QuoIntelligence’s Weekly Intelligence Snapshot for the week of 25 Feb – 3 Mar is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!
Cyber
Threat Actor
Industry impacted: Government, Health Care, Industrials
Kaspersky researchers released a report unearthing a North Korea-linked Lazarus cyber espionage campaign leveraging the Lazarus Group’s ThreatNeedle backdoor malware. As early as May 2020, the attackers reportedly compromised unnamed entities in the defense sector with COVID-19-themed spear phishing email lures and subsequently exfiltrated data.
On 2 March, Microsoft revealed activity from HAFNIUM, an alleged Chinese government-affiliated threat actor, which utilized zero-day vulnerabilities within Microsoft Exchange Server to view mailboxes and gain persistent access to vulnerable machines. Microsoft noted that the attackers chose a limited set of targets and aimed at facilitating long-term access to victim environments, indicating that the attack was likely highly targeted and had espionage motives.
Rollups
Industry impacted: Government, Industrials, Information Technology, Utilities
- India Reportedly Increasing Cyber Espionage Activity
- Whistleblower Discloses 70 Gigabyte of Far-Right Platform Gab’s Data to Select Researchers and Journalist
- China-linked Group RedEcho Targets Indian Energy Sector
- Security Researcher Discovers Weaponized Spectre Exploit in VirusTotal
Geopolitics
Industry impacted: Government
Relations between India and China worsened in the last months over clashes at their disputed border in the Himalayan region. While border tensions seemed to ease in February, soldiers remain in other disputed border areas. In addition, recent Chinese-sponsored cyberattacks targeting India’s critical infrastructure and vaccine-makers further complicates diplomacy. China-India geopolitical tensions have implications for the global security and cybersecurity landscape, as India is likely to enhance its military and cyber capabilities and seek closer relations with the US and other allies to confront China.
Rollups
Industry impacted: Communication Services, Government
- US Air Strikes Targeting Iranian-Backed Militias in Syria Further Strains US-Iran Relationship, Potentially Impacting Nuclear Deal Talks
- US Removes ‘Safe Harbor Provision’ on Global Digital Tax Deal
- EU and US Sanction Russia Over Navalny Poisoning and Detention
Outlook
Industry impacted: Government
- 4 March – China: Annual ‘Two Sessions’ Gathering of the Chinese People’s Political Consultative Conference (CPPCC) and the National People’s Congress (NPC)