Below is a summary of incidents from over the last year. For the full list, click the download link at end of this article.
March 2022. Hackers used a DDoS attack to shut down the National Telecommunications Authority of the Marshall Islands. The attack disrupted internet services on the Islands for over a week.
March 2022. Pakistani government-linked hackers targeted Indian government employees in an espionage operation. The group also created fake government and military websites to deliver malware to their targets.
March 2022. An attack on a satellite broadband service run by the American company Viasat disrupted internet services across Europe, including Ukrainian military communications at the start of the Russian invasion. The attackers hacked satellite modems belonging to thousands of Europeans to disrupt the company’s service.
March 2022. Hackers penetrated the websites belong to multiple Russian agencies including the Energy Ministry, the Federal State Statistics Service, the Federal Penitentiary Service, and the Federal Bailiff Service. The websites displayed several anti-government and anti-invasion images and messages before the agencies were able to expel the attackers.
March 2022. The U.S. Department of Justice charged four Russian government employees involved in hacking campaigns that took place between 2012 and 2018. The hacks targeted critical infrastructure companies and organizations largely in the energy sector. The hackers sought to install backdoors and deploy malware in the operational technology of their targets.
March 2022. Hackers defaced and disrupted several Russian government and state media websites, according to the Russian Ministry of Digital Development and Communications. The Emergency Situations Ministry website was hacked, and the attackers wrote messages encouraging Russian soldiers to defect. Tass, a state-run news agency, was also penetrated and hackers displayed a call for people to “take to the streets against the war.”
March 2022. The National Research Council, Canada’s biggest state-funded research agency, shared that hackers penetrated its networks. An announcement on the Council’s website explained that parts of its online presence were taken offline as a result of this incident.
March 2022. Hackers linked to the Chinese government penetrated the networks belonging to government agencies of at least 6 different U.S. states in an espionage operation. Hackers took advantage of the Log4j vulnerability to access the networks, in addition to several other vulnerable internet-facing web applications.
March 2022. Hackers used a DDoS attack to target a major Israeli telecommunication provider. As a result, multiple Israeli government websites were taken offline.
February 2022. Researchers identified campaigns by two North Korean government-backed groups targeting employees across numerous media, fintech, and software companies. The hackers used phishing emails advertising fake job opportunities and exploited a vulnerability in Google Chrome to compromise the companies’ websites and spread malware.
February 2022. The websites of the Ukrainian Cabinet of Ministers and Ministries of Foreign Affairs, Infrastructure, and Education were disrupted in the days before Russian troops invaded Ukraine. Wiper malware was also used to penetrate the networks of one Ukrainian financial institution and two government contractors.
February 2022. A Beijing-based cybersecurity company accused the U.S. National Security Agency of engineering a backdoor to monitor companies and governments in over 45 countries around the world. A Foreign Ministry spokesman said that operations like this may threaten the security of China’s critical infrastructure and compromise trade secrets.
February 2022. On February 15, a DDoS attack knocked websites belonging to the Ukrainian Defense Ministry and two of the country’s largest banks offline. The U.S. and the UK attributed the attack to the Russian GRU. The Ukrainian Cyber Police claimed that the attack was connected to another “information attack” where Ukrainian citizens received spam text messages claiming that ATMs were not working.
February 2022. A Beijing-based cybersecurity company accused the U.S. National Security Agency of engineering a back-door to monitor companies and governments in over 45 countries around the world. A Foreign Ministry spokesman said that operations like this may threaten the security of China’s critical infrastructure and compromise trade secrets.
February 2022. A Pakistani group deployed a remote access trojan to conduct espionage against Indian military and diplomatic targets. The group generally uses social engineering and/or USB-based worms to penetrate a network.
February 2022. An Iranian-linked group conducted espionage and other malicious cyber operations against a range of private companies and local and federal governments.
February 2022. Kremlin-linked threat actors hacked into numerous defense contractors between January 2020 and February 2022. The hackers collected and exfiltrated emails and sensitive data relating to the companies’ products and information and interactions with foreign governments.
February 2022. Multiple oil terminals in some of Europe’s biggest ports across Belgium and Germany fell victim to a cyberattack, rendering them unable to process incoming barges. A ransomware strain associated with a Russian-speaking hacking group was used to disrupt the ability of energy companies to process payments.
February 2022. Since October 2021, a hacking group targeted Palestinian individuals and organizations with malware. Researchers suggest that the operation could be connected to a broader campaign by a hacking group commonly attributed to the cyber arm of Hamas that started in 2017.
February 2022. A U.N. report claimed that North Korea hackers stole more than $50 million between 2020 and mid-2021 from three cryptocurrency exchanges. The report also added that in 2021 that amount likely increased, as the DPRK launched 7 attacks on cryptocurrency platforms to help fund their nuclear program in the face of a significant sanctions regime.
February 2022. An investigation led by Mandiant discovered that hackers linked to the Chinese-government compromised email accounts belonging to Wall Street Journal journalists. The hackers allegedly surveilled and exfiltrated data from the newspaper for over two years beginning in at least February 2020.
February 2022. The networks of the U.K. Foreign Office were penetrated by hackers. All details of the incident remain confidential.
January 2022. A Belarusian hacktivist group accessed the networks of state-owned Belarusian Railway. The group encrypted the majority of the Railway’s servers and destroyed data held on a backup server, possibly to complicate Russian troop movements throughout the country.
January 2022. A Chinese hacking group breached several German pharma and tech firms. According to the German government, the hack into the networks of service providers and companies was primarily an attempt to steal intellectual property.
January 2022. Hackers shut down internet traffic to and from North Korea twice in two weeks from what researchers say was likely a series of DDoS attacks. The second attack came just after North Korea’s 5th missile test of the month.
January 2022. Hackers breached the Canadian Foreign Ministry, hampering some of the Ministry’s internet-connected services. The hack came a day after the government issued a warning to bolster network security in anticipation of Russia-based cyberattacks on critical infrastructure.
January 2022. A series of DDoS attacks targeted a high-stakes Minecraft tournament and ended up impacting Andorra Telecom, the country’s only internet service provider. The attack disrupted 4G and internet services for customers.
January 2022. The Informatic Directorate of the Greek Parliament identified an attempt to hack into 60 parliamentary email accounts. In response, authorities temporarily shut down the mailing system in the legislature.
January 2022. An Australian spokesman accused WeChat of taking down Prime Minister Scott Morrison’s account and redirecting users to a website that provides information for Chinese expatriates. The Government claims that they first encountered problems posting to the Prime Minister’s account in mid-2021.
January 2022. Hackers breached systems belonging to the International Committee of the Red Cross, gaining access to data on more than 500,000 people and disrupting their services around the world.
January 2022. A cyberattack targeted the Ukrainian government, hitting 90 websites and deploying malicious software masquerading as ransomware to damage dozens of computers in government agencies.
January 2022. Hackers attacked several Israeli media outlets, including Maariv and the Jerusalem Post, posting threatening messages on their websites. One message stated “we are close to you where you do not think about it” in English and Hebrew.
January 2022. A DRPK-affiliated group targeted multiple Russian diplomats with malware. The diplomats received an email disguised as a New Year greetings screensaver but which, after being opened, installed a remote access trojan.