Global Cyber Pulse: 12 December 2024

Cyber Attack
December 12, 2024 | Cybersecurity
By Ashwani Mishra, Editor-Technology, 63SATS

Global cybersecurity challenges are escalating as Russian group Turla exploits other hackers’ infrastructure to target Ukrainian military systems via Starlink, while China-linked APTs attack Southeast Asian organizations.

Meanwhile, scams impersonating UAE authorities and recurring breaches like Krispy Kreme’s online platform and Delhi Police’s X handle highlight vulnerabilities, as the EU Cyber Resilience Act sets new standards to combat such threats with proactive measures.

Turla Hijacks Threat Actors to Target Ukrainian Military via Starlink

Russian cyber-espionage group Turla, also known as “Secret Blizzard,” is leveraging the infrastructure of other threat actors to target Ukrainian military systems connected via Starlink.

Microsoft and Lumen revealed Turla’s use of malware and servers from Pakistan-based Storm-0156 and the Russian Amadey botnet. In operations between March and April 2024, Turla deployed custom malware families like Tavdig and KazuarV2.

Microsoft noted uncertainty about whether Turla hijacked or purchased Amadey access, underscoring its strategy of operating behind other hacking groups.

Fake Fines Scam: Cybercriminals Exploit UAE Citizens During Festive Season

A massive scam campaign impersonating UAE law enforcement has been uncovered, exploiting public trust during festive periods like UAE National Day.

Cybercriminals, posing as Dubai Police, sent fake fines for non-existent traffic violations or renewals via calls, emails, and SMS. Using scripted dialogues and convincing call-centre noises, the fraudsters pressured victims into paying up.

Security firm Resecurity identified this campaign as part of a larger pattern, reusing tactics observed in previous scams involving UAE Federal Authority impersonation.

Krispy Kreme Hit by Cyber Breach, Online Orders Disrupted

Krispy Kreme is grappling with a cybersecurity breach that has impacted its U.S. online ordering platform. Detected on November 29th, the breach prompted the company to engage top cybersecurity experts.

The incident has caused significant financial strain due to remediation efforts, although the company assured stakeholders that its commercial distribution remains unaffected. Krispy Kreme has cybersecurity insurance and does not anticipate long-term operational setbacks.

Delhi Police’s X Handle Hacked for Sixth Time in 15 Months

The Delhi Police’s X handle was compromised again, marking the sixth cyberattack on its digital platforms in just over a year. Hackers altered the account’s name, profile, and bio, posting about “digital collectibles” in Japanese.

Although the account was restored within an hour, the lack of arrests in previous hacking cases raises serious concerns about cybersecurity measures and accountability.

China-Linked Cyber Espionage Campaign Targets Southeast Asia

A China-based threat actor has been linked to cyberattacks on high-profile organizations in Southeast Asia since October 2023, according to Symantec’s Threat Hunter Team.

Victims included government ministries, air traffic control, a telecom company, and a media outlet. The attacks utilized advanced techniques and tools tied to Chinese APT groups, emphasizing the persistent risk of state-sponsored espionage.

EU Cyber Resilience Act: Mandatory Security Standards for Digital Products

The EU Cyber Resilience Act, now in effect, sets mandatory cybersecurity standards for hardware and software products in the European market.

Manufacturers must address vulnerabilities through updates and ensure ongoing security support for consumers. Products meeting the Act’s requirements will bear the CE marking.

The Act aims to enhance transparency, empower consumers, and fortify the EU against growing cyber threats. Key obligations will apply from December 11, 2027.