Blog

13 Jan 2023 | Asia Cyber Summary

In the spotlight this week:

  • Suspected State Hackers Hit Government, Military Targets in Southeast Asia
  • 1.7 TB of Data Stolen from Digital Intelligence Firm Cellebrite Leaked Online
  • Royal Mail Hit by Lockbit Ransomware Attack

Suspected State Hackers Hit Government, Military Targets in Southeast Asia

Cyber security professionals claim that a hacking campaign linked to an Asian government has compromised seven well-known targets in Europe and Southeast Asia, including government and military institutions. 

The newly identified hacker group, dubbed "Dark Pink", used phishing e-mail messages and advanced malware to compromise the defenses of military branches in the Philippines and Malaysia, as well as government organizations in Cambodia, Indonesia and Bosnia-Herzegovina, from September to December 2022. The hacking group had, in May, October, and November, respectively, targeted a Vietnamese leadership initiative run by the US State Department, the military of the Philippines, and the Ministry of Economy and Finance of Cambodia.

1.7 TB of Data Stolen from Digital Intelligence Firm Cellebrite Leaked Online

Israeli mobile forensics firm Cellebrite has had 1.7 TB of data stolen and leaked online. Cellebrite is a digital intelligence company that provides tools for law enforcement and intelligence agencies worldwide. Cellebrite is more commonly known for its Universal Forensic Extraction Device (UFED), which has been used by law enforcement and intelligence agencies to unlock and access data on mobile devices. Hacktivists have argued that the tools have been unethically used to spy on journalists, activists, and dissidents around the world. 

In turn, Cellebrite’s human rights activist has remarked that the company has the responsibility to carry out due diligence on government clients and monitor misuse of its technology, which has subsequently caused the company to be a target of activists and whistleblowers.  

Royal Mail Hit by Lockbit Ransomware Attack

Royal Mail’s overseas deliveries have been hit by a Lockbit ransomware attack. The cyber attack has affected computer systems responsible for dispatching deliveries abroad and tracking overseas deliveries. These systems were in use at six of its sites, including the Royal Mail’s Heathrow distribution center in Slough, as well as its Bristol site. Ransomware attacks have been a persistent and pervasive threat to organizations worldwide, with attacks happening on a near-daily basis. However, Royal Mail’s situation is highly significant, as this particular attack affects the critical national infrastructure of the UK, unlike most of the other attacks, where attacks are targeted at one company and its customers. 

Other Articles
Subscribe to newsletter

to receive Blackpanda thought leadership, webinar invitations, and cyber intelligence direct to your inbox.

By subscribing you agree to with our Privacy Policy.

Trusted by the best to defend against and respond to cyber crises.

See our partners