GEOPOLITICAL AND CYBERSECURITY RISK WEEKLY BRIEF 19 JULY 2021

19 July 2021

EXECUTIVE SUMMARY

In the Americas, six US government departments and agencies warned companies against doing business in the western Chinese province due to the ‘high risk of violating US law’. In Canada, new funding proposals for university research partnerships will now require risk assessments to protect intellectual property (IP) rights and sensitive information from foreign powers.

Facebook has found and disrupted the actions of an Iranian threat group, tracked as TortoiseShell, attempting to use its platform to target employees at US defence and aerospace companies. The fake accounts posed as recruiters and employees of defence and aerospace companies.

In Asia, a suspected China-based group of threat actors carried out cyberattacks on the Oracle GlassFish Server used by Nepal Telecom (NTC) and exfiltrated Nepali users’ call details. The British Parliament voted in favour of a non-binding motion for a diplomatic boycott of the Beijing 2022 Winter Olympics. 

Since April 2021, 44 new typosquatting domains that mimic the 2021 Tokyo Olympic Games have been registered by unaffiliated third parties. While most of these sites resolve to generic domains and others are currently parked, they are likely to become more active as the Olympic Games draw nearer. 

In Europe, France’s antitrust regulator imposed a EUR500 million fine on US-based technology firm Google for failing to comply with temporary orders relating to a dispute with news publishers. 

Operation SpoofedScholar, a phishing campaign targeting senior think tank analysts, journalists and professors specialising in Middle Eastern affairs in the UK and elsewhere, has been attributed to an Iranian threat group.

In the Middle East and Central Asia, Iran's transport and urbanisation ministry was taken down by a ‘cyber disruption’ in the computer systems.

Microsoft has released new information regarding a private-sector offensive actor (PSOA) it tracks as Sourgum. The group has targeted over 100 victims around the world, including politicians, human rights activists, journalists, academics, embassy workers, and political dissidents. Approximately half of the victims were found in the Palestinian Authority.

In Sub-Saharan Africa, the worst unrest in decades in South Africa has the potential for extensive security and commercial implications.

This week saw Patch Tuesday vulnerability releases from major firms. These include Microsoft, and Adobe, as well as product vulnerability patches from SAP, Citrix, and Mozilla. All products should be updated as soon as possible, in line with your company’s updates policy. 


ADDITIONAL AREAS COVERED IN THE REPORT: 

Attacks and cybersecurity news
Data breaches, fraud and vulnerabilities
APT activity and malware campaigns
Geopolitical threats and impacts