In the Spotlight this Week:
- Pro-China Group Attacks US Rare Earths Plant In Fake Social Media Posts
- New Information on Chinese Threat Group Bronze Starlight Uncovered
- North Korean Hackers Suspected in USD 100 Million Harmony Heist
- How the Russian Invasion of Ukraine has Transformed Cyber Security Globally
- Securing the Digital Realm: Building Cyber Resilience in Singapore
A pro-Chinese government group has launched a cyber campaign against a Rare Earths refinery in the US, as Washington tries to boost self-sufficiency in critical minerals. The group, known as Dragonbridge, used fake Facebook and Twitter accounts to make claims that the refinery would “expose the area to irreversible environmental damage” and “radioactive contamination”.
As diplomatic and trade relations between the US and Beijing have been deteriorating in recent years, the US and its allies in Europe and Asia are working towards building supply chains that would bypass China for critical minerals such as lithium, rare earths and cobalt. At present, China dominates the market in terms of processing these minerals, which are crucial in producing renewable energy technology, electric vehicles, and high-tech military equipment.
Cybersecurity researchers have detailed new information on Chinese threat group Bronze Starlight and how they currently utilize targeted ransomware to initiate complicated attacks and cyber espionage.
Bronze Starlight exploits known vulnerabilities in network perimeter devices for which patches are available. Subsequently, HUI Loader is deployed to decrypt and execute a Cobalt Strike Beacon for control and command of a system before ransomware is deployed and sensitive data is exfiltrated from the victim’s network.
The Lazarus Group, a North Korean hacking group, is suspected of conducting a USD 100 million heist on California blockchain firm, Harmony, which tracks stolen cryptocurrency. Harmony has confirmed that its platform, Horizon Bridge, which allows cryptocurrency to move across different blockchain platforms, had been hacked last week. The hackers had targeted login credentials of Harmony employees in the Asia Pacific to break into the platform.
This attack highlights vulnerabilities in so-called cryptocurrency bridges, which are often seen as solutions to the inoperability of some blockchains and virtual currencies.
Russia’s brutal invasion of Ukraine has transformed the context of cyber security globally, with civilians lives being put in jeopardy due to cyber threats. Such a move has various implications. On a more macro scale, such use of technology developed by authoritarian governments has the potential to be used passively to influence and limit the choices of people in democratic countries. Therefore it is imperative that nations around the world improve on their cyber security postures especially in the following four areas:
- Securing critical infrastructure to protect national decision-making and making software more secure;
- Working with partners to prepare for cyber incidents before they happen, including expanding cyber resources aid to allies as was done in Ukraine;
- Reinforcing norms of enforceable cyber, including at the UN and a 36-nation counter-ransomware initiative;
- Implementing the Department of Defense’s “defend forward” approach of holding state and non-state actors responsible for attacks, just like in the physical world.
With an upward trend of cyber crime, the Singapore Government has included digital security as part of its Smart Nation 2022 initiatives. This is in line with Singapore’s vision of becoming a world-class, tech-driven city-state. The Smart Nation initiative was established to achieve this by harnessing IT, networks, and big data to create tech-enabled solutions.
As such, it is crucial that organizations place importance on safeguarding the digital realm and developing solutions to prevent cybercrime. These include predicting and preventing cyber attacks, securing online transactions, and strengthening web protection amongst other things.