SURGE IN STATE- AND STATE-ASSOCIATED CYBER ATTACKS
The US has so far said little about probably the most significant cyber attack in history. On13 Dec, it reported that a number of government agencies, including state, defence, treasury, energy, commerce and nuclear security, as well as other technology, security firms and NGOs, were breached. Attackers were identified as hacking group Cozy Bear and Russian intelligence agency SVR, denied by Russia. The attack began before Mar 2020, and exploited software flaws in MS and VMware products, and particularly Solar Winds Orion. In view of repeated attacks on MS 365 through Solar Winds world-wide, MS has quarantined its binaries. US NSA reports that VMware vulnerabilities are being exploited by hackers on behalf of the Russian state. Cyber security firm FireEye has been breached by Russian hackers, making its penetration tools available for future attacks. Vietnamese cyber group OceanLotus/ATP32 is actively attacking governments and human rights activists, and has attempted to hide malware on Play Store. Ransomware attacks continue, increasingly hitting SMEs and individuals, as well as major companies Foxconn and Kmart. MountLocker malware is now available as ‘ransomware as a service’ online. Zero-click wormable RCE flaw uncovered in MS Teams. Malware found hidden in 28 Chrome and Edge extensions can divert to phishing sites or steal personal data, and can affect Facebook and Instagram. Hacking group AridViper developed malware PyMicropsia capable of collecting data, taking screenshots, keylogging, etc. New spyware Goontact targets iOS and Android users for blackmail purposes. Despite existing patch, Android users still vulnerable to major bug. McAfee estimates global cost of cyber crime has passed the $1 trillion mark.