Geopolitical and Cybersecurity Weekly Brief – 2 November 2021

In the Americas, Michigan-based automaker Ford announced it will halt production at its plant in Hermosillo, Sonora state, from 1 to 5 November amid unspecified material shortages. While the union’s statement does not name the materials in short supply, they are highly likely to be semiconductors amid an ongoing global chip shortage which has significantly disrupted automobile production during the COVID-19 pandemic.

On 26 October, the FBI raided the warehouse of one of the biggest electronic payment providers in the world, PAX Technology, located in Jacksonville, Florida, but headquartered in China. The raid stemmed from allegations that the company may have been involved in cyberattacks on organisations based in the US and Europe. The potential attack surface is extremely wide.

In Asia, Taiwan’s President Tsai Ing-wen said in an interview with CNN on 28 October that a small number of US forces are stationed on the island to train with Taiwanese soldiers. China’s foreign ministry spokesman Wang Wenbin responded by saying that ‘Taiwan independence is a dead end, and there will also be no turning back for those who support it’. Meanwhile, the international ratings agency Moody’s Investors Service downgraded Sri Lanka´s foreign debt rating on 28 October, reflecting growing concerns that the country may be unable to meet overseas debt repayments.

The WinDealer malware, which is targeting Korean and Japanese organisations, has been attributed to a new adversary known as the LuoYu group. The malware is used to steal information. LuoYu reportedly targets tech companies, media, educational institutions, and other industries in China, Hong Kong, Japan, South Korea, and Taiwan.

In Europe, business representatives from Taiwan have signed a series of memoranda of understanding with Czech and Slovak officials, focusing on expanding cooperation in online security, the space industry, engineering, investments, and industrial innovations. The visits illustrate the deterioration of ties between the Czech Republic and Slovakia on one side, and China on the other.

In the Middle East and Central Asia, on 26 October, a cyberattack disrupted operations at filling stations across Iran, rendering government-issued electronic cards that Iranians use to buy subsidised fuel at the pump unfunctional. No one has claimed responsibility for the attack and the modus operandi of the incident remains under investigation. A similar attack occurred in July when the Iranian railway system was targeted.

Iranian threat group BlackShadow claims to have successfully compromised Cyberserve, an Israeli data storage company, infiltrating its network, shutting down its servers, and threatening to leak data. This incident comes a few days after a cyberattack targeting Iranian gas pumps caused severe disruption to petrol stations nationwide, forcing a national shutdown.

In Sub-Saharan Africa, US-based money remittance company Western Union (WU) announced on 28 October that it had suspended operations in Sudan two days earlier. The announcement came as the death toll in extensive pro-democracy protests since the coup d’état on 25 October reached 11. WU’s decision underscores broader geopolitical implications after the coup, following similar moves by the World Bank and the US earlier in the week.

Google has recently patched two actively exploited 0day vulnerabilities in its Chrome web browser. Specific technical details of these vulnerabilities have been withheld while users are given the chance to apply the updates.

Scroll to Top