February 16, 2018 Cybersecurity Briefing: NotPetya Attribution and Cryptojacking Surge

Today, several notable cybersecurity events unfold, shaping the current landscape.

NotPetya Attribution This morning, the United States, alongside its allies, publicly attributes the destructive NotPetya cyberattack to Russia. Occurring in June 2017, NotPetya targeted numerous organizations globally, most prominently affecting the Danish shipping giant Maersk, which reported immense financial losses. The attack exploited a vulnerability in Microsoft software that had been exposed through NSA leaks, a fact that underscores the ongoing consequences of such disclosures. The White House characterizes NotPetya as "the most destructive and costly cyberattack in history," marking a significant moment in the attribution of state-sponsored cyber activities. This incident reflects the increasing geopolitical tensions and the use of cyber tools in conflicts.

Cryptojacking Surge Overnight, reports reveal a staggering 1,200% rise in cryptojacking incidents in the UK. These attacks involve injecting malicious scripts into websites, allowing attackers to mine cryptocurrency using the computing power of unsuspecting visitors. Notably, several government and local council websites fall victim to these attacks, highlighting significant vulnerabilities within widely used plugins and applications. As organizations grapple with this emerging threat, it emphasizes the need for robust web security practices to protect against such covert exploitation of resources.

Vulnerabilities in Adobe Flash Additionally, cybercriminals are leveraging a recently patched critical vulnerability in Adobe Flash Player to launch widespread spam campaigns targeting unpatched systems. This trend illustrates a persistent pattern where attackers exploit known vulnerabilities to gain access to sensitive systems, emphasizing the critical importance of timely software updates and patch management. Organizations must remain vigilant against such opportunistic attacks that capitalize on oversight.

These events collectively highlight the persistent and evolving threats in the cybersecurity landscape. As state-sponsored attacks escalate and opportunistic threats like cryptojacking become more prevalent, the necessity for proactive security measures and robust incident response plans grows increasingly urgent. Organizations must prioritize monitoring, updating, and securing their systems to combat these multi-faceted threats and safeguard sensitive information.