Below is a summary of incidents from over the last months. For the full list, click the download link at the end of this article.
September 2024: Chinese hackers have been conducting an ongoing cyber espionage campaign against Middle Eastern government entities that published human rights studies related to the Israel-Hamas War. The campaign was discovered in June 2024 after researchers discovered malware implants that were designed to ultimately deliver a malware implant.
September 2024: Russian cyber spies conducted an espionage campaign against Mongolia’s Ministry of Foreign Affairs and Cabinet websites. The spies added malicious code to the websites to exfiltrate a victim’s browser cookies. Attackers used the same exploits as those sold by commercial surveillance vendors such as NSO Group and Intellexa, but it is unknown if these companies knowingly sold their exploits to the Russian government, according to reports.
August 2024: U.S. government officials blamed Iranian hackers for breaking into Donald Trump’s presidential campaign. Hackers also attempted to break into the then-Biden-Harris campaign, then offered to share the stolen Trump campaign documents with the campaign, but were ignored. The attack comes as U.S. officials raise warnings about potential foreign interference in the upcoming U.S. election from Russia, China, Iran, and North Korea.
August 2024: The United Nations unanimously approved its first treaty on cybercrime. The treaty will face a General Assembly vote in the fall.
August 2024: Russian cyber criminals are deploying malware against diplomats through a used-car email scheme. The attackers embed a file supposedly with images of a used car in their email, but the file contains backdoor malware that established persistent access for attackers to engage in for follow-on data theft, reconnaissance, and surveillance activities.
July 2024: South Korea’s military is investigating the leak of highly sensitive information on Seoul’s espionage activities and issued an arrest warrant for a suspect. The information included personal data on Seoul’s non-official agents conducting undercover espionage overseas. The information was transferred to the suspect’s personal laptop before being leaked. Lawmakers said the leak was first discovered in June and was not the result of a hack.
July 2024: A faulty software update for Microsoft Windows issues by cybersecurity firm CrowdStrike caused a global IT outage that disrupted airline and hospital operations. It affected approximately 8.5 million machines and cost Fortune 500 companies $5.4 billion, according to reports.
July 2024: Germany accused China of directing a “serious” cyberattack against Germany’s Federal Office for Cartography and Geodesy (BKG), which conducts precision mapping of the entire country, in 2021. The findings come at the end of a three-year investigation into the incident and as Germany plans a rip-and-replace project for Chinese telecommunications infrastructure in Germany over security concerns.
July 2024: Australia, the United States, Canada, the United Kingdom, Germany, Japan, South Korea, and New Zealand issued a warning about malicious Chinese state-sponsored cyber activity in their networks. It marked the first time South Korea and Japan joined with Australia to attribute malicious cyber actions to China, and the first time Australia led a cyber attribution effort against China.
Leave a Reply