Security Agency (CISA) recently issued another warning to “every organization” in the U.S. about cybersecurity risks during the ongoing escalation of tension between the U.S. and Russia over Ukraine. According to the CISA Insights publication entitled “Implement Cybersecurity Measures Now to Protect Against Potential Critical Threats,” “public and private...
-
Tensions with Russia Prompt CISA Warning to Critical Infrastructure
The Cybersecurity & Infrastructure Security Agency (CISA), in tandem with the FBI and National Security Agency, issued a Cybersecurity Advisory on January 22, 2022, to warn organizations, and especially critical infrastructure operators, to be on heightened alert that Russian state-sponsored cyber operations may again use the tensions with the U.S. to attack U.S. companies. The...
-
Privacy Tip #303 – Russian Hacking Group Targets Gmail Users
If you think the Russians are only targeting U.S. companies and the defense industry, think again. The cyber war between Russia and the U.S. has escalated since the President threw down the gauntlet on Putin, and the retaliation is to attack Gmail users in the U.S. Yes, Gmail users are part of the war. According...
-
White House Focused on Combating Ransomware
Ransomware attacks are frequent and escalating as we speak. Double extortion scams are hitting companies at a dizzying pace, and catching companies, large and small, off-guard. U.S. President Joseph Biden warned Russian President Vladimir Putin to knock it off during their first summit [view related post]. Nonetheless, and not surprisingly, the attacks continue, particularly out...
-
Further Fall-Out from Russian Hacking of SolarWinds
U.S. intelligence agencies, including the FBI, the Office of the Director of National Intelligence, the National Security Agency and the Cybersecurity and Infrastructure Security Agency, have confirmed that Russia was behind the SolarWinds hack. It is reported that the FBI is investigating whether Russia hacked into project management software JetBrains’ TeamCity DevOps tool to originally...
-
NSA + FBI Warn Defense Contractors of Russian Hackers
When the National Security Agency (NSA) and the Federal Bureau of Investigations (FBI) get together to issue a joint warning, you may wish to listen up. The NSA and FBI recently alerted the defense industry through a Cybersecurity Advisory of the risk of malware attacks targeted at the defense and aerospace sectors by Russia’s General...
-
Privacy Tip #218 – FBI Considers FaceApp a Counterintelligence Threat
For those of you who have downloaded the face editing app FaceApp, please note that the Federal Bureau of Investigation (FBI) has classified FaceApp as a counterintelligence threat because of its Russian origins. According to the FBI, “[T]he FBI considers any mobile application or similar product developed in Russia, such as FaceApp, to be a...
-
Russian Hackers: Desperate for U.S. Information
The latest report regarding Russia stealing U.S. cyber secrets is yet again centered around the National Security Agency (NSA), using Contractors to gain access, in some cases, to classified data. It has been reported that a NSA Contractor (fired back in 2015) put highly classified U.S. cyber secrets on his home computer, which included information...
-
The State of Cybersecurity in 2016 and the (potential) Great Cyber Fire
Cybersecurity hit the news hard in 2016. The number of high profile, and troubling, cyber incidents increased significantly. The Democratic National Committee and one of Clinton’s top advisor’s being hacked, with leaked emails by Russia, according to intelligence reports, may have influenced the U.S. election. Theft of document from the Mossack Fonseca law firm in...