In the Spotlight this Week:
A hacker stole USD625 million from the blockchain behind NFT game Axie Infinity
General insurers laud Australian Federal Budget for measures on resilience and cyber investment
Singapore, US to establish dialogue to strengthen cooperation in cyber security
Singapore rolls out cyber security certification scheme
Ukrainian telecom company's internet service disrupted by 'powerful' cyber attack
Roughly USD625 million worth of cryptocurrency has been stolen from Ronin, the blockchain underlying popular crypto game Axie Infinity. Ronin and Axie Infinity operator Sky Mavis revealed the breach on Tuesday and froze transactions on the Ronin bridge, which allows depositing and withdrawing funds from the company’s blockchain.
Sky Mavis says it’s working with law enforcement to recover 173,600 Ethereum (currently worth around USD600 million) and 25.5 million USDC (a cryptocurrency pegged to the US dollar) from the culprit, who withdrew it from the network on March 23rd. The attack focused on the bridge to Sky Mavis’ Ronin blockchain, an intermediary between Axie Infinity and other cryptocurrency blockchains like Ethereum. Users could deposit Ethereum or USDC to Ronin, then purchase non-fungible token items or in-game currency, or they could sell their in-game assets and withdraw the money.
The federal government delivered its 2022-23 Budget yesterday which allocates AUD268m (USD201m) in related measures to better protect Australians from the impacts of extreme weather and improve protection against cyber attacks.
Welcoming the Budget provisions, the Insurance Council of Australia (ICA) notes that under the Emergency Management Fund, the Government has committed AUD150m per annum for recovery and post-disaster efforts over the next two years. An additional AUD116.4m has been provided to the Black Summer Bushfire Recovery Programme, funding 524 community projects with total programme investment of AUD390m.
The ICA also welcomes the government’s AUD9.9bn investment over 10 years to boost the nation’s capacity to prevent and respond to cyber threats.
This follows the release of an Insurance Council report on 28 March, titled "Cyber Insurance: Protecting our way of life in a digital world", which highlights the challenges to maintaining and developing a cyber insurance market to support Australian individuals, businesses and organisations operating in a digital economy.
The United States-Singapore Cyber Dialogue, as it is called, will involve senior government officials from the cyber operational, technical and policy units of various agencies coming together “to discuss and move forward existing practical bilateral cooperation”.
The dialogue will be held annually, or as determined by US and Singapore. The co-chairs of the dialogue and level of representation from both countries will be decided at a later date.
Singapore's Prime Minister Lee Hsien Loong, in the US for a working visit, issued a joint statement with US President Joe Biden following a meeting in the White House.
In the statement, the leaders said both countries have a "strong and growing partnership" on cyber security.
Singapore's Cyber Security Agency (CSA) has launched a new cyber security certification scheme to recognize organizations with good cyber security practices.
Comprising two cyber security marks, Cyber Essentials and Cyber Trust, the scheme was developed in consultation with certification practitioners, technology providers and trade associations, taking into consideration the organizational profiles and operational needs of enterprises in Singapore.
Cyber Essentials is aimed at helping small and medium-sized enterprises (SMEs), which tend to have limited cyber security resources, adopt cyber security measures to protect their systems such as data backups, access controls and incident response.
Ukraine's state-owned telecommunications company Ukrtelecom experienced a disruption in internet service on Monday after a "powerful" cyberattack, according to Ukrainian government officials and company representatives. The incident is the latest hacking attack against Ukrainian internet services since Russian military forces invaded in late February.
"Today, the enemy launched a powerful cyberattack against Ukrtelecom’s IT-infrastructure," said Yurii Shchyhol, chairman of the State Service of Special Communication and Information Protection of Ukraine. "The attack was repelled. And now Ukrtelecom has an ability to begin restoring its services to the clients."
"Currently, the attack is repulsed, the provision of services is gradually resumed," said Ukrtelecom spokesperson Mikhail Shuranov.
Subscribe Here to receive Blackpanda thought leadership, webinar invitations, and cyber intelligence direct to your inbox.