Skip to content
Member Login
Cybersecurity

New Entries in the CFR Cyber Operations Tracker: Q4 2021

An update of the Council on Foreign Relations’ Cyber Operations Tracker for the period between October and December 2021. 

Cyber Operations Tracker. Council on Foreign Relations

By experts and staff

Published

Experts

  • By Adam Segal
    Ira A. Lipman Chair in Emerging Technologies and National Security and Director of the Digital and Cyberspace Policy Program

This blog post was coauthored by Kyle Fendorf, research associate for the Digital and Cyberspace Policy program. 

 

Jessie Miller, intern for the Digital and Cyberspace program, oversaw data collection and Kyle Fendorf, research associate for the Digital and Cyberspace Policy program, uploaded new entries. 

 

The Cyber Operations Tracker has just been updated. This update includes the state-sponsored incidents and threat actors that have been made public between October and December 2021. 

 

Here are some highlights: 

  • In November, North Korean hackers broke into the servers used by Chinese cyberespionage groups to steal toolkits and exploits. 

  • The Polish government was accused of installing NSO Group’s Pegasus spyware on the phones of several opposition politicians in 2019, including a prominent contender for the presidency. 

  • The Iranian threat actor Charming Kitten was one of the first state-sponsored groups to leverage the Log4Shell vulnerability in December, when it used the vulnerability to gain access to the networks of several Israeli government agencies. 

 

New Entries 

Targeting of major aerospace companies in the United States, Russia, Europe, and the Middle East (10/6) 

MalKamak (10/6) 

Targeting of various industries through Gmail compromises (10/7) 

Targeting of REvil (10/18) 

Targeting of South Korean think tank (10/26) 

UNC1151 (11/16) 

Targeting of U.S. and Australian critical infrastructure (11/17) 

Emennet Pasargad (11/18) 

Targeting of U.S. newspaper chain (11/18) 

Targeting of Chinese cybersecurity researchers (11/22) 

Targeting of North Korean defectors and South Korean journalists (11/29) 

Targeting of South Korean company recruiters (11/30) 

Targeting of Afghan government and military (12/2) 

Targeting of U.S. diplomats in Uganda (12/4) 

Targeting of French public organizations (12/7) 

Targeting of telecommunication companies in Asia and the Middle East (12/14) 

Targeting of Asian airline (12/15) 

Targeting of Israeli companies and government agencies (12/16) 

Targeting of the United Nations‘ human rights investigator in Yemen (12/20) 

Targeting of Jamal Khashoggi’s wife, Hanan Elatr (12/21) 

Targeting of Polish dissidents with Pegasus spyware (12/23) 

Targeting of Japanese corporations (12/28)