Below is a summary of incidents from over the last months. For the full list, click the download link at the end of this article.
March 2024: A “massive” cyberattack disrupted the African Union’s systems for over a week and infected over 200 user devices, according to the deputy chair of the AU Commission. The cause of the cyberattack is unknown.
March 2024: Iranian hackers compromised an IT network connected to an Israeli nuclear facility. Hackers leaked sensitive facility documents but did not compromise its operational technology network.
March 2024: Russian hackers launched phishing attacks against German political parties. Hackers concealed ransomware in a fake dinner invitation from Germany’s Christian Democratic Union to install a backdoor in their victim’s computer.
March 2024: India’s government and energy sectors was breached in a cyber espionage campaign. Hackers sent a malicious file disguised as a letter from India’s Royal Air Force to offices responsible for India’s electronic communications, IT governance, and national defense. Researchers have not yet determined who conducted the attack.
March 2024: A U.S. Department of Justice indictment revealed Chinese hackers targeted several EU members of the Inter-Parliamentary Alliance on China and Italian MPs. The attack was designed to detect IP addresses and the targets’ locations.
March 2024: Canada pulled its financial intelligence system FINTRAC offline after a “cyber incident” by a currently unidentified attacker. FINTRAC claims the attack does not involve its intelligence or classified systems but declined to disclose further details of the incident.
March 2024: Russian hackers leaked an intercepted conversation between German military officials about the country’s support for Ukraine. In the call, the head of Germany’s Air Force discussed the possibility of supplying Taurus missiles to Ukraine and commented on German Chancellor Olaf Scholz’s hesitance to send the missiles. Germany announced it would investigate the incident and believes the leak was intended to inflame divisions in Germany.
March 2024: Switzerland’s National Cyber Security Centre (NCSC) confirmed that leaded data from a May 2023 breach included 65,000 documents from the Federal Administration. The documents contained sensitive personal data, classified information, and passwords, and were from Switzerland’s federal police, judiciary, and migration offices. Swiss officials had originally assessed that breach only impacted non-government documents.
March 2024: Microsoft claims Russian hackers stole its source code and are continuing to gain unauthorized access to its internal systems as part of their November 2023 campaign to spy on senior Microsoft executives. Microsoft also said attackers increased the volume of their “password spray” attacks by nearly tenfold between January and February 2024. The company did not disclose further details on the source code access or breached internal systems.
February 2024: Russian hackers launched an espionage campaign against the embassies of Georgia, Poland, Ukraine, and Iran beginning in 2023. Hackers exploited a bug in a webmail server to inject malware into servers at the embassies and collect information on European and Iranian political and military activities.
February 2024: Roughly 190 megabytes of data from a Chinese cybersecurity company were exposed online, revealing the company’s espionage efforts on the governments of the United Kingdom, India, Indonesia, and Taiwan. The leak’s source is unknown.
February 2024: The Royal Canadian Mounted Police suffered a cyberattack against its networks. The RCMP stated it is investigating this “alarming” incident and does not believe it had an impact on its operations or the safety and security of Canadians. It is so far unclear who is behind the attack and if it was a data breach or security incident.
February 2024: U.S. officials hacked an Iranian military spy ship that was sharing intelligence with Houthi rebels who have been firing on ships in the Red Sea. According to U.S. officials, the attack was part of the Biden administration’s response to an Iranian drone stroke that killed three U.S. soldiers in Jordan.
February 2024: A data breach of French health insurance companies in January 2024 affected 33 million French citizens, or nearly half the country’s population. The attack compromised sensitive birth date, social security, and marital status information, but not medical history. The French data protection agency opened an investigation to determine if the companies complied with cybersecurity guidelines under the EU’s General Data Protection Regulations.
February 2024: Chinese spies places malware in a Dutch military network in 2023. The network was not connected to the defense ministry’s main network, which reduced damage. This is the first time the Netherlands has publicly accused China of cyber espionage.
January 2024: Hackers breached Global Affairs Canada’s secure VPN in December 2023, allowing hackers to access sensitive personal information of users and employees. It affected staff emails, calendars, and contacts. It’s unclear if classified information was compromised or lost. The hacker’s identity is currently unknown.
January 2024: Russian hackers launched a ransomware attack against Sweden’s only digital service provider for government services. The attack affected operations for 120 government offices and came as Sweden prepared to join NATO. Sweden expects disruptions to continue for several weeks.
January 2024: Microsoft announced that Russian hackers broke into its corporate systems. Hackers used a “password spray attack” to steal emails and documents from accounts of Microsoft’s senior leadership, cybersecurity, and legal teams back in November 2023.
January 2024: Russian hackers attacked 65 Australian government departments and agencies and stole 2.5 million documents in Australia’s largest government cyberattack. Hackers infiltrated an Australian law firm that worked with the government to gain access to government files.
January 2024: The Australian government identified and sanctioned Aleksandr Ermakov as the Russian hacker who breached Medibank, the country’s largest private health insurance provider, in 2022. He stole information from 9.7 million current and former Medibank customers. This is the first time Australia has issued cyber sanctions against an individual since the framework was established in 2021. The U.S. and UK also sanctioned Ermakov.
January 2024: Russian agents hacked residential webcams in Kyiv to gather information on the city’s air defense systems before launching a missile attack on Kyiv. Hackers changed the cameras’ angles to gather information on nearby critical infrastructure facilities and stream the footage on YouTube. Ukraine has since ordered webcam operators in the country to stop live broadcasts.
Leave a Reply