Geopolitical and Cybersecurity Weekly Brief – 10 May 2021

In the Americas, the administration of US President Joe Biden is now supporting a temporary waiver on intellectual property (IP) protections on COVID-19 vaccines, reversing its previous stance. A cyberattack targeted Colonial Pipeline, which delivers approximately 45 per cent of the East Coast’s fuel, highlighting risks to national critical infrastructure in the US. DarkSide ransomware is believed to have been responsible, raising the possibility of a serious data leak should the ransom demand not be paid.

In Asia, a threat actor thought to be backed by Chinese state interests recently targeted Russia-based defence contractor Rubin Design Bureau in a phishing attack. A Hong Kong court sentenced a leading pro-democracy activist to 10 months in prison in a move likely to draw an overseas response.

In Europe, the EU proposed new rules which include a draft proposal on subsidies that would make it more challenging for non-EU firms receiving state subsidies to acquire EU firms or assets. Belgium experienced a major cyberattack targeting multiple public and academic institutions amid speculation China was responsible. More than 200 Belgian government organisations were affected.

A “seriously shocking failure” resulted in the potential exposure of medical data from the NHS COVID-19 vaccination booking website. The simplicity of the appointment process potentially allowed anyone with a target’s NHS number to view confidential medical data.

In the Middle East and Central Asia, UAE authorities are optimistic that the Expo 2020 Dubai will be able to take place in October following the final participants’ meeting. a new Iranian-sponsored hacking group identified as “Networm” is behind a cyber-attack campaign targeting Israeli companies. New activity linked to an ongoing Iranian state-sponsored cyber-espionage campaign has recently been disclosed. The advanced persistent threat (APT) group known as APT35 has been linked to the attacks through infrastructure overlap. An EMEA organisation was targeted.

In Sub-Saharan Africa, In Chad, the president of the Transitional Military Council appointed a transitional government that will continue to divide the opposition and civil society. The presidents of Kenya and Tanzania met and pledged to improve cooperation and trade ties in a move that will de-escalate political and stability risks.

The UK NCSC has published a joint security advisory with US intelligence regarding changes to the Russian foreign intelligence services’ (SVR) TTPs following April’s security advisory. It speculates that the SVR reacted to the previous advisory by changing its TTPs to avoid further detection. Notably, the group also scanned for Microsoft Exchange servers vulnerable to CVE-2021-26855 which is typically followed by the use of further exploits and the deployment of a web shell.

The Geopolitical and Cybersecurity Weekly Brief is now part of the subscription package of intelligence services provided by Cyjax and our partners A2 Global Risk. In order to get access to the full report, please contact [email protected] or visit our explanatory service page here.

Scroll to Top