Due to Ukraine’s opposition to war, Russian hackers have carried out a cyber attack on Ukraine. The cyber attack was carried out on Ukraine’s most prominent private energy conglomerate. According to the article, the goal of the hack was to ‘destabilize the technological processes’ of its distribution and generation firms, spread propaganda about the company’s operations, and ‘to leave Ukrainian consumers without electricity.” The hacking group, which surfaced earlier this year in March, XakNet, was motivated to carry out this cyber attack on DTEK due to support for the war. The breach of DTEK was confirmed after data from the company was uploaded to XakNet’s Telegram app by the hackers. It has been speculated that XakNet is affiliated with the Russian government, but XakNet has denied those claims.

by Marcia Cooke, Jr. Analyst

Source: https://kion546.com/politics/cnn-us-politics/2022/07/05/russian-hackers-allegedly-target-ukraines-biggest-private-energy-firm-2/

It is speculated in China that a hacker has gained access to over one billion of China citizens' personal information. The hacker, by the name of ChinaDan, may have retrieved the information from a data leak earlier this year from the Shanghai National Police database. The data that was leaked contains confidential information on China's citizens, such as their name, birthplace, mobile number, and national ID number. The hacker is offering to sell 23 TB of the data retrieved in exchange for ten bitcoin, which is equivalent to about $200,000 US dollars. The Shanghai government and police have yet to track down the hacker and have refused to comment on the potential breach. China has been firm in preventing the spread of propaganda and fear of China's citizens by blocking the hashtag "data leak" on a widely-used social media platform called Weibo.

by Marcia Cooke, Jr. Analyst

Source: https://www.reuters.com/world/china/hacker-claims-have-stolen-1-bln-records-chinese-citizens-police-2022-07-04/

Threat actors are attacking law enforcement by hacking into email accounts of law enforcement agencies and sending fake subpoenas and emergency data requests to fortune 500 companies such as Apple, Snapchat, Facebook, etc. The most common attacks on law enforcement involve protest activity, unauthorized activity, cyber espionage, law enforcement systems, and espionage and data theft. These activities are most common in countries such as Latin America, South-East Asia, and off-shore jurisdictions.

by Marcia Cooke, Jr. Analyst

Source: https://www.helpnetsecurity.com/2022/07/07/cyberattacks-against-law-enforcement-rise/

IBM Security X-Force has discovered that the syndicate cyber attacker group, TrickBot group, has been attacking Ukraine since Russia invaded. The syndicate affiliate names are ITG23, Wizard Spider, Conti Group, and Dev-0193. Prior to Russia’s invasion of Ukraine, the group had not configured malware on Ukrainian systems. ITG23 has been a threat to Ukraine by phishing the Ukrainian general population, organizations, and state authorities. The ransomware and data theft acquired by the group has granted them advantages to extortion and Ukrainian economic decline. Based on leaked chats from within the ITG23 group, the attacks on Ukraine are motivated by Russian patriotism. The Bellingcat Executive director also received a tip that ITG23 was affiliated with Russia’s Federal Security Service.

Source: https://securityintelligence.com/posts/trickbot-group-systematically-attacking-ukraine/

The Ukrainian cyber police have shut down a Bot farm within Ukraine due to the bots spreading misinformation on social media networks. The Ukrainian bots were spreading misinformation regarding the Ukraine state sources by discrediting their information and essentially destabilizing the “...social and political situation in the country.” Ukraine officials believe that the operators of the bots were Russian special service members. The bot farm used over 5,000 sim cards to register the new social media accounts and relied on 1,000,000 bots. Russian operators used 200 proxy servers to prevent the bot IP addresses from being detected. Russia also spread misinformation and propaganda through Facebook, Instagram, and Youtube. The Ukraine cyber police, along with Ukraine’s president, Volodymyr Zelensky, are actively trying to combat these and future cyberattacks.

Source: https://www.bleepingcomputer.com/news/security/ukraine-takes-down-1-000-000-bots-used-for-disinformation/