Russia Targeting, Breaching Western Organizations Aiding Ukraine: CISA Joint Advisory
Western logistics and technology companies engaged in the transportation, coordination, and delivery of foreign assistance to Ukraine are being targeted by a Russian state-sponsored cyber unit, the Cybersecurity and Infrastructure Security Agency (CISA) said in a May 21
The campaign, which began in 2022, is being carried out by a military unit within the Russian General Staff Main Intelligence Directorate (GRU) called Unit 26165, which is known in the cybersecurity community under various names such as APT28, Fancy Bear, Forest Blizzard, and BlueDelta.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Chicago Tribune
22 minutes ago
- Chicago Tribune
President Donald Trump says Vladimir Putin told him that Russia will respond to Ukrainian attack on airfields
WASHINGTON — U.S. President Donald Trump said that Russian President Vladimir Putin told him 'very strongly' in a phone call Wednesday that he will respond to Ukraine's weekend drone attack on Russian airfields. The U.S. president said in a social media post that 'It was a good conversation, but not a conversation that will lead to immediate Peace.' The call that lasted for an hour and 15 minutes was Trump's first known with Putin since May 19. Trump said he and Putin also discussed Iran's nuclear program. THIS IS A BREAKING NEWS UPDATE. AP's earlier story follows below. KYIV, Ukraine (AP) — Ukrainian President Volodymyr Zelenskyy on Wednesday dismissed Russia's ceasefire proposal as 'an ultimatum' and renewed his call for direct talks with Russian President Vladimir Putin to break the deadlock over the war, which has dragged on for nearly 3½ years. Putin, however, showed no willingness to meet with Zelenskyy, expressing anger Wednesday about what he said were Ukraine's recent 'terrorist acts' on Russian rail lines in the Kursk and Bryansk regions on the countries' border. 'How can any such (summit) meetings be conducted in such circumstances? What shall we talk about?' Putin asked in a video call with top Russian officials. He accused Ukraine of seeking a truce only to replenish its stockpiles of Western arms, recruit more soldiers and prepare new attacks like those in Kursk and Bryansk. Both sides exchanged memorandums setting out their conditions for a ceasefire for discussion at Monday's direct peace talks between delegations in Istanbul, their second meeting in just over two weeks. Zelenskyy had previously challenged Putin to meet him in Turkey, but Putin stayed away. Russia and Ukraine have established red lines that make a quick deal unlikely, despite a U.S.-led international diplomatic push to stop the fighting. The Kremlin's Istanbul proposal contained a list of demands that Kyiv and its Western allies see as nonstarters. Zelenskyy said that the second round of talks in Istanbul was no different from the first meeting on May 16. Zelenskyy described the latest negotiations in Istanbul as 'a political performance' and 'artificial diplomacy' designed to stall for time, delay sanctions and convince the United States that Russia is engaged in dialogue. 'The same ultimatums they voiced back then — now they just put them on paper … Honestly, this document looks like spam. It's spam meant to flood us and create the impression that they're doing something,' Zelenskyy said in his first reaction to the Russian document. He added that the 2025 talks in Istanbul carry 'the same content and spirit' as the fruitless negotiations held in the Turkish city in the early days of the war. The Ukrainian leader said that he sees little value in continuing talks at the current level of delegations. Defense Minister Rustem Umerov led the Ukrainian delegation in Istanbul, while Vladimir Medinsky, an aide to Putin, headed the Russian team. Zelenskyy said he wants a ceasefire with Russia before a possible summit meeting with Putin, possibly also including U.S. President Donald Trump, in an effort to remove obstacles to a peace settlement. The U.S. has led a recent diplomatic push to stop the full-scale invasion, which began on Feb. 24, 2022. 'We are proposing … a ceasefire before a leaders' summit,' with the U.S. acting as a mediator, Zelenskyy told a media briefing in Kyiv. 'Why a ceasefire before the leaders' meeting? Because if we meet and there is no mutual understanding, no willingness or vision on how to end this, then the ceasefire would end that same day. But if we see readiness to continue the dialogue and take real steps toward de-escalation, then the ceasefire would be extended with U.S. mediation guarantees,' he said. Ukraine is ready to meet at any time from next Monday at a venue such as Istanbul, the Vatican or Switzerland, Zelenskyy said. A second round of peace talks on Monday between Russian and Ukrainian delegations in Istanbul lasted just over an hour and made no progress on ending the war. They agreed only to swap thousands of their dead and seriously wounded troops. Also, a new prisoner exchange with Russia could take place over the weekend, Zelenskyy said. The U.S. has shown signs of distancing itself from the conflict. Defense Secretary Pete Hegseth skipped a meeting in Brussels on Wednesday of an international group coordinating military aid to Ukraine. It was the first time America's Pentagon chief didn't attend alongside 50 other defense leaders since the U.S. created the group three years ago. An analysis published Tuesday by the Center for Strategic and International Studies, a Washington think tank, said the Kremlin is hoping for U.S. disengagement while avoiding further sanctions. 'Without serious pain, Putin will continue to drag the peace talks out, keep fighting, and wait for the United States to walk away,' it said. In tandem with the talks, both sides have kept up offensive military actions along the roughly 1,000-kilometer (620-mile) front line and carried out deep strikes. Ukraine's Security Service gave more details Wednesday about its spectacular weekend drone strike on Russian air bases, which it claimed destroyed or damaged 41 Russian aircraft, including strategic bombers. The agency claimed the planes struck included A-50, Tu-95, Tu-22, Tu-160, An-12, and Il-78 aircraft, adding that artificial intelligence helped guide the drones thousands of miles from Ukraine. It also said it set off an explosion on Tuesday on the seabed beneath the Kerch Bridge, a vital transport link between Russia and illegally annexed Crimea, claiming it caused damage to the structure. But Kremlin spokesperson Dmitry Peskov said Wednesday that there was no damage. Russia's Defense Ministry said Wednesday that its troops have taken control of another village in Ukraine's northern Sumy region, on the border with Russia. Putin announced on May 22 that Russian troops aim to create a buffer zone that might help prevent Ukrainian cross-border attacks. Since then, Russia's Ministry of Defense claims its forces have taken control of nine Sumy villages.
Miami Herald
29 minutes ago
- Miami Herald
Trump cuts could expose student data to cyber threats
When hackers hit a school district, they can expose Social Security numbers, home addresses, and even disability and disciplinary records. Now, cybersecurity advocates warn that the Trump administration's budget and personnel cuts, along with rule changes, are stripping away key defenses that schools need. "Cyberattacks on schools are escalating and just when we need federal support the most, it's being pulled away," said Keith Krueger, chief executive officer of the Consortium for School Networking, an association of technology officials in K-12 schools. Related: Our free weekly newsletter alerts you to what research says about schools and classrooms. The stakes are high. Schools are a top target in ransomware attacks, and cyber criminals have sometimes succeeded in shutting down whole school districts. The largest such incident occurred in December, when hackers stole personal student and teacher data from PowerSchool, a company that runs student information systems and stores report cards. The theft included data from more than 60 million students and almost 10 million teachers. PowerSchool paid an undisclosed ransom, but the criminals didn't stop. Now, in a second round of extortion, the same cyber criminals are demanding ransoms from school districts. The federal government has been stepping up efforts to help schools, particularly since a 2022 cyberattack on the Los Angeles Unified School District, the nation's second-largest. Now this urgently needed assistance is under threat. Warning service Of chief concern is a cybersecurity service known as MS-ISAC, which stands for Multi-State Information Sharing and Analysis Center. It warns more than 5,700 schools around the country that have signed up for the service about malware and other threats and recommends security patches. This technical service is free to schools, but is funded by an annual congressional appropriation of $27 million through the Cybersecurity and Infrastructure Security Agency (CISA), an agency within the Department of Homeland Security. On March 6, the Trump administration announced a $10 million funding cut as part of broader budget and staffing cuts throughout CISA. That was ultimately negotiated down to $8.3 million, but the service still lost more than half of its remaining $15.7 budget for the year. The non-profit organization that runs it, the Center for Internet Services, is digging into its reserves to keep it operating. But those funds are expected to run out in the coming weeks, and it is unclear how the service will continue operating without charging user fees to schools. "Many districts don't have the budget or resources to do this themselves, so not having access to the no cost services we offer is a big issue," said Kelly Lynch Wyland, a spokeswoman for the Center for Internet Services. Sharing threat information Another concern is the effective disbanding of the Government Coordinating Council, which helps schools address ransomware attacks and other threats through policy advice, including how to respond to ransom requests, whom to inform when an attack happens and good practices for preventing attacks. This coordinating council was formed only a year ago by the Department of Education and CISA. It brings together 13 nonprofit school organizations representing superintendents, state education leaders, technology officers and others. The council met frequently after the PowerSchool data breach to share information. Now, amid the second round of extortions, school leaders have not been able to meet because of a change in rules governing open meetings. The group was originally exempt from meeting publicly because it was discussing critical infrastructure threats. But the Department of Homeland Security, under the Trump administration, reinstated open meeting rules for certain advisory committees, including this one. That makes it difficult to speak frankly about efforts to thwart criminal activity. Non-governmental organizations are working to resurrect the council, but it would be in a diminished form without government participation. "The FBI really comes in when there's been an incident to find out who did it, and they have advice on whether you should pay or not pay your ransom," said Krueger of the school network consortium. A federal role A third concern is the elimination in March of the education Department's Office of Educational Technology. This seven-person office dealt with education technology policies - including cybersecurity. It issued cybersecurity guidance to schools and held webinars and meetings to explain how schools could improve and shore up their defenses. It also ran a biweekly meeting to talk about K-12 cybersecurity across the Education Department, including offices that serve students with disabilities and English learners. Eliminating this office has hampered efforts to decide which security controls, such as encryption or multi-factor authentication, should be in educational software and student information systems. Many educators worry that without this federal coordination, student privacy is at risk. "My biggest concern is all the data that's up in the cloud," said Steve Smith, the founder of the Student Data Privacy Consortium and the former chief information officer for Cambridge Public Schools in Massachusetts. "Probably 80 to 90 percent of student data isn't on school-district controlled services. It's being shared with ed tech providers and hosted on their information systems." Security controls "How do we ensure that those third-party providers are providing adequate security against breaches and cyber attacks?" said Smith. "The office of ed tech was trying to bring people together to move toward an agreed upon national standard. They weren't going to mandate a data standard, but there were efforts to bring people together and start having conversations about the expected minimum controls." That federal effort ended, Smith said, with the new administration. But his consortium is still working on it. In an era when policymakers are seeking to decrease the federal government's involvement in education, arguing for a centralized, federal role may not be popular. But there's long been a federal role for student data privacy, including making sure that school employees don't mishandle and accidentally expose students' personal information. The Family Educational Rights and Privacy Act, commonly known as FERPA, protects student data. The Education Department continues to provide technical assistance to schools to comply with this law. Advocates for school cybersecurity say that the same assistance is needed to help schools prevent and defend against cyber crimes. "We don't expect every town to stand up their own army to protect themselves against China or Russia," said Michael Klein, senior director for preparedness and response at the Institute for Security and Technology, a nonpartisan think tank. Klein was a senior advisor for cybersecurity in the Education Department during the previous administration. "In the same way, I don't think we should expect every school district to stand up their own cyber-defense army to protect themselves against ransomware attacks from major criminal groups." And it's not financially practical. According to the school network consortium only a third of school districts have a full-time employee or the equivalent dedicated to cybersecurity. Budget storms ahead Some federal programs to help schools with cybersecurity are still running. The Federal Communications Commission launched a $200 million pilot program to support cybersecurity efforts by schools and libraries. FEMA funds cybersecurity for state and local governments, which includes public schools. Through these funds, schools can obtain phishing training and malware detection. But with budget battles ahead, many educators fear these programs could also be cut. Perhaps the biggest risk is the end to the entire E-Rate program that helps schools pay for the internet access. The Supreme Court is slated to decide this term on whether the funding structure is an unconstitutional tax. "If that money goes away, they're going to have to pull money from somewhere," said Smith of the Student Data Privacy Consortium. "They're going to try to preserve teaching and learning, as they should. Cybersecurity budgets are things that are probably more likely to get cut. "It's taken a long time to get to the point where we see privacy and cybersecurity as critical pieces,' Smith said. 'I would hate for us to go back a few years and not be giving them the attention they should." Contact staff writer Jill Barshay at 212-678-3595, jillbarshay.35 on Signal, or barshay@ This story about student cybersecurity was written by Jill Barshay and produced by The Hechinger Report, a nonprofit, independent news organization focused on inequality and innovation in education. Sign up for Proof Points and other Hechinger newsletters. The post Trump cuts could expose student data to cyber threats appeared first on The Hechinger Report.
Politico
35 minutes ago
- Politico
Putin will ‘respond' to surprise Ukraine drone strikes, Trump says
President Donald Trump on Wednesday said he spoke with Russian President Vladimir Putin to discuss the recent Ukrainian drone attack that destroyed more than 40 Russian aircrafts and the Russian leader said he will respond to Ukraine's drone strikes. It remains unclear exactly how Russia would respond. In a post to Truth Social, Trump said his phone call with Putin lasted about one hour and 15 minutes. In addition to the most recent Ukrainian attack, Trump said, the two also discussed 'various other attacks that have been taking place by both sides,' as well as Iran and a general understanding that Iran cannot have a nuclear weapon. The post was later deleted. 'It was a good conversation, but not a conversation that will lead to immediate Peace,' Trump wrote. 'President Putin did say, and very strongly, that he will have to respond to the recent attack on the airfields.' According to Ukrainian officials, Sunday's attack on Russia took 18 months to plan. More than 100 aerial drones were smuggled into Russia — including Siberia. The drones were then placed around the perimeter of four Russian air bases. Nearly one third of the Russian bomber fleet was destroyed, according to the Associated Press. The attack came one day before the two nations were scheduled for another round of peace talks. On Iran, Trump said Putin could possibly be involved in ongoing talks. 'President Putin suggested that he will participate in the discussions with Iran and that he could, perhaps, be helpful in getting this brought to a rapid conclusion,' Trump said. 'It is my opinion that Iran has been slow walking their decision on this very important matter, and we will need a definitive answer in a very short period of time!'
