GEOPOLITICAL AND CYBERSECURITY RISK WEEKLY BRIEF 28 JUNE 2021
Recent developments in Europe highlights the geopolitical-cybersecurity nexus, where Poland was targeted in a concerted attack allegedly by Russian-linked group, UNC1151. Polish officials claim that the attack focused on more than 30 parliamentarians and government officials and was part of a campaign to sow political division and undermine the national bureaucracy. In a related move, the European Union announced that it will create a new multilateral cyber unit with the remit of protecting the bloc from continually evolving malicious state and non-state cyber actors.
Phishing threat actors targeting the UK have recently created a new type of scam to steal personal information and payment card data. The attacks are now posing as the UK NHS offering users their Digital Coronavirus Passport. COVID-19 and all aspects of vaccination and general healthcare surrounding the pandemic will continue to be a fruitful avenue for scammers for some time to come.
In Belgium, the country’s third-biggest city, Liege, suffered a cyberattack disrupting its IT network and online services. Media outlets subsequently reported that this attack was perpetrated by the Ryuk ransomware. The city has still not confirmed whether ransomware was involved.
Pivoting towards the Middle East region, Iran’s cyberwarfare capabilities were highlighted in a recent threat assessment from Germany’s Federal Office for the Protection of the Constitution (BfV), the country’s domestic intelligence agency. BfV warned that Iran’s cyberwarfare capabilities have improved, and pose a heightened threat to Tehran’s geopolitical adversaries as well as to companies that have technology that can advance Iran’s national strategic interests. Two French cyber-surveillance firms have been targeted by the International Federation of Human Rights in Paris for technology deals that ultimately facilitated abuses by authoritarian regimes in Libya and Egypt. Executives, current and former, at Amesys and Nexa Technologies have been charged with ‘complicity in torture’.
Australia-China relations further deteriorated after Beijing lodged a formal complaint to the World Trade Organization against Canberra for illegal tariffs on Chinese imports. It is another escalatory step that is damaging diplomatic, trade, security, and commercial ties. In Hong Kong, a change to HSBC’s online and mobile banking terms that will prevent access to accounts outside the territory from 26 July set off a wave of complaints. Customers, including retail and businesses, are deeply concerned that broad application of the national security law (NSL) will make it increasingly more difficult to remit money across international jurisdictions.
In the Americas, El Salvador garnered the international spotlight when it formally announced that it would adopt Bitcoin as legal tender from 7 September. While the cryptocurrency will help lower the cost of overseas remittances from its global diasporas, it will certainly bring a considerable amount of international scrutiny over the more nefarious uses of the coin and the underlying blockchain technologies. Washington slapped export bans on five Chinese companies over human rights abuses in the Xinjiang region. This is likely going to impact the supply-chain in the solar panel industry.
Rounding out this week’s geopolitical events with potentially significant business implications are the ‘fast-surging’ third COVID-19 wave in the Sub-Saharan Africa region. In Ethiopia, the conflict in the Tigray region saw a recent spate of higher intensity activity by anti-government forces. Much of the activity was likely a demonstration of force in response to the election victory of prime minister Abiy Ahmed, who has crowded out ethnically based opposition forces including Tigrayans. The conflict in the Tigray threatens to unravel the Ethiopian administration’s relative control of a deeply divided state where competition is fierce among the numerous ethnic societies.
The Canadian Centre for Cyber Security (CCCS) has warned organisations to patch a critical vulnerability in Palo Alto Networks Cortex XSOAR. Successful exploitation can lead to network access and performing unauthorised actions. The CCCS encourages users and administrators to review the provided vendor advisory and apply the necessary updates. The vulnerability is designated CVE-2021-3044.
To read the full report contact us.