New Entries in the CFR Cyber Operations Tracker: Q1 2019
This blog post was coauthored by Kanzanira Thorington, a research associate for the Digital and Cyberspace studies program.
The Cyber Operations Tracker has just been updated. This update includes the state-sponsored incidents and threat actors that have been made public between October 2018 and March 2019. We also modified some old entries to reflect the latest developments.
Here are some quick facts and interesting tid bits:
- The United States is taking action against state-sponsored cyberattacks. The United States and allies condemned China for twelve years of cyberattacks on governments and the private sector, including indictments of two hackers associated with APT 10. Previously Washington had cooperated with allies to attribute Russian cyber operations. Furthermore, in November 2018 the U.S. Cyber Command launched an offensive campaign to combat a Russian troll operation known for using disinformation tactics.
- New reports link the targeting of U.S. Navy contractors and maritime research at universities to Chinese intelligence efforts to steal naval technology.
A detailed log of the added and modified entries follow. If you know of any state-sponsored cyber incidents that should be included, you can submit them to us here.
Edits to Old Entries
Compromise of the Czech foreign minister’s computer. Added an affiliation.
APT 10. Added that the United States and allies charged members of the group for economic espionage.
Compromise of SingHealth. Added affiliation, victim category response.
MuddyWater. Added a reference to its alternate name (Seedworm).
The Dukes. Added that it is believed the group attempted to hack the Democratic National Committee after 2018 midterms.
Leviathan. Added a reference to its alternate name (APT 40) and association with the targeting of Department of Defense sponsored maritime research at US universities.
Compromise of Ukrainian government
Targeting of Mexican journalists’ mobile devices
Targeting of emails of German lawmakers, military officials, and embassy staff
Compromise of Marriott International
Attempt to compromise Ukraine's judicial system
Targeting of the Parliament of Australia
Compromises of government embassies, telecommunications companies, and a Russian oil company
Targeting of U.S. Navy contractors
Compromise of the EU's diplomatic communication network
Attack on Italian oil firm Saipem
Compromise of South Korean resettlement agency
Global hijacking of domain name system (DNS)
Attempted attack on the Democratic National Convention (DNC) during 2018 elections
Cyber espionage by the United Arab Emirates (UAE)
Targeting of U.S. and European think tanks
U.S. Cyber Command offensive attack of Russian troll farm
Targeting of universities' maritime military secrets