Tag: geopolitics
GoldenJackal targets top-secret installations
An as-yet-unidentified group, known only as GoldenJackal with suspected links to the Russian state, is targeting high-security networks that are intentionally isolated from the internet. Confidential data is frequently stored in “air-gapped” computers that do not have an online connection and were, until now, virtually impossible to hack. But cybersecurity firm ESET now reports that GoldenJackal was deploying “a highly modular toolset” against a government organization in a European Union (EU) country between May 2022 and March 2024. This follows similar ongoing attacks on air-gapped systems in Belarus that began in August 2019.
Lebanon pager attack signals new era in cyber warfare
As the whole world is now aware, Beirut was thrown into chaos yesterday by 5,000 exploding weaponized pagers, leaving 900 people dead and a further 300 in critical condition. Iran’s ambassador to Lebanon, Mojtaba Amani, sustained injuries to his face and hand. Lebanon-based Islamist and paramilitary group Hezbollah claims that Israel was responsible. If so, then yesterday afternoon’s event in Beirut will have global repercussions for cyber warfare and targeted cyber-attacks. The idea of weaponizing communications devices is hardly new. Over a decade ago, for example, former US Vice President Dick Cheney disabled a function that allowed the pacemaker regulating his heart to be administered wirelessly. Because he believed terrorists might hack the device to deliver a fatal shock. Israel has also been previously accused of killing Hamas terrorists with booby-trapped cellphones.
India Enlists Army of 5000 “Cyber Commandos”
The Indian Government is upping the ante with its fight against cybercrime. Indian Union Home Minister Shri Amit Shah this week announced the launch of four major platforms under cyber security program Indian Cyber Crime Coordination Center (I4C), including the training of 5,000 “Cyber Commandos,” to counter the increasing threat of cyber-crime. The Cyber Commando Program will create a special wing in every Central Police Organization, aiming to train 5,000 “Cyber Commandos” over the next five years. Trained Commandos will assist Central Agencies in “securing digital spaces”. Other platforms include a national Suspect Registry, a Cyber Fraud Mitigation Center, and an online portal for cyber-crime data analytics and crime mapping.
EU spyware scandal spreads
This week, Poland’s Supreme Court quashed an ongoing probe into spyware abuses allegedly conducted by its own government - claiming it to be “unconstitutional”. Comprehensive new research, published earlier this month by the Atlantic Council’s Digital Forensic Research (DFR) Labs, also now shows that government abuse of spyware is now widespread across the European Union (EU). The findings of DFR Labs’ research provide a truly damning description of the widespread abuse of spyware by governments across Europe, accusing the EU of effectively turning a blind eye to the widespread abuse of its citizens’ rights despite being made aware of the widespread abuses at least two years ago. In 2022, the European Parliament (EP), frustrated by the Commission’s reluctance to tackle the growing scandal, established the PEGA Committee to investigate the misuse of surveillance spyware.
German Intelligence warns of Russian cyber-attacks
The cyber cold war just became a little warmer, with German Intelligence now publicly crying foul on Monday at Russia for online attacks stretching back to 2020. Germany’s Bundesverfassungsschutz has issued a strong warning against a cyber group belonging to Russian military intelligence (GRU) Unit 29155, which was linked to the 2018 poisonings of a former Russian double agent and his daughter in the UK, claiming that the unit has also been active in carrying out cyberattacks against NATO and EU countries.
Brussels backs down on mass surveillance
The European Union (EU) Council has made a last-minute withdrawal of the EU’s highly controversial planned “Chat Control” legislation, which was due to vote yesterday. This would have effectively introduced mass digital surveillance by means of fully automated real-time monitoring of all messaging and chats. The EU would appear to finally have heeded the harsh warnings that have been coming from the cybersecurity and communication sectors since the controversial ruling was first proposed in 2022. For the six months prior to Thursday’s decision, the EU Belgian Council presidency has been sitting on a deadlock between EU countries. Germany and Poland have heeded privacy experts' warnings of a potential police state. But Ireland and Spain are pressing for draconian new online laws to fight a rise in online child sexual abuse material that has grown since the start of Europe’s widespread lockdowns two and a half years ago.
America’s enemies strive to sway the US presidential election
Nations hostile to America, primarily Russia and China, are currently doubling down on their efforts to influence the outcome of the upcoming US elections. So far, their efforts appear to be directed at preventing Donald Trump from winning a second term as president, possibly fearing a Republican victory could herald the US taking a tougher stance on international affairs. According to an extensive nine-page Microsoft threat intelligence report: “Foreign malign influence concerning the 2024 US election started off slowly but has steadily picked up pace over the last six months due initially to Russian operations, but more recently from Iranian activity.”
The West braces for massive Russian cyber offensive
Russia is believed to be planning widespread cyber-attacks on the West in part retaliation for Ukraine’s cyber-attack, which recently crippled Russia’s financial services. “In retaliation to NATO support for Ukraine, cyberwarfare coinciding with the ongoing Russia-Ukraine conflict will likely include focused state-level attacks against Western critical and military sectors launched by Moscow’s hacker groups,” says Craig Watt, a consultant specializing in strategic and geopolitical intelligence at cybersecurity firm Quorum Cyber.
Ukraine takes down Russia’s financial services
Hackers from Ukraine’s Main Intelligence Directorate claim to have effected one of the largest Distributed Denial-of-Service (DDoS) attacks in history, derailing Russia’s financial services. According to the Kyiv Post, the attack compromised the online services of all major Russian banks, including the Central Bank, telecommunications service providers, national payment systems, social networks and messengers, government resources, and dozens of other services. The affected Russian financial institutions are reported to include VTB Bank, Alfa Bank, SberBank, Raiffeisen Bank, RSHB Bank, Ak Bars Bank, Rosbank, Gazprombank, Tinkoff Bank, iBank, Dom.RF Bank, and the Bank of Russia. On the last day of the attack, the resources of the Russian Ministry of Defense, the Ministry of Internal Affairs. The Federal Tax Service was also reported to have been affected.
Cyber-piracy on the high seas
Escalating geopolitical instability in the South China Seas and The Red Sea are being seen as the root cause behind a rapid rise in cyber-attacks on commercial shipping, as well as a sharp increase in cyber-assisted piracy. “The risk has escalated significantly in the past year due to heightened geopolitical tensions and increased cyber capabilities of threat actors…The average cost per data breach now exceeds $545,000 for a shipping organization,” says Freight Right Global Logistics CEO Robert Khachatryan. According to C. Todd Doss, Senior Managing Director at Guidepost Solutions: “Over the past year, these risks have escalated notably. Reports indicate that cyber-attacks on maritime infrastructure and vessels increased by over 20% in 2023 compared to the previous year .”
Exclusive: CrowdStrike crash is only the beginning…
The famous “blue screen of death,” witnessed with horror by 8.5 million Microsoft Windows users worldwide as a result of the ongoing CrowdStrike outage, may soon become a far more familiar sight across a wide range of sectors. While there is no evidence that the widespread Microsoft Windows outage caused by the CrowdStrike upgrade was anything but accidental, many in the cybersecurity industry are seeing the past week’s experience as a dummy run for a full-fledged cyber-attack aimed at crippling critical infrastructure. As the current media pictures of people sleeping in airports testify, some sectors appear to be faring better than others.
Exclusive: Hostile nations ramp up attacks on US infrastructure
Recent reports that ransomware attacks on industrial organizations increased by over 50 percent in 2023 represent only “the tip of the iceberg.” According to operational technology (OT) cybersecurity company IXDen, critical infrastructure across the US is being attacked at unprecedented levels. “The vast majority of cyber breaches of critical infrastructure such as water and power facilities go unreported, although a precise figure is impossible to gauge. Those that are reported in the media are only the tip of the iceberg. OT attacks on private businesses are not reported at all, and in public organizations, they are rarely reported,” says IXDen CEO and Co-Founder Zion Harel.