Hackers have likely penetrated critical Ukrainian and Russian computer systems, U.S. says

Hackers have likely penetrated critical Ukrainian and Russian computer systems, U.S. says

« Russian government hackers have likely broadly penetratedUkrainian military, energy and other critical computer networks to collect intelligence and position themselves potentiallyto disrupt those systems should Russia launch a military assault on Ukraine, according to newly declassified U.S. intelligence. 

Attack tactics

Moscow could seek to disrupt Ukrainian entities that provide critical services such as electricity, transportation, finance and telecommunications — either to support military operations or to sow panic in an attempt to destabilize the country, according to a senior administration official who described the intelligence.

New intelligence suggests Russia plans a ‘false flag’ operation to trigger a Ukraine invasion

The U.S. government has determined only that Russia could undertake disruptive cyber-activity, not that it will, said the official, who like several others spoke on the condition of anonymity because of the matter’s sensitivity. “We don’t know that they have intention to do so,” the official said. “But we have been working with Ukraine to strengthen their cyberdefenses.”

tched servers are likely to be the target of these attackers. 

Recent victims of Hakers

Besides the advisory, BlackByte was in the headlines due to attacks on various organizations in the past few months.

  • Just a few days ago, NFL’s San Francisco 49ers team was targeted by BlackByte. The attackers claim to have stolen their data and leaked 300MB files on their data leak blog.
  • In December 2021, BlackByte’s campaign launched attacks against organizations exposed to ProxyShell flaws in Microsoft Exchange.

Thursday evening, the Anonymous collective declared a cyberwar against Russia as Putin’s forces closed in on the Ukrainian capital. And it looks like they were serious.

On Friday evening, Anonymous claimed they managed to breach the database belonging to the Russian Ministry of Defence. The group’s actions appear to be part of a growing trend that is seeing a growing number of cyber soldiers take to the newest front in the war against Russia.

Anonymous posted the database online and made it accessible to anyone. « Hackers all around the world: target Russia in the name of #Anonymous let them know we do not forgive, we do not forget. Anonymous owns fascists, always, » the group tweeted.

It seems that the database contains officials’ phone numbers, emails, and passwords. Twitter users seem excited about the news and continue discussing how they could use them to harm Putin’s regime.

« Sign them up for GOP and Trump fundraising emails. That will be enough to drive them all crazy, » one user suggested.

Anonymous leak
read more

BlackByte Ransomware Attacks Target U.S. Critical Infrastructure

 »

The BlackByte ransomware group breached the network of multiple US-based organizations in the critical infrastructure sector in the past three months. US officials have released a joint advisory warning against the threat.

What’s in the advisory?

  • According to a joint advisory released by the FBI and U.S. Secret Service, BlackByte has targeted various U.S. and foreign businesses in the last few months.
  • Three of its victims belong to government facilities, financial, food and agriculture sectors.
  • The advisory identifies BlackByte as a RaaS targeting Windows systems, both physical and virtual servers.
  • It further provides technical details, IOCs, and mitigation steps to help organizations stay protected from the group’s attacks.

Attack tactics

This ransomware group abuses software vulnerabilities (e.g. Microsoft Exchange Server) to obtain initial access to targets’ networks. Therefore, unpatched servers are likely to be the target of these attackers.

Recent victims of BlackByte

Besides the advisory, BlackByte was in the headlines due to attacks on various organizations in the past few months.
  • Just a few days ago, NFL’s San Francisco 49ers team was targeted by BlackByte. The attackers claim to have stolen their data and leaked 300MB files on their data leak blog.
  • In December 2021, BlackByte’s campaign launched attacks against organizations exposed to ProxyShell flaws in Microsoft Exchange.

Conclusion

The advisory by the FBI should be considered seriously and organizations must raise their security barriers higher to fend off threats such as BlackByte. The advisory includes a list of measures to be taken to stay protected.

 

read more

Morgan Stanley: Ether more volatile than bitcoin

Investment banking giant outlines threat posed to Ethereum by Solana, Cardano and BNB

One of the United States’ leading financial institutions has outlined the weaknesses of ether (ETH) when compared to other competing cryptocurrencies.

ETH v BTC

Morgan Stanley Wealth Management observed, in a note entitled Cryptocurrency 201: What Is Ethereum?, that ether, the world’s second largest cryptocurrency by market capitalisation and a leader in the growth of decentralised finance (DeFi), is itself less decentralised than bitcoin.

The firm observed that, while the top 100 addresses holding bitcoin owned 14% of the cryptocurrency’s total supply, the equivalent figure for ethereum stood at 39%.

The group of analysts led by Denny Galindo also stated that, since 2018, ether has been around 31% more volatile than its larger competitor.

Competition and regulation

Morgan Stanley recognised that the Ethereum blockchain’s structure makes it far better placed than bitcoin to power the ongoing surge in interest in DeFi and non-fungible tokens (NFTs). However, it also highlighted the threat of such projects eventually migrating to alternatives such as Solana, Cardano, Tezos and BNB Chain.

It observed that high fees, a criticism long levelled at Ethereum, could hasten this shift and hinder scalability and further adoption.

In addition to competition, Morgan Stanley’s note also considered the threat to future growth posed by regulatory crackdowns. The world’s fourth-largest investment bank particularly stressed the fast-changing nature of laws governing this burgeoning sector.

A shortage of storage?

Morgan Stanley did recognise that ether’s growth was noticeably faster than bitcoin’s. Indeed, from the start of 2021 to mid-February 2022, the former has risen by 275% while the latter has only increased by 35%.

read more

Cyber Sécurité et Data Intelligence

Cyber Sécurité, Data Intelligence, RGPD, Cloud, Solutions Digitales, Transformation & Innovation !

read more

Decentraland price prediction: Is MANA a good investment?

MANA skyrocketed in late 2021, but what is the Decentraland price prediction for 2022?

read more

Bitcoin miners are helping the Texas grid brace for winter storm impact

 »

As a major winter storm descends on Texas, crypto miners are powering down operations to help ease the burden on the state’s already beleaguered power grid.

The chief concern is that we might see a repeat of February 2021, when a deep freeze devastated large swaths of the state, leaving 10 million Texans without electricity and resulted in a multisystem meltdown that “was within minutes of a much more serious and potentially complete blackout.” Hundreds of people died amid the multiday outage.

The grid is called ERCOT, which is short for the Electric Reliability Council of Texas, the organization tasked with operating it. To run smoothly, ERCOT requires a perfect balance between supply and demand. Having too much power and not enough buyers is just as bad as everyone wanting to fire up their air conditioning units on the same day in July.
Whinstone CEO Chad Harris takes CNBC on a tour of the largest bitcoin mine in North America.
Whinstone CEO Chad Harris takes CNBC on a tour of the largest bitcoin mine in North America.

For years, ERCOT has struggled with fluctuating energy prices and sporadic service, which is why it strikes deals with flexible energy buyers, like crypto miners. Through established “demand response” programs, ERCOT will actually pay major industrial users to cut power.

“They’re expecting the same kind of grid load as you would have at peak summertime, so they’ll likely curtail miners at some point on Friday or Saturday,” explained Fred Thiel, CEO of Marathon Digital, another major player in the U.S. mining industry.

Bitcoin miners specifically, and demand response more generally, are a powerful tool in the toolbox for grid management, according to Lee Bratcher, president of the Texas Blockchain Council.

Marathon’s Thiel tells CNBC that miners have been coordinating with ERCOT since last week to get ahead of any potential problems with the grid.

“Everybody wants to collaborate, everybody wants to voluntarily do whatever it takes to support ERCOT,” he said.

The question now is when the baseload that miners use (the baked-in energy demand from miners as a collective) is shut down and transferred back to the grid, does that provide the grid with what it needs to keep functioning as normal?

“This is a key test moment for the industry,” continued Thiel.

Whether crypto miners going offline en masse in one of the biggest crypto mining jurisdictions in the world will move the price of bitcoin, the answer is probably no.

The supply delta from changing the pace of mining is typically minimal, and any price moves in bitcoin or other major proof-of-work cryptocurrencies would likely have more to do with macro factors and overall risk-off behavior.

Big test for bitcoin miners

Many in the mining industry tell CNBC that the next few days are a high-stakes way of testing out whether the narrative of crypto miners being good for the grid bears out under pressure. The state’s growing crypto mining contingent ballooned after China banished all crypto miners last May.

“Bitcoin miners want to be good stewards of grid stability,” said Alex Brammer of Luxor Mining, a cryptocurrency pool built for advanced miners.

“We are incentivized financially but also from a political narrative, and therefore, regulatory perspective. We want to show the world we contribute to the health and resilience of the grid, and we know that all eyes will be on us throughout this first big test of the year,” continued Brammer.

That financial incentive is key. Miners are not altruistically opting to do the grid a solid by sometimes powering down some or all of its bitcoin miners to free up electricity for those in need. Instead, there are a lot of financial perks baked into its arrangement with the nonprofit organization that operates Texas’ grid.

“Imagine how much you would have to pay Amazon to say, ‘Hey, there’s too much demand for power. Please power down your data center,’” said bitcoin mining engineer Brandon Arvanaghi, who now runs Meow, a company that enables corporate treasury participation in crypto markets.

“But it can do that with bitcoin very easily, because all you have to do is pay the miners slightly more than what they would have made mining for bitcoin that hour,” continued Arvanaghi, who calls the setup a “a win-win.”

If the grid operators pay the miners a penny more than they would have made from mining in any given hour, then they’ll gladly power down. And from Thiel’s experience, they get curtailment requests less than 3% of the time in the course of a year, which he estimates comes to about five to ten hours a month.

Even bitcoin miners that haven’t cut a deal with ERCOT sometimes voluntarily power down at times of peak consumption when prices shoot higher.

The price of power per hour is all over the place, routinely going negative.

Shaun Connell, the EVP of power at Lancium, tells CNBC that in 2020, the price of energy in West Texas was negative between 10% and 20% of the time. The price dips below zero when supply outpaces demand.

In 2021, the price of power per hour was negatively priced 9% of the time, while 5% of all hours peaked above $100. Extreme tails like the ones shown in the chart below aren’t a good thing.

Lancium

In 2021, had miners voluntarily cut back their uptime expectation from 100% to 95%, they would have slashed their per megawatt hour price from $178 to $25, according to data from Lancium, a Houston-based energy tech company that specializes in bitcoin mining.

Strategically timed energy curtailment proves especially vital for the Texas grid, which exists as its own little island.

Unlike the rest of the continental U.S. that belongs to either the Eastern or Western interconnection (the names of the two interconnected power grids linking states), 90% of Texas runs on ERCOT, a deregulated and independent network of energy providers that is not tethered to any other grid in the U.S.

While this competitive market often drives down the price of power as providers compete on cost to capture customers, it also means that there is less of a safety net baked into the grid. This presents problems in the face of calamitous events, such as a power shortage or a natural disaster, like the fatal winter storm in early 2021.

Adding a “controllable load resource” like bitcoin miners to the grid acts as a sort of life insurance policy. It’s almost like a hedge against disaster.

And it’s no skin off the back of bitcoin miners. Bitcoin has no uptime requirement, nor is the gear worn down by regularly powering off and on. It’s pretty much a win, win.

“That’s the beauty of bitcoin — it’s something no other industry can really do,” Arvanaghi told CNBC. “It’s very synergistic.”

Not everyone agrees

Not all are convinced that bitcoin miners are the solution.

“Miners are a strain on the grid, not a help,” said Ben Hertz-Shargel of Wood Mackenzie, a provider of commercial intelligence for the world’s natural resources sector. Hertz-Shargel is concerned that bitcoin mining would only raise peak demand, ultimately adding stress to the system.

Hertz-Shargel predicts that bitcoin could more than double demand growth in ERCOT’s territory, but unlike pro-crypto Republican Sen. Ted Cruz, Hertz-Shargel doesn’t think that additional demand is a good thing.

The analogy I like to use is that if you start smoking two packs a day and then cut back to one pack on holidays, that doesn’t make smoking good for your health,” he says.

Hertz-Shargel argues that ERCOT should be focused on grid improvements to make it easier to get power from solar and wind farms to big consumption centers, and that bitcoin miners aren’t the right way to deal with demand fluctuations. Instead, he argues, “the intermittency of renewables should be met with demand response from societally-beneficial loads, like industrial facilities, commercial buildings, and residential air conditioners — or energy storage.”

But ERCOT interim CEO Brad Jones thinks bitcoin miners can be helpful.

Jones has been touring the state and hosting public events to answer questions from Texans about the electric grid. Besides winter weather, the impact of cryptocurrency mining on the grid is a common question.

“I’m pro bitcoin…but I’m too risk averse to be an investor in bitcoin,” Jones told a crowd of residents in Frisco, Texas in December. The ERCOT chief went on to explain the mutually beneficial relationship between the grid and bitcoin miners.

“A lot of these solar and wind can produce power down to a negative power range, negative $23 per megawatt hour,” Jones said. “These bitcoins see that as a great opportunity. They can get paid to use power. And that’s why they’re coming to the state. But that’s not necessarily bad.”

Jones makes the point that negative power isn’t healthy for the market. Bitcoin miners “soak up” some of that negative power, and when the cost of electricity gets slightly higher than what they’re willing to pay for it (around $100, according to Jones), they shut off.

“So I think it’s really a valuable potential resource for us.”

 

read more

European banks told to step up cyberattack defenses amid Russia-Ukraine crisis

 »

Banks across the euro zone are being told to increase their cyber defenses with the region’s regulator saying the issue should be a top priority amid heightened geopolitical tensions.

“We are asking [banks] to strengthen their cyber regime measures and look at a potential increase in attacks and the danger of these attacks going forward,” Andrea Enria, chair of the European Central Bank supervisory board, told a news conference on Thursday, according to Reuters.

“We’ll also flag the attention of banks in relation to the potential worsening of global tensions that could indeed trigger more attacks.”

Speaking to CNBC’s Annette Weisbach later on Thursday, Enria said the ECB, the central bank of the 19 EU nations which have adopted the euro, is putting “more and more attention on the ability of banks to ensure their security.”

“It’s a difficult area,” he said, adding that the central bank needs more people with the right skills to monitor cyberattacks. “We are putting increasing attention to these areas and indeed we expect banks to to strengthen their defenses.”

Banks free to dip into buffers until end of 2022, says ECB Supervisory Board chair »

A report from Reuters on Wednesday, citing two unnamed sources, said that the ECB had been preparing banks for possible Russian-sponsored attacks. Speaking to CNBC, Enria said the ECB thinks “there is a concern” regarding cyberattacks more broadly, but did not elaborate on specifics.

On Russia and the potential for sanctions if tensions on the Ukrainian border escalate, Enria flagged the direct exposure of some European banks to Russia and the Ukraine, but said it is “not a great element of concern” as they tend to be relatively contained and funded locally.

Moscow has denied that it plans to invade neighboring Ukraine, but has moved around 130,000 soldiers, tanks, missiles, and even fresh blood supplies to the border. The Kremlin is demanding that Ukraine is never permitted to become a member of the NATO military alliance, and has also said it wants the organization to roll back its presence in Eastern Europe.

The New York Department of Financial Services issued an alert to financial institutions in late January, warning of retaliatory cyber attacks should Russia invade Ukraine and trigger U.S. sanctions, according to Thomson Reuters’ Regulatory Intelligence.

Hackers with links to Russia have been accused of several large cyberattacks in the past including the infamous SolarWinds hack on the U.S. in 2020, but the country did not accept any responsibility.

— Additional reporting by CNBC’s Chloe Taylor.

read more