Skip to content
Member Login
Cybersecurity

New Entries in the CFR Cyber Operations Tracker: Q3 2020

An update of the Council on Foreign Relations’ Cyber Operations Tracker for the period between July and September 2020.

Cyber Operations Tracker Council on Foreign Relations

By experts and staff

Published

Experts

  • By Adam Segal
    Ira A. Lipman Chair in Emerging Technologies and National Security and Director of the Digital and Cyberspace Policy Program

By

  • Connor Fairman
    Research Associate, Digital and Cyberspace Policy Program
  • Maya Villasenor

The Cyber Operations Tracker has just been updated. This update includes the state-sponsored incidents and threat actors that have been made public between July 2020 and September 2020.

Here are some highlights:

  • In September, Microsoft reported that Russian, Chinese, and Iranian threat actors were targeting people and organizations involved in the upcoming U.S. elections.
  • For the first time, Togo is suspected of using NSO Group spyware to target opposition politicians and religious leaders. This brings the total number of nation-state attackers in the tracker to thirty-four.
  • Suspected North Korean-affiliated threat actor Lazarus Group continued to compromise automated teller machines in dozens of countries to steal money through fraudulent transactions.

A detailed log of the added and modified entries follows. If you know of any state-sponsored cyber incidents that should be included, you can submit them to us here.

New Entries 

Fox Kitten (2/16)

Targeting of Israeli water management facilities (7/17)

Targeting of Western entities involved in COVID-19 vaccine development (7/21)

Targeting of Vatican City computer networks (7/28)

RedDelta (7/28)

Targeting of websites in Latvia, Lithuania, and Poland (7/29)

Ghostwriter (7/29)

Targeting of entities focusing on Taiwan (8/3)

Targeting of United Kingdom trade minister’s email account (8/3)

Targeting of opposition politicians and religious leaders in Togo (8/3)

Targeting of U.S. companies and government agencies (8/10)

Targeting of defense companies in Israel and the Middle East (8/14)

Targeting of Taiwanese government agencies and officials’ email accounts (8/19)

BlackTech (8/19)

Targeting of U.S. defense contractors (8/19)

Targeting of automated teller machines worldwide (8/26)

Targeting of UN officials (8/28)

Pioneer Kitten (8/31)

Targeting of U.S. political campaigns, advocacy groups, and political consultancies (9/10)

Targeting of former Vice President Joe Biden’s campaign staff and U.S. international affairs community (9/10)

Zirconium (9/10)

Targeting of the Donald J. Trump presidential campaign (9/10)

Targeting of U.S. government agency networks (9/14)

Targeting of U.S. information technology, government, health-care, finance, and media industries (9/15)

Targeting of Iranian expats and dissidents (9/18)

Targeting of Azerbaijani government networks (9/22)

Penetration of unnamed U.S. federal agency (9/24)