In the face of ongoing cyber attacks against national governments, it’s clear that ineffective
cyber security measures can impact a country’s military defenses, economic health, critical
infrastructure, and foreign policy. And this trend is showing little sign of abating.
One of the most egregious cyber attacks acknowledged by the US Government is the recent
SolarWinds attack that breached nine federal agencies. Attackers stole information related
to intelligence investigations, sanctions on Russian citizens, responses to COVID-19, and
more. This attack exploited weaknesses in SolarWinds and Microsoft Office 365 software.
It’s speculated that ‘Havana Syndrome’ attacks on key US and Canadian diplomats are
being fueled by “advance knowledge of US official trips and the locations of US diplomats
and intelligence agents.” Additionally, it’s possible that this sensitive information could be
leaking from government emails and calendars served from government data centers and
Office 365 in the cloud. Adversaries could be using compromised smartphones as tracking
devices to spy on meetings through smartphones’ microphones and cameras.
The U.S. government isn’t alone.
Threat actors compromised the French government’s visa system exposing the nationalities,
birth dates, passport numbers and other personal information of people who applied for
French visas. Cyber attacks in France have increased fourfold within a year. Likewise,
Japanese government agencies suffered data breaches when threat actors compromised
Fujitsu’s “ProjectWEB” cloud-based (SaaS) information sharing tool. Attacks on governments
around the world are increasing.
Download the full text here.