This is not a political forum so I'm going to avoid editorializing, but a lot of sources I'm seeing are talking about the war in Europe may affect the software community thanks to randsomware and other attacks. These threats were already on the rise and seem unlikely to fade. What would normally represent a limited exchange between groups seems likely expand.
The best way to protect yourself? Right now it looks like good backups. You get extra points if you use something that's independent, off-site, and allows versioning. But copy-pasting all your files to an external hard drive once a month couldn't hurt. We have lots of options here -- I happen to like Bvckup2.
Other standard suggestions for good security still apply:
Don't trust links - If they were sent to you in a text or email, take the initiative to call/login directly to the service. In particular, I'm seeing lots of recommendations avoid donation requests and instead go to the associated service (e.g. the International Red Cross) and donate there.
Enable two-factor logins - It's tedious but safer.
Disconnect devices - From the internet when not in active use.
Don't trust links - If they were sent to you in a text or email, take the initiative to call/login directly to the service. In particular, I'm seeing lots of recommendations avoid donation requests and instead go to the associated service (e.g. the International Red Cross) and donate there.
IMHO, this point cannot be emphasized enough. Do NOT ever click through links in text or emails. Type the URL into the address bar of the browser. Even googling for the name and clicking through is tons safer than clicking through SMS/email links.
Reliance on digital only systems is making the online environment even harsher, as bad actors wage an all out war against any deterrence measures.
E.g., I just found this:
Daxin is one of the most advanced backdoors ever seen deployed by Chinese actors. One point of differentiation in Daxin is its form, which is a Windows kernel driver, an atypical choice in the malware landscape. Its stealthiness comes from its advanced communication features, which mix its data exchange with regular internet traffic.
Daxin does this by monitoring network traffic on a device for specific patterns. Once these patterns are detected, it will hijack the legitimate TCP connection and use it to communicate with the command and control server. By hijacking TCP communications, the Daxin malware can hide malicious communication in what is perceived as legitimate traffic and thus remain undetected.
Daxin also stands out due to its capability to establish intricate communication pathways across multiple infected computers at once, using a single command to a set of nodes. This allows the threat actors to quickly re-establish connections and encrypted communication channels in well-guarded networks. At the same time, while the nodes are active and serve as relay points, the chances of the malicious traffic being marked as suspicious are kept at a minimum.
