Geopolitical and Cybersecurity Weekly Brief - 14 June 2021

In the Americas,the world’s largest meat supplier, Brazil-headquartered JBS, announced that it had paid hackers approximately USD11m, reportedly in Bitcoin, to end a major ransomware attack affecting its computer networks in North America and Australia.San Francisco-based cloud computing services provider Fastly said that a global internet outage affecting major corporate and government entities was caused by a software bug.CISA, the FBI, and the UK NCSC issued a joint security advisory regarding cyber threat actors from North Korea targeting several pharmaceuticals, vaccine, and virology organisations affiliated with Operation Warp Speed (OWS). These threat actors also target individual staff members at OWS entities via LinkedIn, social media, and email using corporate or personal accounts.In Asia, Chinese authoritiesidentified 291 smartphone applications, including those in Microsoft Office suite, for allegedly misleading or infringing on user privacyfollowing newMinistry of Industry and Information Technologyregulations implemented in May.Washingtonpassed the U.S. Innovation and Competition Act, a bipartisan technology and manufacturing bill to ensure that the country remains competitive against China as a global technological hub.The Security Service of Ukraine (SBU) claims to have obstructed a mass cyberattack by Russian special services.Publicauthorities, local governments, and critical infrastructurewere targeted.The campaign involvedspoofed emails fromthe Kyiv Patrol Police Departmentcontaining a RAT. The malicious softwaregainedremote control of the machine; the C&C servers were located in Russia.In Europe, Spain’slabour and social economy ministry (MITES) said itwastargetedin a cyberattack, highlighting the threat to government ministries.France’sCompetition Authority said that US-based technology firm Google would be fined EUR220 million for abusing its ‘dominant’ position in online advertising.Anewattack campaignutilisinga chain of 0day exploits in Google Chrome and Microsoft Windowswas disclosed. The 0days were reportedly used in April in a wave of highly targeted attacks against multiple companies. These have been linked to a new APT group dubbed PuzzleMaker.The group’s TTPs demonstrate anadvanced, well-resourced and, potentially, state-sponsored threat that usesmultiple methods to evade attribution, detection, and anti-forensic techniques.In the Middle East, anIsrael-based cyber security companyhas reportedly soldsoftware able to hack into Apple iPhones to the Saudi government.Negotiations to revive the Joint Comprehensive Plan of Action (JCPOA, nuclear deal)resumedin Viennaahead of Iran’s 18 June presidential elections.In Sub-Saharan Africa,French President Emmanuel Macronannouncedongoing plans for a ‘profound transformation’ of his country’s bilateral military presence in theSahelregion, particularly with regardto its OperationBarkhane. The Frenchgovernmentalso frozeEUR10 million in budget supportto the CAR‘until further notice’ andsuspendeda military training missionthere.The Geopolitical and Cybersecurity Weekly Brief is now part of the subscription package of intelligence services provided by Cyjax and our partners A2 Global Risk. In order to get access to the full report, please contactinfo@cyjax.com or visit our explanatory service page here.