Tag Archives: state sponsored cyber attacks

Analyzing the Rise of State Sponsored Cyber Attacks

Explore the global impact of state-sponsored cyber attacks through a detailed timeline of significant incidents since January 2023.

A Timeline & Global Impact of State-Sponsored Cyber Attacks: 

State-sponsored cyber attacks have become an increasingly prevalent threat in recent years. These attacks are often carried out by nation-states seeking to gain an advantage over their geopolitical rivals, whether by stealing sensitive information or disrupting critical infrastructure. Analyzing the rise of state-sponsored cyber attacks is a complex task that requires a deep understanding of the geopolitical landscape and the motivations of nation-states.

 It is important for governments and private organizations alike to invest in cybersecurity measures that can mitigate the risk of state-sponsored cyber attacks. This includes measures such as network segmentation, access controls, and regular security assessments.

Analyzing the Escalation of State-Sponsored Cyber Attacks:

The increasing prevalence of such attacks can be attributed to several factors. Firstly, the rapid digitization of essential infrastructure has amplified its susceptibility to cyber intrusions. Secondly, the emergence of sophisticated hacking collectives backed by nation-states has facilitated large-scale cyber offensive operations. Thirdly, the inherent anonymity of cyberspace impedes accountability, allowing malicious actors to operate with relative impunity. With actors increasingly targeting critical infrastructures, this has led to a doubling of such attacks over the past two years, costing organizations an estimated $1.6 million per incident. The threat landscape is evolving, particularly with the integration of cyber warfare in geopolitical conflicts like the Russo-Ukrainian war.

Nation-state actors are well-funded and highly skilled, primarily targeting government, military, think tanks, universities, and critical infrastructure providers. The impact of state-sponsored cyber attacks extends even further, hitting various sectors, such as healthcare, telecommunications, and defense, causing financial losses and intellectual property theft. These attacks have also blurred the lines between APTs and cybercrime, with state-backed groups engaging in cybercriminal activities for profit.

Below I’ve outlined a timeline of notable significant cyber incidents that have unfolded since January 2023, focusing on assaults targeting government bodies, defense organizations, high-tech enterprises, and economic crimes resulting in losses exceeding a million dollars. In this rapidly evolving landscape of cyber warfare and data breaches, this timeline provides a glimpse into the persistent and evolving threats that shape the world we live in today. If you’re interested in reading all of these events since 2006, read on here.

Timeline of Significant Cyber Incidents in 2023:

  • January 2023:

    • CISA, the NSA, and the Multi-State Information Sharing and Analysis Center release a joint advisory warning of an increase in hacks on the federal civilian executive branch utilizing remote access software.

    • Russia-linked hackers deploy a ransomware attack against the UK postal service, the Royal Mail.

    • Iran-linked hackers execute ransomware attacks and exfiltrate data from U.S. public infrastructure and private Australian organizations.

    • Hackers use ransomware to encrypt 12 servers at Costa Rica’s Ministry of Public Works.

    • Albanian officials report that its government servers were still near-daily targets of cyber-attacks after a major attack linked to Iranian hackers in 2022.

    • Hackers targeted Asia Pacific networks, using malware to access confidential data and captured audio from victim machines.

    • Malevolent actors distributed over a thousand emails with harmful links to government accounts in Moldova.

  • February 2023:

    • A pro-Russian hacker group claimed a DDoS attack on NATO networks, disrupting communications with earthquake relief airplanes at a Turkish airbase and temporarily disabling NATO’s sites.

    • North Korean hacking group conducted a covert espionage campaign between August and November 2022. They targeted various sectors, exfiltrating 100MB+ of data from each victim without detection. This group is linked to the North Korean government.

    • Latvian officials claim that Russian hackers launched a phishing campaign against its Ministry of Defense.

    • Iranian hacktivists claim responsibility for taking down websites for the Bahrain international airport and state news agency.

    • In a ransomware attack on Technion University, Israel’s leading technology education program, hackers demanded 80 bitcoin (equivalent to $1.7 million USD) to decrypt the university’s files. Israeli cybersecurity authorities attributed the attack to Iranian state-sponsored hackers.

    • Hackers disabled Italy’s Revenue Agency website and sent phishing emails to users, leading them to a fake login page resembling the official site.

    • Chinese cyberespionage hackers perform a spear-phishing campaign against government and public sector organizations in Asia and Europe. The emails

  • March 2023:

    • Russian hackers bring down the French National Assembly’s website using a DDoS attack.

    • CISA and FBI revealed that a U.S. federal agency was subjected to a cyberespionage campaign between November 2022 and January 2023. The hackers exploited a vulnerability in the agency’s Microsoft Internet Information Services (IIS) server to implant malware.

    • South Asian hacking group targets firms in China’s nuclear energy industry.

    • North Korean hackers target U.S.-based cybersecurity research firms.

    • Chinese cyber espionage group targets government entities in Vietnam, Thailand, and Indonesia.

    • Russian hackers launch social engineering campaigns targeting U.S. and European politicians, businesspeople, and celebrities.

    • Slovakian cybersecurity researchers discover a new exploit from a Chinese espionage group targeting political organizations in Taiwan and Ukraine.

    • Poland blames Russian hackers for a DDoS attack on its official tax service website.

  • April 2023:

    • Sudan-linked hackers conduct a DDoS attack on Israel’s Independence Day.

    • NSA cyber authorities report evidence of Russian ransomware and supply chain attacks against Ukraine and other European countries.

    • Iranian state-linked hackers target critical infrastructure in the U.S. and other countries.

    • Recorded Future releases a report revealing data exfiltration attacks against South Korean research and academic institutions.

    • Chinese hackers target telecommunication services providers in Africa.

    • Russia-linked threat group launches a DDoS attack against Canadian Prime Minister Justin Trudeau.

    • North Korea-linked hackers shift focus to espionage targeting defense industry firms in Eastern Europe and Africa.

    • Ukraine-linked hacktivists target the email of Russian GRU Unit26165’s leader.

  • May 2023:

    • Belgium’s cyber security agency links China-sponsored hackers to a spearfishing attack on a prominent politician.

    • Chinese hackers breach communications networks at a U.S. outpost in Guam.

    • Chinese hackers target Kenyan government ministries and state institutions.

    • Russia-linked hackers target government organizations in Central Asia.

    • Unidentified group hacks targets in both Russia and Ukraine for surveillance and data gathering.

  • June 2023:

    • Alleged group tied to private military corporation Wagner hacks a Russian satellite telecommunications provider.

    • Pakistani-based hacker group infiltrates the Indian army and education sector.

    • Pro-Russian hacktivists attack European banking institutions, including the European Investment Bank.

    • U.S. federal government agencies, including Department of Energy entities, breached in a global cyberattack by Russian-linked hackers.

    • Illinois hospital closes due to a ransomware attack.

    • Pro-Russian hackers target Swiss government websites, including those for Parliament and the federal administration.

    • North Korean hackers impersonate tech workers to steal funds for ballistic missiles program.

    • Ukrainian hackers attack a Russian telecom firm providing critical infrastructure to the Russian banking system.

    • Russia’s Federal Security Services allege Apple worked with US intelligence agencies to hack iPhones belonging to Russian users and foreign diplomats.

  • July 2023:

    • China claims an earthquake monitoring system in Wuhan was hacked by U.S. cybercriminals.

    • Kenyan eCitizen service disrupted by pro-Russian cybercriminals.

    • Russian-linked hackers target Ukrainian state services like the app “Diia.”

    • DDoS attack on the Ministry of Justice in Trinidad and Tobago disrupts court operations.

    • New Zealand’s parliament hit by a cyberattack from a Russian hacking group.

    • Russian hackers target twelve government ministries in Norway to gain access to sensitive information.

    • A South Korean government-affiliated institution falls victim to a phishing scandal.

    • Chinese-linked hackers infect a Pakistani government app with malware.

    • Chinese hackers breach emails of several prominent U.S. government employees.

    • Russian hackers target attendees of the latest NATO Summit in Vilnius.

    • Polish diplomat’s advertisement corrupted by Russian hackers to target Ukrainian diplomats.

  • August 2023:

    • Russian hacktivists launch DDoS attacks on Czech banks and the stock exchange, demanding they stop supporting Ukraine.

    • Unnamed hackers take down X (formerly Twitter) in several countries, demanding Starlink be opened in Sudan.

    • Cybercriminals sell a stolen dataset from China’s Ministry of State Security, compromising personal information for half a billion Chinese citizens.

    • Russian hacktivists launch DDoS attacks on Polish government websites, the Warsaw Stock Exchange, and Polish national banks.

    • Russian hackers disable Poland’s rail systems and transmit propaganda during the attack.

    • Chinese hackers target a U.S. military procurement system and Taiwan-based organizations.

    • Ukrainian hackers breach a senior Russian politician’s email and leak sensitive documents connecting him to illegal activities.

    • Ecuador’s national election agency faces cyberattacks during the latest election.

    • Suspected North Korean hackers attempt to compromise a joint U.S.-South Korean military exercise.

    • Bangladesh shuts down central bank and election commission websites to prevent cyberattacks.

    • Belarusian hackers target foreign embassies with disguised malware.

    • Chinese hackers obtain personal and political emails of a U.S. Congressman.

    • Iranian cyber spies target dissidents in Germany using false digital personas and credential harvesting.

    • Ukrainian hackers uncover Russian attempts to deploy custom malware against Starlink satellites.

    • Russian hackers launch a ransomware attack against a Canadian government service provider.

    • Canadian politician targeted by a Chinese disinformation campaign on WeChat.

    • Canadian government accuses a highly sophisticated Chinese state-sponsored actor of hacking a federal scientific research agency.

    • Russia’s military intelligence service attempts to hack Ukrainian Armed Forces’ combat information systems.

    • Russian hackers breach the UK’s Electoral Commission network.

    • North Korean hackers breach a Russian missile developer’s computer system.

The diverse array of targets, from critical infrastructures to government bodies, reveals a tumultuous digital landscape. To fortify our digital defenses against the onslaught of nation-state cyber activities, it is crucial that we advance technological innovation, foster international cooperation, and cultivate a culture of cybersecurity awareness.

Supply Chain Risk Monitoring as a Service
Join us today
Supply Chain Risk Monitoring as a Service
Join us today

Let's Tackle Compliance Together

Waitlist signup

Welcome to Findings

Let's go over some details to setup your tailor-made account

Please fill your details below and click "Next" to create your account:


$10 / Month
$10 / Month
$25 / Month
Integrated Apps
Join today and scan ALL YOUR VENDORS for FREE*
* FREE VENDOR SCAN for all of your vendors during your first month.
$25 / Month
$200 / Month*
Contact Us
Free vendors scan for 1 month
Findings search engine
Rapid security and compliance profile
Profile/showcase engagements per year
Multi/unlimited showcase use cases
Showcase compliance badge for your website
Best practice self-assessment
1 Findings or 1 BYOC
Assessment response automation
Personalizable, branded security & compliance showcase page
File/evidence repository
Out-of-the-box TPRM
20 vendors +
20 rating scans
50 vendors +
50 rating scans
Priority via Phone / Email
Internal Workflows (SO/BO)
Onboarding and customization account setup
*Price for every 40 engagements
Automate assessment response and showcase your cybersecurity posture
Supply Chain Risk Monitoring as a Service
Join us today

Thank you for signing up!

Supply Chain Risk Monitoring as a Service
Join us today

Thank you for signing up!