Geopolitical and Cybersecurity Weekly Brief – 12 April 2021

In the Americas, US President Joe Biden announced gun control measures following a spate of recent mass shootings. Meanwhile, the US government ruled out a federal vaccine passport scheme as the rollout of coronavirus vaccinations has accelerated. Researchers have uncovered a cpuminer being delivered in malicious traffic targeting the US education sector. This could be part of a larger campaign against the US education sector, which is already under immense pressure due to the coronavirus pandemic and attacks from the Pysa and Ryuk ransomware.

The data of 533 million Facebook users has been leaked and is currently being shared across the darknet. Although Facebook claims that the data is several years old, it is still of significant value to cybercriminals and will likely be used, if it is not already, to perpetrate fraud or other malicious activity.

In Asia, a Shanghai Public Security Bureau (PSB) database hack by activists in 2020 has exposed the breadth of surveillance targeting foreign nationals in China. US State Department Spokesman Ned Price said that discussions on joint boycotts of the Beijing 2022 Winter Olympics by the US and its allies are in progress.

Researchers have found what they claim is the first malware to be distributed through AppGallery, the official Huawei app store. 10 different Android.Joker variants were discovered in AppGallery, with a combined 538,000 installs.

In Europe, reports of Russian military build-up near the Ukraine border threatens bilateral tensions. Meanwhile, a Moscow court ordered TikTok to pay a fine over protest-related content authorities consider illegal.

A vulnerability in Fortinet VPNs is being actively exploited by a new human-operated ransomware strain, known as Cring. Threat actors are attempting to compromise companies in the industrial sector in Europe. The Cring ransomware is being distributed as the final payload.

In the Middle East and Central Asia, Iran released a seized South Korean tanker as Seoul vows to help release freezed Iranian funds. Meanwhile, an escalation in clandestine conflict is likely after a mine attack on an Iranian vessel and the capture of an Israeli spy in Iran’s East Azerbaijan province.

In Sub-Saharan Africa, debt relief for highly indebted developing countries (HIDCs) will provide some respite, but a number of underlying headwinds remain. The African Union’s Centres for Disease Control said it was cancelling plans to secure the COVID-19 vaccine produced by British-Swedish pharmaceutical group AstraZeneca.

The Geopolitical and Cybersecurity Weekly Brief is now part of the subscription package of intelligence services provided by Cyjax and our partners A2 Global Risk. In order to get access to the full report, please contact [email protected] or visit our explanatory service page here.

Scroll to Top