QuoIntelligence’s Weekly Intelligence Snapshot for the week of 25 Feb – 3 Mar is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!

Cyber

Threat Actor

Industry impacted: Government, Health Care, Industrials

Kaspersky researchers released a report unearthing a North Korea-linked Lazarus cyber espionage campaign leveraging the     Lazarus Group’s ThreatNeedle backdoor malware. As early as May 2020, the attackers reportedly compromised unnamed entities in the defense sector with COVID-19-themed spear phishing email lures and subsequently exfiltrated data.

On 2 March, Microsoft revealed activity from HAFNIUM, an alleged Chinese government-affiliated threat actor, which utilized zero-day vulnerabilities within Microsoft Exchange Server to view mailboxes and gain persistent access to vulnerable machines. Microsoft noted that the attackers chose a limited set of targets and aimed at facilitating long-term access to victim environments, indicating that the attack was likely highly targeted and had espionage motives.

Rollups
Industry impacted: Government, Industrials, Information Technology, Utilities

• India Reportedly Increasing Cyber Espionage Activity
• Whistleblower Discloses 70 Gigabyte of Far-Right Platform Gab’s Data to Select Researchers and Journalist
• China-linked Group RedEcho Targets Indian Energy Sector
• Security Researcher Discovers Weaponized Spectre Exploit in VirusTotal

Geopolitics

Industry impacted: Government

Relations between India and China worsened in the last months over clashes at their disputed border in the Himalayan region. While border tensions seemed to ease in February, soldiers remain in other disputed border areas. In addition, recent Chinese-sponsored cyberattacks targeting India’s critical infrastructure and vaccine-makers further complicates diplomacy. China-India geopolitical tensions have implications for the global security and cybersecurity landscape, as India is likely to enhance its military and cyber capabilities and seek closer relations with the US and other allies to confront China.

Rollups
Industry impacted: Communication Services, Government

• US Air Strikes Targeting Iranian-Backed Militias in Syria Further Strains US-Iran Relationship, Potentially Impacting Nuclear Deal Talks
• US Removes ‘Safe Harbor Provision’ on Global Digital Tax Deal
• EU and US Sanction Russia Over Navalny Poisoning and Detention

Outlook

Industry impacted: Government

• 4 March – China: Annual ‘Two Sessions’ Gathering of the Chinese People’s Political Consultative Conference (CPPCC) and the National People’s Congress (NPC)