Cyber Security

Significant Cyber Incidents for October, November, December 2024

Below is a summary of incidents from over the last months. For the full list, click the download link at the end of this article.

 

November 2024: The United Kingdom’s National Cyber Security Center found a three-fold increase in the most significant cyberattacks compared to a year ago. NCSC provided support for 430 cyberattacks, 89 of which were “nationally significant,” and listed China, Russia, Iran, and North Korea as “real and enduring threats.”

November 2024: Chinese hackers, dubbed Salt Typhoon, breached at least eight U.S. telecommunications providers, as well as telecom providers in more than twenty other countries, as part of a wide-ranging espionage and intelligence collection campaign. Researchers believe the attack began up to two years ago and still infects telecom networks. Attackers stole customer call data and law enforcement surveillance request data and compromised private communications of individuals involved in government or political activity.

November 2024: Chinese spies planted a chip in a former U.S. three-stars general’s conference name tag to track his every move during his time serving in the Indo-Pacific.

November 2024: Iranian hackers have been targeting aerospace, defense, and aviation industries in Israel, the UAE, Turkey, India, and Albania, according to Israeli reports. Hackers pose as recruiters on LinkedIn and distribute malware to victims through fake lucrative job offers to spy on targets and steal sensitive data starting in 2023. The malware and tactics are similar to those of a North Korean hacking group that targeted cryptocurrency exchange-traded funds.

November 2024: South Korean officials accused pro-Russian hackers of attacking civilian and government website, following South Korea’s decision to monitor North Korean troops in Ukraine. Several pro-Russian hacktivists have claimed the attacks, but no final attribution has been made.

October 2024: Russian agents sent emails about bomb threats to nearly 60 Ukrainian embassies worldwide, as well as media outlets and state agencies.

October 2024: Iranian agents are increasing their espionage efforts against government agencies in the United Arab Emirates. Attackers deployed a backdoor to exfiltrate sensitive credentials

October 2024: Russian cybercriminals sent information-stealing malware to an unknown number of Ukrainian draft-age men to undermine Ukraine’s military recruitment efforts.

October 2024: Australia introduced its first national cyber legislation, the Cyber Security Bill 2024. It is the country’s first attempt to codify security standards for ransomware reporting and smart devices and proposes a framework for managing the impact of significant cyber incidents.

October 2024: Chinese hackers have breached at least twenty Canadian government networks over the last four years, according to the Canadian Cantre for Cyber Security (CCCS). CCCS reported that the objectives of the breach include espionage, IP theft, malign influence, and translational repression. The statement comes after CCCS revealed a Chinese threat actor was conducting surveillance scans of Canadian parliamentary and political networks.

October 2024: Russian hackers sent compromised emails disguised to appear as if they were sent from Amazon or Microsoft to infiltrate Ukrainian state and military devices and steal credentials from victims. The scope of the campaign is unknown.

October 2024: Chinese hackers hacked cellphones used by senior members of the Trump-Vance presidential campaign, including phones used by former President Donald Trump and JD Vance as well as people affiliated with the Harris-Walz campaign. It is unclear what data may have been accessed. The FBI is investigating the incident.

October 2024: New reporting reveals Chinese-backed hackers have been conducting large data exfiltration operations against Thailand’s government institutions. Hackers first gained access in 2023 through a brute force attack on a local area network before gaining privileged access and beginning data exfiltration.

October 2024: Ukrainian hackers attacked Russia’s state media company and electronic court document management system on Putin’s birthday. The attack prevented Russian courts from filing lawsuits or viewing court hearing schedules for several days, and it interrupted all streaming services of prominent TV and radio stations in Russia.

== Full List ==

Spring Sale 2020

Leave a Reply

Your email address will not be published. Required fields are marked *