GEOPOLITICAL AND CYBERSECURITY RISK WEEKLY BRIEF 2 AUGUST 2021

2 AUGUST 2021

EXECUTIVE SUMMARY

In the Americas, tech giants Facebook and Google, as well as the ride-hailing company Lyft, announced that all employees returning to their US offices must be vaccinated against coronavirus. 

Researchers have uncovered a fake Android application posing as CoronApp, an official app released by the government of Colombia for tackling COVID-19. The app is downloaded from a duckdns domain, where malicious software related to other platforms, such as Windows, were also discovered.

In Asia, Taiwan is investigating an alleged cyberespionage attack targeting more than 100 LINE messaging application accounts used by officials. The British government is reportedly assessing how China’s state-owned nuclear energy company can be excluded from future projects in the United Kingdom.

The Beijing One Pass app designed by the Beijing Certificate Authority (BJCA), is a requirement of foreign companies that wish to access China's digital employee state benefits platform. Researchers have now detected a set of features in the app that are usually associated with spyware.

In Europe, Lithuania’s cyber-security centre launched a probe into alleged disinformation relating to planned locations of centres, where migrants might be accommodated.

Northern Ireland's Department of Health has temporarily stopped its COVID-19 vaccine certification online service, COVIDCert NI, due to a data exposure. The incident was reported to the UK's Information Commissioner's Office (ICO).

In the Middle East and Central Asia, Israeli authorities inspected the offices of software maker NSO Group in addition to officials from the ministries of defence, foreign affairs, and interior, and national intelligence agency Mossad.

Cyjax has identified a user on Raid Forums, lucifer6a, who claims to be in possession of the full NSO target list. However, it should be noted that lucifer6a has been unable to verify their claims.

In Sub-Saharan Africa, South Africa’s state-owned transport and logistics operator Transnet is due to lift its force majeure declaration following a ransomware attack. The US Attorney’s Office of the District of California) indicted six Nigerian nationals for involvement in a complex fraud network.

ADDITIONAL AREAS COVERED IN THE REPORT: 

Attacks and cybersecurity news
Data breaches, fraud and vulnerabilities
APT activity and malware campaigns
Geopolitical threats and impacts