It has been an interesting month in the cyber world. We know it has been incredibly busy, but a limited number of incidents are breaking the “media-surface”. We continue to monitor the fallout from the BlackCat / LockBit takedowns, we take a keen interest in international developments, and we proudly launch our latest “Cross Examining Cyber” podcast, with Bill Siegel, CEO and Co-Founder of Coveware. There’s a bit in here, but we’ve collated the key stories so you don’t have to…
- The game of whack-a-mole continues with BlackCat and LockBit, and many in the media have continued to comment on the various take-down efforts by law enforcement. It looks like positive progress has been made by law enforcement and the efforts in this space are starting to bear fruit.
- Australia’s new National Cyber Security Coordinator, Lieutenant General Michelle McGuinness, flagged in a recent speech the nation’s new campaign to change community behaviour and mitigate against a culture of underreporting cybercrime.
- The UN General Assembly approved the first resolution on artificial intelligence which promotes the “safe, secure and trustworthy” use of AI. This is an important step in ensuring the global community has the opportunity to fully participate in AI’s development, and it’s promising that the resolution is binding on every UN member state. Read the resolution here.
- The EU has strengthened their cyber resilience with its Cyber Solidarity Act, which features cross-sector incident reporting and joint response initiatives to optimise preparedness. It’ll be interesting to see whether the Federal Government adopts a similar model as they continue along with their precautionary and risk-based approach to legislating cyber.
- The US government has set aside over US$27 billion to spend on cybersecurity as part of its 2025 budget. This comes as no surprising against the backdrop of several executive orders being signed to counteract mounting cyber threats, while the White House also double downed with warnings about Chinese-backed threat actors. Australia’s Foreign Affairs Minister Penny Wong issued a joint statement with Home Affairs Minister Clare O’Neil backing US allegations against China too.
- We have seen a lot of media relating to the activities of different threat actors, including those linked with China. Chinese-linked hackers are suspected of hacking Taiwan’s largest telco two months after claims were made that Chinese threat actors conducted cyber espionage in an attempt to derail Taiwan’s recent elections. A former software engineer at Google was also charged with stealing Google’s AI trade secrets and transferring them to two Chinese companies.
- With that in mind, the Chinese-backed Volt Typhoon threat actor has ascended to become one the most prolific and aggressive adversary groups of 2024, with a new advisory released by the Five Eyes intelligence alliance. The group was also called out by Hamish Hansford, Deputy Secretary of the Cyber and Infrastructure Group, as targeting critical infrastructure providers, suggesting their campaigns may be part of a wider espionage policy of the Chinese government.
- The BlackBasta hacking group claimed to be in possession of over 700 gigabytes of data belonging to twelve Australian companies. The group has already been cited as walking away with over US$100 million since emerging in 2022, and it seems that they’ll remain just as active in Australia moving forward.
- The US Cybersecurity and Infrastructure Security Agency was hacked by an unidentified hacker, and the TA4903 adversary group has been uncovered as impersonating several US government entities to launch business email compromise attacks. Both of these serve as a reminder that even our government departments are not immune to cyberattacks.
- Finally, Mimecast published its report on ‘The State of Email and Collaboration Security 2024’ which addresses key issues relating to human risk and the effects poor security training can have on businesses of all sizes.
For further information, please contact:
Cameron Whittfield, Partner, Herbert Smith Freehills
cameron.whittfield@hsf.com
