Below is a summary of incidents from over the last months. For the full list, click the download link at the end of this article.
February 2024: Russian hackers launched an espionage campaign against the embassies of Georgia, Poland, Ukraine, and Iran beginning in 2023. Hackers exploited a bug in a webmail server to inject malware into servers at the embassies and collect information on European and Iranian political and military activities.
February 2024: Roughly 190 megabytes of data from a Chinese cybersecurity company were exposed online, revealing the company’s espionage efforts on the governments of the United Kingdom, India, Indonesia, and Taiwan. The leak’s source is unknown.
February 2024: The Royal Canadian Mounted Police suffered a cyberattack against its networks. The RCMP stated it is investigating this “alarming” incident and does not believe it had an impact on its operations or the safety and security of Canadians. It is so far unclear who is behind the attack and if it was a data breach or security incident.
February 2024: U.S. officials hacked an Iranian military spy ship that was sharing intelligence with Houthi rebels who have been firing on ships in the Red Sea. According to U.S. officials, the attack was part of the Biden administration’s response to an Iranian drone stroke that killed three U.S. soldiers in Jordan.
February 2024: A data breach of French health insurance companies in January 2024 affected 33 million French citizens, or nearly half the country’s population. The attack compromised sensitive birth date, social security, and marital status information, but not medical history. The French data protection agency opened an investigation to determine if the companies complied with cybersecurity guidelines under the EU’s General Data Protection Regulations.
February 2024: Chinese spies places malware in a Dutch military network in 2023. The network was not connected to the defense ministry’s main network, which reduced damage. This is the first time the Netherlands has publicly accused China of cyber espionage.
January 2024: Hackers breached Global Affairs Canada’s secure VPN in December 2023, allowing hackers to access sensitive personal information of users and employees. It affected staff emails, calendars, and contacts. It’s unclear if classified information was compromised or lost. The hacker’s identity is currently unknown.
January 2024: Russian hackers launched a ransomware attack against Sweden’s only digital service provider for government services. The attack affected operations for 120 government offices and came as Sweden prepared to join NATO. Sweden expects disruptions to continue for several weeks.
January 2024: Microsoft announced that Russian hackers broke into its corporate systems. Hackers used a “password spray attack” to steal emails and documents from accounts of Microsoft’s senior leadership, cybersecurity, and legal teams back in November 2023.
January 2024: Russian hackers attacked 65 Australian government departments and agencies and stole 2.5 million documents in Australia’s largest government cyberattack. Hackers infiltrated an Australian law firm that worked with the government to gain access to government files.
January 2024: The Australian government identified and sanctioned Aleksandr Ermakov as the Russian hacker who breached Medibank, the country’s largest private health insurance provider, in 2022. He stole information from 9.7 million current and former Medibank customers. This is the first time Australia has issued cyber sanctions against an individual since the framework was established in 2021. The U.S. and UK also sanctioned Ermakov.
January 2024: Russian agents hacked residential webcams in Kyiv to gather information on the city’s air defense systems before launching a missile attack on Kyiv. Hackers changed the cameras’ angles to gather information on nearby critical infrastructure facilities and stream the footage on YouTube. Ukraine has since ordered webcam operators in the country to stop live broadcasts.
Leave a Reply