当社従業員が業務上必要なソフトウェアを外部ウェブサイトよりダウンロードしたところ、ランサムウェアの侵入の起点となるソフトウェアが同時にダウンロードされるよう外部ウェブサイトが改竄されておりました。

　その後、３月６日に社内ネットワークへの第三者による不正アクセスを確認いたしました。

Today, we released a report detailing the relentless and destructive Russian cyberattacks we’ve observed in a hybrid war against Ukraine, and what we’ve done to help protect Ukrainian people and organizations. We believe it’s important to share this information so that policymakers and the public around the world know what’s occurring, and so others in the security community can continue to identify and defend against this activity. All of this work is ultimately focused on protecting civilians from attacks that can directly impact their lives and their access to critical services.

The scan methods described above have allowed us to uncover over 18,800,000 IPv4 addresses responding to our Middlebox probes. The country with the highest number of such responses is from China (over 6.3M), followed by Iran (around 5.2M) and Indonesia (over 2.7M).

This joint Cybersecurity Advisory (CSA) was coauthored by cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom: the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), New Zealand National Cyber Security Centre (NZ NCSC), and United Kingdom’s National Cyber Security Centre (NCSC-UK). This advisory provides details on the top 15 Common Vulnerabilities and Exposures (CVEs) routinely exploited by malicious cyber actors in 2021, as well as other CVEs frequently exploited.