Skip to content
Member Login
Cybersecurity

New Entries in the CFR Cyber Operations Tracker: Q3 2020

An update of the Council on Foreign Relations’ Cyber Operations Tracker for the period between July and September 2020.

<p>Cyber Operations Tracker</p>
Cyber Operations Tracker Council on Foreign Relations

By experts and staff

Published

Experts

  • By Adam Segal
    Ira A. Lipman Chair in Emerging Technologies and National Security and Director of the Digital and Cyberspace Policy Program

By

  • Connor Fairman
    Research Associate, Digital and Cyberspace Policy Program
  • Maya Villasenor

The Cyber Operations Tracker has just been updated. This update includes the state-sponsored incidents and threat actors that have been made public between July 2020 and September 2020.

Here are some highlights:

  • In September, Microsoft reported that Russian, Chinese, and Iranian threat actors were targeting people and organizations involved in the upcoming U.S. elections.
  • For the first time, Togo is suspected of using NSO Group spyware to target opposition politicians and religious leaders. This brings the total number of nation-state attackers in the tracker to thirty-four.
  • Suspected North Korean-affiliated threat actor Lazarus Group continued to compromise automated teller machines in dozens of countries to steal money through fraudulent transactions.

A detailed log of the added and modified entries follows. If you know of any state-sponsored cyber incidents that should be included, you can submit them to us here.

New Entries 

Fox Kitten (2/16)

Targeting of Israeli water management facilities (7/17)

Targeting of Western entities involved in COVID-19 vaccine development (7/21)

Targeting of Vatican City computer networks (7/28)

RedDelta (7/28)

Targeting of websites in Latvia, Lithuania, and Poland (7/29)

Ghostwriter (7/29)

Targeting of entities focusing on Taiwan (8/3)

Targeting of United Kingdom trade minister’s email account (8/3)

Targeting of opposition politicians and religious leaders in Togo (8/3)

Targeting of U.S. companies and government agencies (8/10)

Targeting of defense companies in Israel and the Middle East (8/14)

Targeting of Taiwanese government agencies and officials’ email accounts (8/19)

BlackTech (8/19)

Targeting of U.S. defense contractors (8/19)

Targeting of automated teller machines worldwide (8/26)

Targeting of UN officials (8/28)

Pioneer Kitten (8/31)

Targeting of U.S. political campaigns, advocacy groups, and political consultancies (9/10)

Targeting of former Vice President Joe Biden’s campaign staff and U.S. international affairs community (9/10)

Zirconium (9/10)

Targeting of the Donald J. Trump presidential campaign (9/10)

Targeting of U.S. government agency networks (9/14)

Targeting of U.S. information technology, government, health-care, finance, and media industries (9/15)

Targeting of Iranian expats and dissidents (9/18)

Targeting of Azerbaijani government networks (9/22)

Penetration of unnamed U.S. federal agency (9/24)