menu szukaj
Weekly Online Magazine
ISSN 2544-5839

new articles each monday
zamknij
Work In Media

7.10.2024 Law in media

Cyberwarfare on the Internet. The ESET Report

KF

Governments, corporations, and even the education sector are becoming targets of advanced cyber attacks. The report for the period from October 2023 to March 2024, prepared by ESET, sheds light on the intensification of activities by Advanced Persistent Threat (APT) groups, which conduct espionage, sabotage, and destabilization operations in key sectors on behalf of states.

Poczytaj artykuł wydanie polskie w wydaniu polskim

Cyberwarfare on the Internet: ESET Reportillustration: bing.com/create

Threats from the Middle East: Iran Strikes After Hamas Attack


In October 2023, following Hamas`s attack on Israel, the activity of Iranian cyber threat groups surged dramatically. As ESET specialists note, there has been a shift in the strategy of these groups—from cyber espionage and ransomware to more destructive actions, such as access brokering and wiper attacks aimed at destroying data. MuddyWater and Agrius, two of the most well-known groups linked to Iran, conducted a series of attacks targeting various sectors, including communications, government, and finance.

  • Agrius`s attack on the Israeli communication sector: In November 2023, Agrius used an advanced BIOS wiper, leading to the paralysis of systems in many Israeli companies. Modified versions of the Red Petya tool, previously used in other sabotage operations, were employed in these attacks.

ESET notes that while these operations have become more aggressive, their effectiveness has decreased. The accelerated pace of activities has led to operational errors, such as the frequent use of the same tools and techniques, increasing the chances of detection.

North Korea: Not Just Spying, but Stealing Millions in Cryptocurrency


In the digital world, one of the most dangerous players remains North Korea. Its groups, such as Lazarus, continuously target the aerospace and defense sectors. However, they are increasingly focusing on operations against cryptocurrency firms. In 2023, according to ESET data, Lazarus and other North Korean groups stole cryptocurrencies worth up to a billion dollars. This is just a drop in the ocean of financial losses inflicted on companies worldwide.

  • Lazarus`s Techniques: The North Korean group increasingly employs advanced attack techniques, such as supply-chain attacks, which involve injecting malicious code into official software updates.

Meanwhile, groups like ScarCruft and Konni focus on highly targeted phishing attacks that enable them to gain access to government networks in South Korea and Russia. In one attack, Konni used a trojanized installer to infiltrate the computers of employees at the Russian embassy.


SELF PROMOTION. Got a minute? Find out our #59sec REPORT on Youtube

China: Masters of Exploitation


Chinese APT groups are not slowing down and continue to exploit vulnerabilities in publicly available applications. Mustang Panda, one of the best-known Chinese groups, has concentrated its activities on the maritime transport sector, attacking companies in Europe. Their victims include companies from Norway, Greece, and the Netherlands, including vessels.

  • DLL Hijacking Technique: Mustang Panda utilized a technique known as DLL hijacking to attack the computer systems of these companies. In this case, files with incorrect digital signatures were used, allowing them to take control of the victims` systems.

However, the biggest challenge facing cybersecurity specialists is the emergence of new Chinese APT groups. CeranaKeeper, a newly identified group, operates similarly to Mustang Panda but has its own unique toolkit. ESET is monitoring the activities of both groups, which seem to be using the same digital tool provider, suggesting potential technical collaboration.

Russian Cyberwarfare Continues: Europe and Ukraine in the Crosshairs


Russia remains one of the most active players on the digital battlefield. In recent months, groups linked to Russia, such as Gamaredon, have focused their efforts on intelligence attacks and sabotage operations targeting Ukraine. Russian groups are responsible for dozens of daily attacks on Ukrainian energy systems.

  • Attack on Kyivstar: In December 2023, Sandworm launched an attack on one of Ukraine`s largest telecommunications operators – Kyivstar. This attack, which led to network outages, was publicized on pro-Russian Telegram channels.

Russian groups, such as Sednit, are also continuing intelligence operations in Europe, focusing on EU governmental institutions. In March 2024, Sednit conducted a series of phishing attacks exploiting vulnerabilities in Microsoft Outlook (CVE-2024-21413).


advertisement
Work In Media

Dominant Techniques: Phishing, Ransomware, and Wipers


The ESET report clearly shows that APT groups continue to favor phishing techniques as a precursor to larger operations. In particular, spear phishing—attacks targeted at selected individuals or organizations—remains a favorite method for initial access.

  • Phishing: Russian-linked groups, such as Sednit and Callisto, use spear phishing as the main attack vector. In one recent attack on European institutions, emails contained malicious links and attachments that, when opened, allowed attackers to take control of the victims` systems.

Additionally, in 2024, there has been an increase in attacks using wiper malware—malicious software that destroys data on the attacked systems. These destructive attacks have primarily occurred in the Middle East, where Iranian groups like MuddyWater and Agrius have targeted Israeli companies.

Target Sectors of APT Groups (October 2023 - March 2024):


Region Sector State-linked APT Groups
Europe Government, Defense, Energy Russia, China
Middle East Telecommunications, Government Iran, BladedFeline, POLONIUM
Asia Aerospace, Cryptocurrency North Korea (Lazarus)
The Americas Government, Energy China, Iran


Summary in Numbers


Iran

  • 3 major attacks in Israel using wipers.
  • 70% of attacks on the communication and government sector.

North Korea:

  • Value of stolen cryptocurrencies in 2023: $600 million – $1 billion.
  • 5 major phishing campaigns targeting the defense industry.

Russia:

  • 12 daily attacks on Ukrainian energy infrastructure.
  • 4 successful espionage operations in EU institutions.

The ESET report shows that the digital world is becoming increasingly dangerous, and cyber threats are evolving at an unprecedented pace. Both governments and companies must confront ever-more advanced adversaries that employ new techniques and tools.

The entire APT Activity Report is available at:
https://dagma.eu/storage/_common/blog/doc/APT_Activity_Report_Q4_2023-Q1_2024.pdf

Share the article:

dodaj na Facebook prześlij przez Messenger dodaj na Twitter dodaj na LinkedIn

COMMERCIAL BREAK
Reporterzy.info on Google News

New articles in section Law in media

Phishing in the Cryptocurrency Industry. Fake Recruitments Steal Data

Piotr Rozmiarek
Security researchers have detected a social engineering campaign targeting job seekers in the Web3 industry. The attack aims to conduct fake job interviews via a meeting application that installs information-stealing malware.

SLAPP Lawsuits in Europe. How Journalists and Activists Are Silenced

Krzysztof Fiedorek
The number of strategic lawsuits aimed at intimidating journalists, activists, and civil society organizations is increasing in Europe. According to the CASE SLAPPs Report 2024, as many as 1,049 such cases were identified between 2010 and 2023.

Why do People Spread Disinformation? Results of DigiPatch Research

Ewelina Krajczyńska-Wujec
People strongly driven by the need for power are more likely to share posts on social media, including disinformation. Power itself, like the need to gain prestige and recognition, is not associated with the frequency of spreading false information, according to research involving Professor Małgorzata Kossowska from the Jagiellonian University.


See articles on a similar topic:

Online Hate in Numbers. What Do We Think About Offensive Comments?

KFi
Nearly 70% of adults have encountered online hate. The group most affected includes individuals aged 18–24, with 81% reporting exposure to hateful content - according to the report "Hate on the Internet," prepared by the polish Foundation "W zgodzie ze sobą" in cooperation with Maison&Partners and the Ariadna research panel.

Local Media in Poland - Announcements

Bartłomiej Dwornik
Research by ComPress Agency, conducted among journalists in 2001, indicates that only 7 percent of them believe that PR specialists and press spokespeople understand journalists' needs well.

GDPR in Media. Regulations Complicate Campaign Planning and Execution

BARD
Most Polish news portals and online stores have adopted consent mechanisms designed in a way that makes it hard to refuse consent

Unsolved Journalist Murders: CPJ Report 2024

KFi
Haiti and Israel have topped the latest report by the Committee to Protect Journalists (CPJ) on impunity in journalist murders. Worldwide, 80% of cases remain unsolved. The report explores why those who kill journalists evade accountability, highlighting the countries leading this grim statistic and its impact on press freedom.

More in the section: Law in media

community

Facebook LinkedIn X Twitter TikTok Instagram Threads Youtube Google News Blue Sky Social RSS

Reporterzy.info - online media studies magazine. The world of communication from the inside. Media, journalism, PR and marketing. Data, reports, analyses, advice. History and market, law, photography, job offers.


Work in media

United States
New York • Washington DC • Los Angeles • Chicago • Houston • Phoenix • Philadelphia United Kingdom
London • Birmingham • Manchester • Liverpool • Glasgow • Edinburgh Canada
Toronto • Ottawa • Montreal • Calgary Australia
Sydney • Melbourne • Brisbane • canberra Ireland, New Zealand, India

advertisement

Media Review 24/7




Reporter shopping

Reporter shopping

Affordable laptops, notebooks and netbooks
Affordable laptops, notebooks and netbooks
for writing
Digital SLR and compact cameras
Digital SLR and compact cameras
for photographers
Books and e-books about media
Books and e-books about media
for reading
Video drones and flying cameras
Video drones and flying cameras
for pilots
Gimbals for stabilizing video
Gimbals for stabilizing video
for those on the move
Software and apps for creative work
Software and apps for creative work
for digital creators
More occasions

advertisementMedia Review 24/7
Read books and e-books

Read books and e-books

Okładka Media Control. The Spectacular Achievements of Propaganda
Media Control. The Spectacular Achievements of Propaganda
Okładka The 40-Day Social Media Fast
The 40-Day Social Media Fast
Okładka Mass Communication: Living in a Media World
Mass Communication: Living in a Media World
Okładka Beyond The Feed: A Social Media Success Formula
Beyond The Feed: A Social Media Success Formula
Okładka Trust Me, I`m Lying: Confessions of a Media Manipulator
Trust Me, I`m Lying: Confessions of a Media Manipulator
Okładka Hate, Inc.: Why Today`s Media Makes Us Despise One Another
Hate, Inc.: Why Today`s Media Makes Us Despise One Another
more books and e-books

Reporterzy.info

More about us

Our tools and services

Contact


© Dwornik.pl Bartłomiej Dwornik 2oo1-2o25
240105en