Contents:
A supply chain attack is a type of attack that aims to inflict damage upon an organization by leveraging vulnerabilities in its supply network.
Cybercriminals often manipulate hardware or software during the manufacturing stage to implant rootkits or tie in hardware-based spying elements. Attackers can later use these implants to attack the organization they’re after.
What Happened?
Several Russian government websites were breached via a supply chain assault.
The websites of the Energy Ministry, the Federal State Statistics Service, the Federal Penitentiary Service, the Federal Bailiff Service, the Federal Antimonopoly Service, the Culture Ministry, and other Russian state institutions were among those affected by the cyberattack.
The Russian Ministry of Economic Development’s press staff declared for Interfax that it is impossible to hack these websites directly, therefore hackers use other services to acquire access to the resources and thus present inaccurate stuff.
Hackers were able to post false information on websites after gaining access to the widget. The source of the problem was quickly identified.
The websites of state agencies are under serious protection and round-the-clock monitoring by cybersecurity teams. It is difficult to compromise these websites directly, so hackers attack resources through external services and thus gain access to demonstrate incorrect content
As BleepingComputer reports, according to the Russian Ministry of Digital Development, the compromised websites of state agencies were restored within an hour after the incident.
The Russian authorities recently released a list of more than 17,000 IP addresses suspected to have been used in DDoS assaults on Russian networks.
As a result, the NKTsKI, a federal security agency unit tasked with coordinating computer incident response, issued a public warning to Russian businesses about the danger of information security breaches.
Earlier this week, Russia’s Digital Development Ministry similarly disputed rumors that Russia planned to isolate Russia from the Internet.
Cyberattacks from other countries are occurring constantly against Russian sites. We are preparing for a variety of eventualities to guarantee that Russian [online] materials are available. no intentions to shut down the internet from inside [the nation].