Tessian Threat Intel Roundup for April 2022

Tessian Cloud Email Security intelligently prevents advanced email threats and protects against data loss, to strengthen email security and build smarter security cultures in modern enterprises.

Tessian Threat Intel introduces our key threat intelligence themes and topics we have been tracking for the month of April 2022.  The key theme this month focussed on Ukraine-related cyber threat campaigns. We expect nation-state related attacks to escalate in the wake of the Russia invasion. Recommendations for staying include following best practice as outlined by CISA  and NIST. Be sure to sign-up for our Threat Intel update to get this monthly update straight to your inbox.

• Phishing campaigns escalated in the wake of the Ukraine invasion
• Ukrainian themed QR code crypto currency donation fraud featured prominently in phishing campaigns in the wake of the invasion
• Ramp-up of cyber retaliation by Russia against western countries and targets is expected in the coming weeks
• The Ukraine invasion is among the first inter- nation-state conventional conflicts to feature a cyber-war (hybrid war) component
• In order to disrupt nation-state campaigns in Ukraine, public-private partnerships as demonstrated by Microsoft will be key in addressing this threat vector
• The cyber insurance industry, already in choppy waters before the Ukraine invasion, is set for further turmoil concerning coverage limitations and premiums
• LinkedIn is now the most popular brand for impersonation in phishing attacks

• Tessian Threat Intel have noted a significant escalation of phishing threats in the wake of the Ukraine invasion
• We take the view along with our colleagues that Russian affiliated APT groups are expected to escalate their attacks on countries allied with Ukraine, with the US, the UK, and the EU key targets in this regard
• Nation-state cyber attacks are expected to feature more prominently in conventional nation-state conflict based on recent outcomes from the Ukraine invasion 
• Cyber insurance premiums have doubled over the past 12 months, while coverage has dramatically been reduced
• A number of leading cyber insurance providers have recently amended their policy coverage to reflect this changing geopolitical risk landscape to specifically exclude acts of war

• Threat actors take advantage of key events including conflict and natural disaster events as we witnessed during the recent pandemic
• Having dedicated executive support and resourcing for cybersecurity programs in the enterprise as outlined by CISA  is essential
• Defense in depth is key to reducing the likelihood of a successful breach
• Leveraging Threat Intel insights from your peers and from the cybersecurity vendor community is an important component to keeping aware of the rapidly evolving threatscape
• Cyber insurance is quickly becoming unaffordable to most small and medium sized companies. This may result in tough trade-offs for firms. Bottom line: Making strategic investments in cybersecurity programs is more important than ever.

To see how Tessian prevents ransomware attacks, and protects against DLP, watch a product overview video, download our platform architecture whitepaper, or book a demo.

For the latest cybersecurity news and articles, sign up for our newsletter, and follow us on Twitter and LinkedIn