Geopolitical and Cybersecurity Weekly Brief – 15 November 2021

In the Americas, US President Joe Biden announced a one-year extension to a ban on US investments in some Chinese companies owned or controlled by China’s military. The move, which extends a policy first imposed by the Trump administration, affects 59 Chinese firms including telecoms giant Huawei, chipmaker SMIC, and oil group CNOOC.

Multinational wholesale retailer Costco has advised customers of a security breach in which it was discovered that a card skimming device had been planted in one of the organisation’s warehouses. It is believed the information stolen may have included cardholder names, card numbers, expiration dates and CCV numbers.

In Asia, the Chinese military said that it had carried out a combat readiness patrol in the direction of the Taiwan Strait on 9 November. The patrol came after China’s defence ministry condemned the arrival in Taiwan of a US congressional delegation in a military aircraft. The Chinese Communist Party (CCP) on 12 November passed what it termed a ‘historical resolution’ that is expected to result in President Xi Jinping securing an unprecedented third term as party leader at a meeting due to be held in November 2022.

In Europe, the Russian government has fined technology firms Alphabet Inc. – Google’s parent company – and Telegram for failing to remove content considered illegal by authorities. Alphabet was ordered to pay RUB2 million (EUR24,220), while Telegram was fined RUB4 million on 8 November. Meanwhile, several high-ranking EU officials called for a range of sanctions against Belarus on 8 November amid rising tensions along the Belarus-Poland border. Polish officials tightened security around the border with Belarus on 8 November after a large group of migrants attempted to cross.

Europol has announced the arrest of multiple individuals associated with the @REvil Ransomware-as-a-Service (RaaS) group. These individuals were allegedly responsible for approximately 5,000 REvil infections, earning around €500,000 in total. Moreover, the US Department of Treasury has sanctioned two individuals linked to the REvil attack on Kaseya

In the Middle East and Central Asia, on 10 November, Saudi air defences intercepted three ballistic missiles allegedly launched by the Houthi non-state armed group in Yemen. The Houthis claimed that the missiles impacted a military installation operated by the First Regiment in Dhahran Al-Janub in the southern province of Asir. On 12 November, Accenture’s Cyber Threat Intelligence group and Prevaillion’s Adversarial Counterintelligence Team, reported that the Iranian cyber-espionage group, identified as Lyceum (aka Hexane), attacked a Moroccan internet service provider (ISP) and another telecommunications company from July to October.

In early October 2021, six devices belonging to six Palestinian human rights defenders were compromised with Pegasus, a spyware developed by the Israeli cyber-surveillance company NSO Group.

In Sub-Saharan Africa, Sudan’s de facto head of state General Abdel Fattah al-Burhan on 11 November appointed himself at the helm of a new interim cabinet, or Transitional Sovereign Council (TSC), which retains most of the military leaders in the former government but replaces most civilian members, with one exception. Following an extraordinary summit over the weekend of 6-7 November, the Economic Community of West African States (ECOWAS) on 7 November toughened its sanctions on Guinea and Mali

Scroll to Top