Last Updated on September 23, 2020

It’s time to publish the second timeline of July covering the main cyber attacks occurred in the second half of the same month. A timeline where I have collected 86 events (including 6 occurred outside the considered interval), which is a value substantially in line with the previous list (89).

Unsurprisingly, ransomware continues to dominate the threat landscape with 19 events (corresponding to roughly 22% of the total), while COVID-themed campaigns are progressively losing momentum (just 2 events). However an old trend re-emerged in the second half of July, and it’s the occurrence of multiple mega-breaches (targeting primarily startups) fueled by a threat actor calling themselves ShinyHunters.

Double extortion attacks are now the new normal, and are now the modus operandi adopted by every ransomware gang (such as REvil, Netwalker, WastedLocker, Ragnarlocker, and Nefilim). Unfortunately the list of high-profile targets hit by these attacks continues to grow and this fortnight is no exception.

And even if COVID-themed attacks are decreasing, the rush to the vaccine remains a hot front for cyber espionage. It’s no coincidence that the UK National Cyber Security Centre issued an alert on the malicious activities of an old acquaintance: APT 29 (AKA Cozy Bear). Despite the most important event regarding cyber espionage, that’s not the only one: APT 28 (AKA Fancy Bear), OilRig, Hidden Cobra (AKA the Lazarus Group that, by the way, also started to launch ransomware attacks) are well-known names populating the list.

But even the Cyber Warfare front has some interesting surprises: two cyber attacks against agricultural water pumps in Israel, and the discovery of operation Ghostwriter, a widespread long-lasting influence campaign (allegedly orchestrated by Russia), leveraging compromised websites to discredit the NATO.

As usual, it’s impossible to summarize everything in a few lines: the details of each event are in the timeline, so feel free to share it to support my work and spread the risk awareness across the community. And don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.