Geopolitical attacks dominated the cyberthreat landscape this week. Two regions viz., South Asia and the Middle East were at the epicenter of these attacks driven by APT groups and independent hackers acting without any affiliation.
The number of cyberattacks exchanged by hackers from two large countries in the subcontinent increased significantly this week. As few countries in the region came out of Covid-19 induced lockdowns, hackers from both sides increased the intensity of attacks on each other. While attacks from one side registered a 30 percent increase, the attacks from the other registered a 7 percent raise. Attacks carried out in retribution cannot be ruled out at this point.
In the Middle-East, large scale attacks on critical infrastructure kept increasing for the 4th week in a row. Water treatment plants, airports, utility, and power infrastructure. These attacks are growing in volume and sophistication.
The number of cyberattacks on the US saw a significant rise this week. A range of institutions were targeted in these attacks. Some of these attacks may be designed to exploit the prevailing law and order situation in the country. The majority of these attacks were traced to bot farms in Eastern Europe.
Network routers remain the most attacked class of devices attracting as much as 13 percent of all in-bound cyberattacks across all device categories.
Weekly advisory
We expect the attacks on critical infrastructure to grow along with attacks on these sectors:
- Healthcare
- Utility entities
- Financial services
- Healthcare research labs
- Government websites and agencies – especially lawmakers and government agencies connected with internal/homeland security
- IoT projects