Global Cyber Security Threats

9822278874?profile=RESIZE_400xCybersecurity threats, risks and challenges are often different depending on various international locations.  Cyber-attack targets vary based on local resources and means to exploit vulnerabilities.  Cyber criminals and nation-state attackers zero in on specific nations, companies and organizations for varying incentives.   Additionally, the COVID-19 pandemic amplified and intensified cybersecurity threats.  Since 2019, attackers have launch remote work-enabled attacks or social engineering attacks using COVID-19 fears as the content.  And the pandemic caused supply chain and economic calamities, too.  Below are locations and vulnerabilities presented by SecurityIntelligence.[1]

Africa - Several African countries have very well-developed mobile digital currency systems with millions of users, such as M-Pesa and MFS Africa.  People use these for salaries, food/groceries and transportation in some countries, especially in Kenya.  Cyber-gangs attack these digital systems in attempts to steal money from customers.  While most global vulnerability assessments worry most about data protection, these mobile digital currency systems worry about money protection. 

The urban coastal regions of Africa is also facing a risk from ransomware attempts on its ports.  Ports in South Africa, for example, saw shutdowns in the wake of a major cyber-attack on one of the ports in South Africa.

Regional and international tensions in East Africa and elsewhere provoke cyber-spying cybersecurity threats, most recently using Pegasus spyware.  As of the end of 2020, some 11 African national governments found Pegasus spyware.  They presumed it to be part of spy work from both within the region and from abroad.

Cybersecurity Threats in the Americas - Latin America faces double trouble in that the high use of the Internet and high rates of attacks across the board, but possess low coordination between governments and industry. There is also low public awareness about cyber-crime due to a lack of government programs to educate the public.  The news is led by cybersecurity topics related to the pandemic, which has ushered in wave after wave of scams, ransomware attacks and data breach phishing attacks.  Many of these use COVID-related social engineering content.  One major strain is fear-mongering COVID-related phishing scams, an international concern.  These aim to collect the information the criminals need to commit insurance and identity fraud.  Emails offer stimulus money, access to vaccines and other benefits in exchange for personal information or downloading malware.

The most heavily targeted countries in Latin America are those with the largest economies: Brazil, Mexico, Colombia and Argentina.  Mexico has been hit recently by very large-scale malware attacks against oil giant Pemex as well as the Ministry of Economy.

In Latin America and the Caribbean, state-sponsored attacks tend to spike in advance of international treaties, economic summits and other such events.  The EVILNUGGET malware has been deployed for this purpose, mostly against transportation companies and facilities affected by China’s Belt and Road initiative.

In North America, the US is targeted for all kinds of cybersecurity threats, especially very large-scale state-sponsored attacks like the Solar Winds attack.  These are long-term and very sophisticated.  Attackers could have a wide range of goals, from political and industrial espionage to influencing operations.

Asia - Geopolitical tensions in the region drive state-sponsored influence operations, cyber espionage and targeted financial crimes.  Phishing attacks remain a common entry point for many cyberattacks across Asia.  Tensions between countries drive a large number of cyber threats from both nation-state and non-governmental actors in all countries involved.  Look at China and India, China and Taiwan, India and Pakistan, North Korea and South Korea and, of course, tensions between the US and China, North Korea and Russia.

Also, much of the world’s electronics supply chain infrastructure is in Asia (take note of Taiwan).  So, the global trend of supply chain attack and disruption is acute in the region.  Electronics exporters, like Vietnam and Malaysia, depend on buyers and manufacturers in China, and vice versa.  Plus, the world depends on goods made in China. Disrupting any part of this supply chain slows deliveries, raises prices and applies pressure to all concerned.  Many of these connections involve cooperation and partnership in public and rivalry in private. Rivalries play out through cyberattacks and espionage.

North Korea deserves special mention, as that country has a very robust state-sponsored cyberattack apparatus, propped up by China.  On the other hand, the country has almost no targets for foreign adversaries to hit back due to the lack of development and internet connectivity there.

Eurasia - Turkey and Russia straddle both Europe and Asia.  Many global cybersecurity threats, both state-sponsored and criminal, start from Russia in particular.  In the past year, according to a report from Microsoft, nearly 60% of the world’s observed state-sponsored attacks started with the Russian government, and one-third of the world’s successful cyberattacks from non-state actors also started there.  The new wave of ransomware-as-a-service attacks is mostly a Russian trend.  A disproportionate share of information operations and election-related disinformation campaigns start in Russia as well.

Europe - European hospitals have been drastically affected by dangerous ransomware attacks in Ireland, Germany, France and elsewhere.  Two French hospitals were recently attacked within a week.  These attacks coming after hospitals in seven French cities were hit in 2020 by attackers using the crypto-virus Ryuk dialed up the stress factor.  Due to these hospitals battling COVID-19 and they were at high capacity. The attack on Ireland earlier this year hit the Health Service Executive, which disrupted health care nationwide and forced health care workers to resort to using paper records.

Overall, the number of serious cyberattacks roughly doubled from 2020 to 2021, according to the European Union Agency for Cybersecurity.  Triple extortion ransomware attacks are very much on the rise. The cost of a data breach is exploding in that region.

The Middle East - The Middle East region has more than its fair share of state-sponsored cybersecurity threats.  These aim to disrupt rivals, cause economic hardship and sometimes even cause internal political frictions.  An attack in Iran recently caused major disruptions to consumer gasoline sales.  In apparent response, people breached gasoline signs criticizing the government for the gasoline lines.

Any vulnerability analysis in the Middle East has to take regional conflict into account.  Many of the types and methods of cyberattacks around the world are similar, with malware and ransomware topping the attack vector.  At the same time, the attackers’ goals vary widely. The one thing all of these attacks have in common: they appear all over the globe.

Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization and can help protect your networks with proactive dark web indicators.  For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@wapacklabs.com

Weekly Cyber Intelligence Briefings:

Weekly Cyber Intelligence Briefings:

REDSHORTS - Weekly Cyber Intelligence Briefings

https://attendee.gotowebinar.com/register/3702558539639477516

[1] https://securityintelligence.com/articles/top-cybersecurity-threats-global/

E-mail me when people leave their comments –

You need to be a member of Red Sky Alliance to add comments!