Google continues to report an increase in malicious activities as China's People's Liberation Army Strategic Support Force (PLA SSF) is targeting Russian government agencies.
Google's Threat Analysis Organization (TAG) recently released another blog post about its efforts to protect internet users around the world. TAG stated that they are closely monitoring the ongoing situation in Eastern Europe.
However, as stated by TAG, "Government-backed actors from China, Iran, North Korea and Russia, as well as various unattributed groups, have used various Ukraine war-related themes in an effort to get targets to open malicious emails or click malicious links."
Google's Threat Analysis Group
Google's TAG has witnessed an increase in the number of threat actors who are using the war as a lure in phishing and malware activities, which was previously reported to be on the rise since last March.
Corresponding to previous reports, the team has found that threat actors are increasingly targeting vital infrastructure entities, such as oil and gas, telecommunications, government agencies, and manufacturing facilities.
Current events are also being used as a tool by financially motivated and criminal threat actors to attract the attention of consumers.
The ongoing onslaught between Russia and Ukraine continues to be used as a tool by financially motivated and criminal threat actors to attract the attention of consumers. For example, one actor is imitating military soldiers in order to extort money from people who want to help their relatives who are trapped in Ukraine. Aside from that, TAG has continued to monitor many ransomware brokers who are continuing to operate in the normal course of business.
According to Bleeping Computer, Google TAG Security Engineer Billy Leonard stated, "In Russia, long-running campaigns against multiple government organizations have continued, including the Ministry of Foreign Affairs."
During the previous week, TAG discovered new vulnerabilities affecting a number of Russian defense contractors and manufacturers, as well as a Russian logistics company.
In the same report, cybersecurity company Secureworks reported that Mustang Panda, another Chinese-backed state malicious hacker group, has been seen targeting officials or military individuals familiar with the region.
Today's report is an update from TAG's blog post on tracking cyber activity in Europe, which came out in March. This is where Google's team first announced that Russian-state-backed hacker groups were behind a lot of phishing attacks against NATO and the European military.
In the first published report of TAG, from early March, harmful activities linked to Russia's war in Ukraine revealed that Russian, Chinese, and Belarusian government hackers are continuing their efforts to infiltrate Ukrainian and European organizations and officials.
Google Protection and Safety
Google's team continues to work around the clock, with a particular emphasis on the safety and security of our users, as well as the platforms that allow them to access and exchange critical information.
Taking action, identifying threat actors, and sharing important information with others across industry and governments will continue to be the priorities of the company. With the common goal of raising awareness of these concerns, protecting users, and avoiding further assaults,
While the situation between Ukraine and Russia is still ongoing, Google is also maintaining a high level of vigilance with hackers throughout the world to ensure that they do not take advantage of the current events.
Furthermore, Google recommends any possible targets to enable Google Account Level Enhanced Safe Browsing and to make sure that all of their devices are up-to-date with the latest Google Chrome version.
Related Article: New Ransomware Gang 'Black Basta' Emerges - Here's How To Fight Them