Geopolitics and Cybersecurity Weekly Brief – 9 August 2021

In the Americas, the US Securities and Exchange Commission (SEC) announced that Chinese firms and businesses with significant China-based operations will face additional regulatory reviews when seeking to raise funds on US markets. US President Joe Biden announced that Hong Kong residents currently in the US will be allowed to stay for 18 months amid Washington’s concern over anti-democratic developments in Hong Kong.

Between January and July this year, APT31 reportedly launched a global intrusion campaign targeting governments in Mongolia, the US, Canada, Belarus, and Russia. Other than government entities, organisations attacked by the group include firms in the aerospace and defence sector, as well as financial services, technology, telecoms, and media entities. At least 10 different attacks were detected during this six-month-long spear-phishing campaign.

In Asia, Chinese state-backed cyberthreat actors targeted at least five global telecommunications firms across Southeast Asia, according to a report. Ties between Australia and China are set to worsen as Australia’s Foreign Minister said her government was unable to meet China’s conditions to resume bilateral talks.

A cyber-espionage campaign is targeting Southeast Asian Critical National Infrastructure. Among the targets were water, power, communications and defence organisations. Researchers have not identified a particular threat group; however, they have tentatively attributed the attacks to an as-yet-undisclosed Chinese threat group.

In Europe, a group of unidentified hackers have targeted the official website for booking coronavirus (COVID-19) vaccinations in the Lazio region of Rome. Online retailers in Russia will have to disclose ranging algorithms under planned regulations.

In the Middle East and Central Asia, Israeli defence minister Beni Gantz issued a stern warning to Iran, threatening to strike the country in response to a recent drone attack on the Israeli oil tanker, MV Mercer Street, in the Gulf of Oman. In the UAE, a number of fake flight ban warnings are circulating on social media platforms, pertaining to the suspension of flights on Abu Dhabi-based Etihad Airways from India, Pakistan, Bangladesh and Sri Lanka.

A spear-phishing campaign that was initially detected in July has been targeting the defence and aerospace sectors in Pakistan. The attacks begin with a malicious email purporting to be official communication from the government, enclosed in a weaponised Word document.

In Sub-Saharan Africa, state-owned transport and logistics operator Transnet is due to lift its force majeure declaration following a ransomware attack.

Scroll to Top