Es muy interesante apreciar los que se realizaron sobre Ucrania. Quiz\u00e1 acciones previas al conflicto en desarrollo. Se presenta un interesante registro de incidentes cibern\u00e9ticos desde el a\u00f1o 2006. Tambi\u00e9n se muestra un resumen de los incidentes de durante el \u00faltimo a\u00f1o. El registro de incidentes se puede descargar desde el art\u00edculo. Se enfoca en los ataques cibern\u00e9ticos a agencias gubernamentales, empresas de defensa y alta tecnolog\u00eda, o delitos econ\u00f3micos con p\u00e9rdidas de m\u00e1s de un mill\u00f3n de d\u00f3lares.<\/p>\n
January 2022.\u00a0<\/strong>A Belarusian hacktivist group accessed the networks of state-owned Belarusian Railway. The group encrypted the majority of the Railway\u2019s servers and destroyed data held on a backup server, possibly to complicate Russian troop movements throughout the country.<\/p>\n January 2022.\u00a0<\/strong>A Chinese hacking group breached several German pharma and tech firms. According to the German government, the hack into the networks of service providers and companies was primarily an attempt to steal intellectual property.<\/p>\n January 2022.\u00a0<\/strong>Hackers shut down internet traffic to and from North Korea twice in two weeks from what researchers say was likely a series of DDoS attacks. The second attack came just after North Korea\u2019s 5th<\/sup>\u00a0missile test of the month.<\/p>\n January 2022.\u00a0<\/strong>Hackers breached the Canadian Foreign Ministry, hampering some of the Ministry\u2019s internet-connected services. The hack came a day after the government issued a warning to bolster network security in anticipation of Russia-based cyberattacks on critical infrastructure.<\/p>\n January 2022.\u00a0<\/strong>A series of DDoS attacks targeted a high-stakes Minecraft tournament and ended up impacting Andorra Telecom, the country’s only internet service provider. The attack disrupted 4G and internet services for customers.<\/p>\n January 2022.\u00a0<\/strong>The Informatic Directorate of the Greek Parliament identified an attempt to hack into 60 parliamentary email accounts. In response, authorities temporarily shut down the mailing system in the legislature.<\/p>\n January 2022.\u00a0<\/strong>An Australian spokesman accused WeChat of taking down Prime Minister Scott Morrison\u2019s account and redirecting users to a website that provides information for Chinese expatriates. The Government claims that they first encountered problems posting to the Prime Minister\u2019s account in mid-2021.<\/p>\n January 2022.\u00a0<\/strong>Hackers breached systems belonging to the International Committee of the Red Cross, gaining access to data on more than 500,000 people and disrupting their services around the world.<\/p>\n January 2022.\u00a0<\/strong>A cyberattack targeted the Ukrainian government, hitting 90 websites and deploying malicious software masquerading as ransomware to damage dozens of computers in government agencies.<\/p>\n January 2022.\u00a0<\/strong>Hackers attacked several Israeli media outlets, including Maariv and the Jerusalem Post, posting threatening messages on their websites. One message stated “we are close to you where you do not think about it” in English and Hebrew.<\/p>\n January 2022.\u00a0<\/strong>A DRPK-affiliated group targeted multiple Russian diplomats with malware. The diplomats received an email disguised as a New Year greetings screensaver but which, after being opened, installed a remote access trojan.<\/p>\n December 2021<\/strong>\u00a0. A cyberattack on the Belgium Ministry of Defence forced part of its computer network, including the ministry\u2019s mail system, to shut down for several days. Hackers exploited the Log4j vulnerability to compromise the network.<\/p>\n December 2021.<\/strong>\u00a0Hackers targeted multiple Southeast Asian governments over the past 9 months using custom malware linked to Chinese state-sponsored groups. Many of the nations targeted are currently engaged in disputes with China over territorial claims in the South China Sea.<\/p>\n December 2021<\/strong>\u00a0.<\/strong>\u00a0A breach of Prime Minster Modi\u2019s Twitter allowed hackers to Tweet from the account that India officially adopted bitcoin as legal tender. The Tweet also included a scam link promising a bitcoin giveaway.<\/p>\n December 2021.<\/strong>\u00a0A Bloomberg investigation publicly linked an intrusion into Australia\u2019s telecommunications systems in 2012 to malicious code embedded in a software update from Huawei.<\/p>\n December 2021.\u00a0<\/strong>Cybersecurity firms found government-linked hackers from China, Iran, and North Korea attempting to use the Log4j vulnerability to gain access to computer networks. Following the announcement of Log4j, researchers already found over 600,000 attempts to exploit the vulnerability.<\/p>\n December 2021.\u00a0<\/strong>Chinese hackers breached four more U.S. defense and technology firms in December, in addition to one organization in November. The hackers obtained passwords to gain access to the organizations\u2019 systems and looked to intercept sensitive communications.<\/p>\n December 2021.<\/strong>\u00a0A Russian group took responsibility for a ransomware attack on Australian utility company CS energy. This announcement came after Australian media outlets blamed Chinese government hackers for the attack.<\/p>\n November 2021<\/strong>\u00a0. A Russian-speaking group targeted the personal information of around 3,500 individuals, including government officials, journalists, and human rights activists. The group obtained access to private email accounts and financial details, and operated malware on Android and Windows devices.<\/p>\n November 2021.<\/strong>\u00a0Hackers gained access to the social security and driver\u2019s license numbers of employees after compromising a U.S. defense contractor.<\/p>\n November 2021.\u00a0<\/strong>Chinese officials claim a foreign intelligence agency hacked into several airlines in China and stole passenger information. The officials stated the hacks are connected due to the use of a custom trojan in all the attacks.<\/p>\n November 2021<\/strong>\u00a0. After CISA publicly shared details on a vulnerability, Chinese hackers targeted nine companies and 370 servers between September and October using the same vulnerability.<\/p>\n November 2021.<\/strong>\u00a0A vendor that handles data for the UK Labour Party was subject to a cyberattack, affecting the data of its members and affiliates.<\/p>\n November 2021.<\/strong>\u00a0Hackers gained access to the FBI\u2019s Law Enforcement Enterprise Portal\u2014a system used to communicate to state and local officials\u2014and sent a warning of a cyberattack in an email claiming to be from the Department of Homeland Security (DHS).<\/p>\n November 2021.<\/strong>\u00a0The stock trading platform, Robinhood, disclosed a social engineering cyberattack that allowed a hacker to gain access to the personal information of around 7 million customers. The data included names, email addresses, and for some, data of birth, and zip codes. Following the breach, the hacker requested payment, presumably not to disclose the stolen data.<\/p>\n October 2021.\u00a0<\/strong>A Chinese-linked hacking group gained access to calling records and text messages from telecommunication carriers across the globe, according to a report from CrowdStrike. The report outlines the group began\u00a0its<\/span>\u00a0cyberattacks in 2016 and infiltrated at least 13 telecommunications networks.<\/p>\n October 2021.<\/strong><\/span>\u00a0A cyberattack\u00a0targeted the government-issued electronic cards Iranians use to buy subsidized fuel and altered the text of electronic billboards to display anti-regime messages against the Supreme Leader Ayatollah Ali Khamenei.<\/span><\/p>\n October 2021.<\/strong><\/span>\u00a0A group with ties to Iran attempted to hack over 250 Office 365 accounts. All the targeted accounts were either U.S. and Israeli defense technology companies, had a focus on Persian Gulf ports of entry, or maritime transportation companies with a presence in the Middle East.<\/span> October 2021<\/strong><\/span>. Hackers leaked data and photos from the Israeli Defense Ministry after gaining access to 165 servers and 254 websites, overall compiling around 11 terabytes of data.\u00a0<\/span><\/p>\n October 2021.\u00a0<\/strong><\/span>An American company announced that the Russian Foreign Intelligence Service (SVR) launched a campaign targeting resellers and other technology service providers that customize, deploy and manage cloud services.\u00a0<\/span><\/p>\n September 2021.<\/strong><\/span>\u00a0Chinese state-linked hackers targeted Afghan telecom provider Roshan and stole gigabytes of data from their corporate mail server over the past year.\u00a0<\/span><\/p>\n September 2021.<\/strong><\/span>\u00a0The EU formally blamed Russia for its involvement in the ‘Ghostwriter\u2019 cybercampaign, which targeted the elections and political systems of several member states. Since 2017, Russian operators hacked the social media accounts of government officials and news websites, with the goal of creating distrust in U.S. and NATO forces.\u00a0<\/span><\/p>\n September 2021.<\/strong><\/span>\u00a0Hackers obtained 15 TB of data from 8,000 organizations working with Israel-based company,\u00a0Voicenter\u00a0and offered the data online for $1.5 million. Some experts have stipulated the hackers have ties to Iran, but no link has been confirmed.\u00a0<\/span><\/p>\n September 2021.<\/strong><\/span>\u00a0The Lithuanian Defense Ministry found hidden features in popular 5G smartphone models manufactured in China, according to its state-run cybersecurity body. The module embedded in the phones detects and censors 449 keywords or groups of keywords that are counter to the message of the Chinese government.<\/span><\/p>\n September 2021.\u00a0<\/strong><\/span>Two hours after the vote opened for Hungary\u2019s opposition primary elections, the polling systems in electoral districts nationwide fell victim to a cyberattack. The actor responsible is still unknown, but the cyberattack led to the government extending voting by two days.\u00a0<\/span><\/p>\n September 2021.<\/strong><\/span>\u00a0The U.S. Department of Justice sentenced Ghaleb\u00a0Alaumary\u00a0to more than 11 years in prison for aiding North Korean cybercriminals in money laundering. His assistance included ATM cash-out operations, cyber-enabled bank heists, and business email compromise (BEC) schemes. These attacks targeted banks, professional soccer clubs, and other unnamed companies in the U.S. and U.K.\u00a0<\/span><\/p>\n September 2021.<\/strong><\/span>\u00a0A cyberattack against the United Nations occurred in April 2021, targeting users within the UN network to further long-term intelligence gathering. The hacker was able to access their networks through stolen user credentials purchased on the dark web.\u00a0\u00a0<\/span><\/p>\n September 2021.<\/strong><\/span>\u00a0The Norwegian Government stated a series of cyberattacks against private and state IT infrastructure came from bad actors sponsored by and operating from China. Their investigation of the hacks claims the actors attempted to capture classified information relating to Norway\u2019s national defense and security intelligence.\u00a0<\/span><\/p>\n September 2021.<\/strong><\/span>\u00a0Researchers and cybersecurity experts revealed a mobile espionage campaign against the Kurdish ethnic group. Hackers targeted individuals on Facebook, persuading them to download apps that contain Android backdoors utilized for espionage.\u00a0<\/span><\/p>\n September 2021.<\/strong><\/span>\u00a0In April 2020, Chinese bots swarmed the networks of the Australian government days after Australia called for an independent international probe into the origins of the coronavirus. These bots looked for potential vulnerabilities on the network to exploit in future cyberattacks.\u00a0\u00a0<\/span><\/p>\n August 2021.<\/strong><\/span>\u00a0A cyberattack on the government of Belarus compromised dozens of police and interior ministry databases.\u00a0The hack claims to be a part of an attempt to overthrow President Alexander Lukashenko\u2019s regime.\u00a0<\/span><\/p>\n August 2021<\/strong><\/span>.\u00a0A hacking group targeted a high-profile Iranian prison, uncovering documents, videos, and images\u00a0that\u00a0displayed the\u00a0violent treatment of\u00a0its\u00a0prisoners. The group claims to be hacktivists demanding the release of political prisoners.\u00a0<\/span><\/p>\n August 2021<\/strong><\/span>. A cyber-espionage group linked to one of Russia\u2019s intelligence forces targeted the Slovak government from February to July\u00a02021 through spear-fishing attempts.\u00a0<\/span><\/p>\n August 2021<\/strong><\/span>.\u00a0Russia targeted and blocked content on \u201csmart voting\u201d app created by Kremlin critic Alexei Navalny and his allies intended to organize voting against the Kremlin in next month’s parliamentary elections.<\/span><\/p>\n August 2021<\/strong><\/span>. Hacks initially attributed to Iran in 2019 and 2020 were found to be conducted by Chinese operatives. The\u00a0cyberattack\u00a0broke into computers across Israel\u2019s government and tech companies.<\/span><\/p>\n August 2021<\/strong><\/span>.\u00a0A cyberattack\u00a0on the\u00a0Covid-19 vaccine-scheduling website for the Italian region of Lazio\u00a0forced\u00a0the website to temporarily shut down.\u00a0New vaccination appointments were unable to be scheduled for several days after the attack.\u00a0<\/span><\/p>\n August 2021<\/strong><\/span>.\u00a0Various Chinese cyber-espionage groups are responsible for the hacks of at least five major Southeast Asian telecommunication providers beginning in 2017. The attacks were carried out by three different hacking groups and are seemingly unlinked despite all groups having a connection to Chinese espionage efforts.<\/span><\/p>\n July 2021.<\/strong><\/span>\u00a0Estonia stated a Tallinn-based hacker downloaded 286,438 ID photos from government database, exposing a vulnerability in a\u00a0platform\u00a0managed by their Information System Authority (RIA).\u00a0<\/span><\/p>\n July 2021<\/strong><\/span>.\u00a0A cyberattack\u00a0gained access to 1 terabyte of data from the Saudi Arabian Oil Company through a zero-day exploitation.\u00a0Hackers\u00a0are offering to delete the data in exchange for $50\u00a0million\u00a0in cryptocurrency.\u00a0<\/span><\/p>\n July 2021.<\/strong><\/span>\u00a0A widespread APT operation was discovered against users in Southeast Asia, believed to be spearheaded by Chinese entities.\u00a0Researchers found\u00a0a total of\u00a0100 victims in Myanmar and 1,400 in the Philippines, including many government entities.\u00a0<\/span><\/p>\n July 2021.<\/strong><\/span>\u00a0The United States, the European Union, NATO and other world powers released joint statements\u00a0condemning\u00a0the Chinese government for a series\u00a0of malicious cyber activities. They attributed responsibility to\u00a0China for the Microsoft Exchange hack\u00a0from\u00a0early 2021 and\u00a0the\u00a0compromise\u00a0of\u00a0more than 100,000 servers worldwide.<\/span><\/p>\n July 2021.<\/strong><\/span>\u00a0Transnet Port Terminals (TPT), South Africa\u2019s state-run ports operator and freight rail monopoly, had its rail services disrupted after a hack by unknown actors. Transnet reportedly declared it an act \u201cforce majeure.\u201d<\/span><\/p>\n July 2021.<\/strong><\/span>\u00a0Several countries used Pegasus, surveillance software created by NSO Group that targets iPhone and Android operating systems,\u00a0on devices belonging to activists, politicians, and journalists.<\/span><\/p>\n July 2021.<\/strong><\/span>\u00a0The FBI and the U.S. Cybersecurity and Infrastructure Security Agency (CISA)\u00a0released a statement exposing a spearfishing campaign by\u00a0Chinese state-sponsored hackers between 2011 and 2013. The campaign targeted oil and natural gas pipeline companies in the United States.\u00a0<\/span><\/p>\n July 2021<\/strong>.<\/strong><\/span>\u00a0Iran used Facebook accounts to pose as recruiters, journalists, and NGO affiliates,\u00a0targeting U.S. military personnel. The hackers sent malware-infected files or tricked targets into submitting sensitive credentials to phishing sites.<\/span><\/p>\n July 2021.<\/strong><\/span>\u00a0The Russian\u00a0defense\u00a0ministry claimed\u00a0it\u00a0was hit with a DDoS attack\u00a0that caused its website to\u00a0shut down, stating the attack came from outside the Russian Federation.<\/span><\/p>\n July 2021.\u00a0<\/strong><\/span>Norway attributed a March\u00a02021\u00a0cyberattack on parliament’s e-mail system\u00a0to China.<\/span><\/p>\n July 2021.\u00a0<\/strong><\/span>Iran\u2019s transport and urbanization ministry\u00a0was the victim of a\u00a0cyber attack\u00a0that impacted display boards at stations\u00a0throughout\u00a0the country. The attack\u00a0caused delays and cancellations of hundreds of trains across Iran.\u00a0<\/span><\/p>\n July 2021.<\/strong>\u00a0<\/strong><\/span>Russian hackers exploited a\u00a0vulnerability in Kaseya\u2019s<\/span>\u00a0virtual systems\/server administrator\u00a0(VSA) software allowing them\u00a0to deploy a ransomware attack on the network. The hack affected\u00a0around\u00a01,500 small and midsized businesses, with attackers asking for $70 million\u00a0in payment.\u00a0<\/span><\/p>\n July 2021.\u00a0<\/strong><\/span>The Ukranian Ministry of Defense claimed\u00a0its naval forces\u2019 website\u00a0was targeted by\u00a0Russian hackers who published fake reports about the international Sea Breeze-2021 military drills.\u00a0<\/span><\/p>\n June 2021.<\/strong><\/span>\u00a0Russia claimed that Vladimir Putin\u2019s annual phone-in session was targeted by DDoS attacks.<\/span><\/p>\n June 2021.\u00a0<\/strong><\/span>A Chinese-speaking hacking group spearheaded an ongoing espionage effort against the Afghan government through phishing emails. Hackers posed as the Office of the President of Afghanistan and targeted the Afghan National Security Council.<\/span><\/p>\n June 2021.\u00a0<\/strong><\/span>The Iranian government launched a widescale disinformation campaign, targeting WhatsApp groups, Telegram channels and messaging apps used by Israeli activists. The campaign aimed to advance political unrest and distrust in Israel.<\/span><\/p>\n June 2021.<\/strong><\/span>\u00a0Chinese actors targeted organizations, including Verizon and the Metropolitan Water District of Southern California using a platform used by numerous government agencies and companies for secure remote access to their networks.<\/span><\/p>\n June 2021.<\/strong><\/span>\u00a0Hackers linked to Russia\u2019s Foreign Intelligence Service installed malicious software on a Microsoft system that allowed hackers to gain access to accounts and contact information. The majority of the customers targeted were U.S. based, working for IT companies or the government.<\/span><\/p>\n June 2021.<\/strong><\/span>\u00a0The U.S. and British governments announced the Russian GRU\u00a0attempted a\u00a0series of brute force access against hundreds of\u00a0government\u00a0and private sector targets worldwide from 2019 to 2021,\u00a0targeting\u00a0organizations using Microsoft Office 365\u00ae cloud services.<\/span><\/p>\n June 2021.<\/strong><\/span>\u00a0United States Naval Institute (USNI) claimed the tracking data of two NATO ships, the U.K. Royal Navy\u2019s HMS Defender and the Royal Netherlands Navy\u2019s HNLMS Evertsen, was falsified off the coast of a Russian controlled naval base in the Black Sea. The faked data positioned the two warships at the entrance of a major Russian naval base.<\/span><\/p>\n June 2021.<\/strong><\/span>\u00a0A cyberattack reportedly from Russia\u00a0compromised the email inboxes\u00a0of more\u00a0than 30 prominent Polish officials, ministers and deputies of political parties,\u00a0and some journalists.<\/span><\/p>\n June 2021.\u00a0<\/strong><\/span>Sol\u00a0Oriens, a small government contractor that works for the Department of Energy on nuclear weapons issues, was attacked by the Russia-linked hacking group\u00a0REvil.<\/span><\/p>\n June 2021.<\/strong><\/span>\u00a0A spreadsheet was leaked containing classified personal details of the\u00a01,182\u00a0United Kingdom\u2019s Special Forces soldiers\u00a0on WhatsApp.\u00a0<\/span><\/p>\n June 2021.<\/strong><\/span>\u00a0A ransomware attack targeted\u00a0iConstituent, a newsletter service used by U.S. lawmakers to contact constituents.<\/span><\/p>\n June 2021.<\/strong><\/span>\u00a0Hackers working on behalf of Russian intelligence services are believed to have hacked Netherlands police internal network in 2017. The attack occurred during the country\u2019s\u00a0investigation of the Malaysia Airlines Flight 17 (MH17) that was shot down in 2014.<\/span><\/p>\n May 2021.<\/strong><\/span>\u00a0LineStar\u00a0Integrity Services, a pipeline-focused business, was hit by a ransomware attack the same time as the Colonial Pipeline, with 70 gigabytes of its internal files being stolen.<\/span><\/p>\n May 2021.<\/strong><\/span>\u00a0A North Korean cyberattack on South Korea’s state-run Korea Atomic Energy Research Institute (KAERI) occurred through a vulnerability in a vendor\u2019s VPN.\u00a0<\/span><\/p>\n
\n\u00a0\u00a0<\/span>
\nOctober 2021.<\/strong><\/span>\u00a0Brazilian hackers carried out a cyberattack on the National Malware Center website belonging to Indonesia\u2019s State Cyber and Password Agency. The hackers edited the contents of the webpage and indicated that the cyberattack was retribution for an Indonesian hack on the Brazilian state website.<\/span><\/p>\n