Cyber Insights • May 2024

Dreamlab Technologies presents to you our brand new ‘Cyber Insights’ newsletter – an expert analysis of the latest developments in the cyber domain across the globe. The cyber world is a world full of opportunities, but unfortunately faces new and emerging threats every day. This newsletter contains insights and trends in cybersecurity and emerging technologies that will help you stay informed regarding the threats and challenges in today's rapidly evolving digital world. It also comes with a brief analysis of the cybersecurity events from a geo-political perspective. In the evolving geo-political dynamics today, cyber-security is increasingly being prioritised by countries worldwide. Stronger cyber defence capabilities, higher investments in cybersecurity budgets and facilitating cyber policy dialogues are some of the new trends observed in the global geo-politics. The concise content in this paper provides a glimpse into this global scenario concerning the cyberspace. It is easy to read and can help promote awareness regarding best cybersecurity practices and safeguard our digital lives.

Inside this issue:

  • Apple warns global users of spyware; BlackBerry notes LightSpy in South Asia

  • CISA announces new release of Malware Next-Gen analysis system

  • EU Data Protection Body opposes ‘consent or pay’ model of large online platforms

  • Russia-backed Sandworm elevated to APT44, posing a major threat to Ukraine

  • Australian regulators criticise tech titans over defying legal orders

In this edition, we examine the cautionary warning issued by Apple to iPhone users across the world about mercenary spyware attacks targeting devices of specific individuals, likely due to their identity or occupation. These attacks are complex in nature and exceptionally costly, often hard to detect and prevent. Post the warning, Blackberry noted the resurgence of LightSpy in South Asia, a spyware capable of sophisticated attacks on the victim’s device, with operational servers located in China, Singapore, and Russia. These events underscore the need for enhanced cybersecurity measures, and data security due to the growing complexity of cyberattacks. We also look at the guidance issued by Apple for all users regarding best cybersecurity practices to combat such attacks.

Next, we dive into the new release of ‘Malware Next-Gen’ by the Cybersecurity and Infrastructure Security Agency (CISA), which is a malware analysis system to help organisations and citizens in the US get samples of malware analysed. The system would provide crucial intelligence for cyber defence efforts aiming to further enhance threat detection and response capabilities and bolstering the overall national cybersecurity.

In Europe, we review the European Data Protection Board’s opposition to the ‘consent or pay’ model of large online platforms stating its non-compliance with EU data privacy rules. The business model gives users a choice between either allowing processing of data to enjoy free services or paying for the services, no other alternative. The board’s stance emphasises the importance of data privacy and user rights, highlighting the region’s commitment to safeguarding individual privacy in the face of emerging business models.

Next, we investigate the Russia-backed Sandworm cyber threat group, which was reportedly elevated to APT44, an Advanced Persistent Threat (APT) level by Google’s Mandiant, indicating its increasing sophistication and threat level. The report assesses the role of the group in shaping Russia’s military objectives and wider national interests. Mandiant’s report on the issue raises concerns about state-sponsored cyber warfare, interference of threat groups in democratic processes and the potential impact on worldwide elections this year.

And across Oceania, Australian regulators criticise tech companies for irresponsible handling of content related to a violent stabbing incident in Sydney. The video of the incident was widely circulated on social media prompting the authorities to issue notices to companies seeking its removal. While most companies have complied with the notice, some like X Corp. refused, arguing that it violated free speech. We review the ongoing issue that reflects the broader geopolitical trend where governments across the world are grappling with the regulation of tech giants and ensuring compliance of legal orders.

Discover more and explore the captivating stories, by downloading a copy of ‘Cyber Insights’ below.




Cyber Insights • May 2024

All blog posts