New Entries in the CFR Cyber Operations Tracker: Q2 2019

This blog post was coauthored by Lauren Dudley, a research associate for the Asia Studies program. 

The Cyber Operations Tracker has been updated. This update includes all state-sponsored incidents and threat actors that have been made public between April 2019 and June 2019. We also modified some old entries to reflect the latest developments.

Here are some highlights:

• The United States admitted to conducting a cyberattack on Iranian computer systems, the first time a nation-state has publicly admitted to conducting cyber operations against another nation-state. In retaliation, Iranian hackers allegedly increased cyberattacks on the U.S. private sector. 
• Hackers of the Chinese APT-10 group successfully targeted global telecommunications companies to access the personal data of government officials, activists, and dissidents of interest to Beijing. 

A detailed log of the added and modified entries follow. If you know of any state-sponsored cyber incidents that should be included, you can submit them to us here.

Edits to Old Entries

Compromise of Anthem. Added the U.S. indictment of the Chinese hackers responsible.

APT 40. Chinese hacking group also known as Leviathan and TEMP.Periscope upgraded to Advanced Persistent Threat designation.

New Entries

Chinese intelligence repurposed NSA tools to attack private companies

Compromise of Amnesty International Hong Kong

Compromise of British infrastructure

Compromise of Bayer Pharmaceuticals

Operation Soft Cell

Attack on Iranian computer systems

Compromise of Yandex

Attack on private U.S. companies