GEOPOLITICAL AND CYBERSECURITY RISK WEEKLY BRIEF 22 MARCH 2021

22 March 2021

EXECUTIVE SUMMARY

In the Americas, the US announced plans to send 4 million doses of the Oxford-AstraZeneca coronavirus vaccine to Canada and Mexico. Meanwhile, eight people, including six women of Asian descent, were killed on 16 March in shootings at three spas in the greater Atlanta, Georgia, area.

In Asia, the US government imposed new financial sanctions on at least 24 Hong Kong and mainland Chinese officials to reflect Washington’s concerns over what it views as their role in eroding political and social autonomy in the territory. Court hearings for Canadians detained in China will worsen safety concerns and tensions.

Two major Asian firms were hit by data breaches this week. Taiwanese electronics and technology corporation Acer, the world’s sixth largest PC vendor, was hit by the REvil (also known as Sodinokibi) ransomware: the malware operators demanded the largest ransom amount in history (USD50 million). The other significant breach victim was Nikkei Asia, the world's largest financial newspaper. Starting in October 2020, an unauthorised third party accessed some Nikkei China (Hong Kong) email accounts. Subscribers to Nikkei's international edition, web edition, or Nikkei Asia under contracts with Nikkei China, were affected.

In Europe, the European Commission outlined proposals for the EU ‘Digital Green Certificate’ to improve cross-border travel for the summer. Russian regulator Roskomnadzor threatened to temporarily block US-based social media firm Twitter if it fails to remove banned content. In late-December 2020, officials in Finland revealed that a cyberattack had targeted some parliament email accounts and several were compromised. The attack was first detected in the autumn of that year and was being analysed by the Finnish National Bureau of Investigation at the time of the revelation in late-December. Chinese state-sponsored threat group APT31 has now been linked to this attack.

In the Middle East and Central Asia, Armenian Prime Minister Nikol Pashinyan announced that snap elections will be held on 20 June amid mounting demands for his resignation. In Iran, authorities charged a French tourist with two counts of espionage and propaganda against the Islamic Republic amid elevated tensions with Western countries.

In Sub-Saharan Africa, the White House said it was sending US Senator Christopher Coons to meet with Ethiopia’s Prime Minister Abiy Ahmed to communicate President Joe Biden’s ‘grave concerns’ about the Tigrayan crisis. In Tanzania, the death of President John Magufuli raises the risk of instability.

The FBI has released its annual internet crime complaints center (IC3) report for 2020. Some interesting changes compared to the previous year (2019) were revealed, largely due to the ongoing COVID-19 pandemic. BEC continues to be the costliest type of cybercrime facing the US.

A vulnerability in Zoom could inadvertently exposure users' data to other meeting participants on a call. The current version of Zoom for Windows (5.4.4) remains vulnerable to this flaw.


ADDITIONAL AREAS COVERED IN THE REPORT: 

Attacks and cybersecurity news
Data breaches, fraud and vulnerabilities
APT activity and malware campaigns
Geopolitical threats and impacts