Tag: cyber espionage
Ransomware payments top US$1 billion in 2023
Last year, ransomware payments topped US$1 billion for the first time. According to a report from blockchain analyst firm Chainalysis, in 2023 ransomware gangs reached “an unprecedented milestone” in extorted cryptocurrency payments. “This number does not capture the economic impact of productivity loss and repair costs associated with attacks. This is evident in cases like the ALPHV-BlackCat and Scattered Spider’s bold targeting of MGM resorts. While MGM did not pay the ransom, it estimates damages cost the business over US$100 million,” warns the report.
Nation-state spyware goes mainstream
Commercial surveillance technology targeting smartphones, once the province of spymasters, is now becoming widely available on the open market. It is not only high-profile individuals such as politicians who are now threatened but also business people and ordinary smartphone users. Half of the known zero-day exploits (a previously unknown vulnerability) used against Google and Android devices can be attributed to commercial surveillance vendors (CSVs), according to a new 50-page report from Google, Buying Spying: Insights into Commercial Surveillance Vendors. “The commercial surveillance industry has emerged to fill a lucrative market niche: selling cutting edge technology to governments around the world that exploit vulnerabilities in consumer devices and applications to surreptitiously install spyware on individuals’ devices,” says Google.
Gen Z’ers ditch smartphone services
Silicon Valley has a new problem - a generation that is turning off its digital lifestyle and ditching its smartphones. Gen Z, young people born between 1997 and 2012, have given Silicon Valley’s meticulously planned digital future for humanity a firm thumbs down. Fifty percent of Gen Z’ers are interested in taking a break from their smartphones, while only 20 percent of Boomers, people born from 1946 to 1964, want a break, according to a survey from web-hosting company Squarespace. Last year, smartphone sales shipments dipped by around 70 million units, hitting the lowest shipment level in a decade, driven by falling sales in North America and China. At the same time, the new generation is buying old-school flip phones, nicknamed ‘dumbphones’, in preference to the latest Apple smartphones. According to market researcher Counterpoint Research: “Feature phones in the US market have made a resurgence as Gen Z and millennials are advocating for digital detoxes due to the mental health concerns brought on by smartphones and social media…Given the relatively cheap price point of feature phones ($20-$50 with a prepaid carrier and $50-$100 unlocked), more people are trying out these devices and sharing their experiences on social media.”.
US Sanctions 6 Iranian Officials for Cyber Espionage Attacks – February 5th
The US Treasury Department's Office of Foreign Assets Control (OFAC) announced sanctions placed on six Iranian officials behind cyberattacks on US critical infrastructure entities. The Treasury Department further stated all six officials have strong involvement in US critical infrastructure attacks using Israel-made programmable logic controllers and are suspected to span the water, healthcare, and public sectors.
Critical infrastructure under increased attack
France-based Schneider Electric became the latest utility company to succumb to a ransomware attack on January 17, when some of its business divisions serving several critical industries were taken down. Although access to the system was eventually re-opened on January 31st, the incident underlines the growing seriousness of cyber-attacks aimed at the West’s critical infrastructure. Schnieder Electric has an annual turnover of over 42 billion and employs over 150,000 people. The ransomware attack on Schneider Electric coincides with news that, in the US, the Federal Bureau of Investigation (FBI) has recently neutralized a botnet controlled by a Chinese threat group. The White House had previously authorized the FBI to take down the botnet after federal agencies and private sector researchers had accused cyberespionage gang Volt Typhoon of a major campaign aimed at a wide range of the US’s critical infrastructure.
CISA and EPA Launch Water Sector Cyber Toolkit – February 2nd
CISA and EPA Launch Water Sector Cyber Toolkit Amid the recent string
Iran targets Western journalists
Hackers with close ties to the intelligence arm of Iran’s military, the Islamic Revolutionary Guard, are now personally targeting journalists, professors, and researchers. According to Microsoft, which detected the new activity, Iran is anxious to gather information on the entire range of Western views regarding the ongoing conflict in the Middle East. “Based on the identities of the targets observed in this campaign and the use of lures related to the Israel-Hamas war, this campaign may be an attempt to gather perspectives on events related to the war from individuals across the ideological spectrum,” says Microsoft. The Iran-backed hackers, known as Mint Sandstorm, a composite name used to describe several subgroups of activity with ties to the Islamic Revolutionary Guard, use a range of new techniques. For example, the hackers use legitimate but compromised email accounts to conduct highly planned phishing attacks against key journalists.
Russia-Backed Hackers Infiltrate Microsoft’s Corporate Email System – January 22nd
Microsoft announced on a blog post that the email intrusion attack began in November 2023 and was discovered on January 12th, 2024. Microsoft deduced that the attack originated from a Russian nation-state hacking group. The Microsoft blog post stated the attack gained access to a small percentage of Microsoft corporate email accounts, consisting of Microsoft leadership, security, and IT team members. The incident is still under investigation and reported to the SEC, Microsoft vowed to take any further necessary action while being as transparent as possible.
JP Morgan Chase Combats 45 Billion Cyber Attacks Daily – January 18th
On Wednesday, January 17th, JPMorgan Chase's asset and wealth management division head, Mary Callahan Erdoes, said during the World Economic Forum in Davos that the firm faces a staggering 45 billion breach attempts daily. Mary explained on a panel session that they have more security engineers than Google and Amazon, out of necessity, as threat actors increasingly get "smarter, savvier, quicker, more devious and mischievous."
Geopolitical tensions fuel botnet boom
Recent weeks have seen an exponential rise in malicious botnets performing reconnaissance scanning to scout out victims. According to researchers at cybersecurity firm Netscout, the number of potentially compromised devices rose from around 10,000 to roughly 144,000 over December, with no sign of the trend letting up. “The trend continued into the new year, with the largest spikes occurring on January 5 and 6, eclipsing one million distinct devices. The levels reached an unprecedented 1,294,416 on the 5th,” reports Netscout. The Netscout researchers say that this increased malicious scanning has been isolated to five key countries: The United States, China, Vietnam, Taiwan, and Russia. All have seen a rise in attackers using cheap or free cloud and hosting servers to create botnet launch pads.
Ukrainian Hacking Group Dismantles Russian Telco – January 11th
A source informed Reuters that the Ukrainian spy agency-backed "Blackjack" hacking group successfully deleted 20TB of data from M9 Telecom, massively disrupting their operations. Seemingly coming as a retaliation attack to the "largest telco cyber attack in history" on Ukrainian telco, Kyivstar, the attack on M9 Telecom shut down internet use for thousands in Moscow.
Turkish Cyber Espionage Group Targeting Dutch Orgs – January 9th
Hunt & Hackett uncovered information on “Sea Turtle”, a Turkish-affiliated cyber espionage group that shifted focus to target Netherlands-based organizations. "Sea Turtle" was found to launch politically motivated evasive info-stealing campaigns targeting Dutch government, telco, media, and NGO organizations.