Cyberattacks on supply chain companies in USA and UK dominated the global cyberthreat landscape trends in the last week of October. As the cybersecurity awareness month ended, a spike in cyberattacks on this vital sector was recorded by our honeypots. The attacks included a mix of sophisticated and probe-driven reconnaissance attacks. The spikes were observed between 27th and 29th October.
Hackers seem to be targeting sectors where the operations are either disrupted or undergoing some manner of stress. During such times, cybersecurity often takes a back seat as normal operational practices are not followed because of the disruption. Most of the attacks were coming from known APT clusters in North Korea, Iran, and Irkutsk in Russia.
Oil and gas installations in Northern Europe and oil transportation infrastructure in Eastern Europe continue to be targeted by regional APT groups. Large volumes of data could potentially have been stolen in such attacks most of which could emerge on the Dark Web and other forums in the next few months.
Cyberattacks on India, which witnessed a rise in inbound cyberattacks on October 24 (the day of a major sporting event) stabilized towards the early part of the week only to rise again on Thursday. Attacks on OT and IoT infrastructure and digital assets have risen significantly this year. However, lowering of the event threshold for geo-political cyberattacks has emerged as a matter of significant concern. This trend seems to be here to stay.
Weekly advisory
Entities belonging to these segments should be on their guard in the coming week:
• Oil and gas
• Manufacturing
• Healthcare
• Utility entities
• Manufacturing plants and maritime agencies
• Financial services